Google has integrated OSV-SCALIBR features into OSV-Scanner, its free vulnerability scanner for open source developers.
The post Google Releases Major Update for Open Source Vulnerability Scanner appeared first on SecurityWeek.
Popular GitHub Action Targeted in Supply Chain Attack
The tj-actions/changed-files GitHub Action, which is used in 23,000 repositories, has been targeted in a supply chain attack.
The post Popular GitHub Action Targeted in Supply Chain Attack appeared first on SecurityWeek.
Sola Security Deposits Hefty $30M Seed Funding
The financing was provided by S Capital and investor Mike Moritz, S32, Glilot Capital Partners, and several angel investors.
The post Sola Security Deposits Hefty $30M Seed Funding appeared first on SecurityWeek.
OpenSSF Releases Security Baseline for Open Source Projects
The Open Source Security Foundation (OpenSSF) has created a structured set of security requirements for open source projects.
The post OpenSSF Releases Security Baseline for Open Source Projects appeared first on SecurityWeek.
Semgrep Raises $100M for AI-Powered Code Security Platform
San Francisco application security startup raises $100 million in a Series D funding round led by Menlo Ventures.
The post Semgrep Raises $100M for AI-Powered Code Security Platform appeared first on SecurityWeek.
How Agentic AI will be Weaponized for Social Engineering Attacks
With each passing year, social engineering attacks are becoming bigger and bolder thanks to rapid advancements in artificial intelligence.
The post How Agentic AI will be Weaponized for Social Engineering Attacks appeared first on SecurityWeek.
Abandoned Amazon S3 Buckets Enabled Attacks Against Governments, Big Firms
150 abandoned Amazon S3 buckets could have been leveraged to deliver malware or backdoors to governments and Fortune companies.
The post Abandoned Amazon S3 Buckets Enabled Attacks Against Governments, Big Firms appeared first on SecurityWeek.
Oligo Raises $50M to Tackle Application Detection and Response
Oligo Security has raised $50 million in Series B funding for its application detection and response (ADR) platform.
The post Oligo Raises $50M to Tackle Application Detection and Response appeared first on SecurityWeek.
Endor Labs and Allies Launch Opengrep, Reviving True OSS for SAST
Opengrep is a new consortium-backed fork of Semgrep, intended to be and remain a true genuine OSS SAST tool.
The post Endor Labs and Allies Launch Opengrep, Reviving True OSS for SAST appeared first on SecurityWeek.
DefectDojo Raises $7 Million for Application Security Platform
Application security and vulnerability management platform DefectDojo has raised $7 million in Series A funding.
The post DefectDojo Raises $7 Million for Application Security Platform appeared first on SecurityWeek.
