GitHub

GitHub Copilot CLI gets a second-opinion feature built on cross-model review

Artificial Intelligence, GitHub, Microsoft, News /

GitHub Copilot CLI gets a second-opinion feature built on cross-model review 2026-04-07 at 12:56 By Anamarija Pogorelec Coding agents make decisions in sequence: a plan is drafted, implemented, then tested. Any error introduced early compounds as subsequent steps build on the same flawed assumption. Self-reflection is a recognized mitigation technique, and one GitHub Copilot already […]

GitHub Copilot CLI gets a second-opinion feature built on cross-model review Read More »

Microsoft releases open-source toolkit to govern autonomous AI agents

agentic AI, cybersecurity, Don't miss, GitHub, Microsoft, News, open source, software /

Microsoft releases open-source toolkit to govern autonomous AI agents 2026-04-03 at 08:39 By Anamarija Pogorelec AI agents can book travel, execute financial transactions, write and run code, and manage infrastructure without human intervention at each step. Frameworks like LangChain, AutoGen, CrewAI, and Azure AI Foundry Agent Service have made this kind of autonomy straightforward to

Microsoft releases open-source toolkit to govern autonomous AI agents Read More »

Rspamd 4.0.0 ships memory savings, a new scan protocol, and a required migration step

GitHub, News, open source, software, spam /

Rspamd 4.0.0 ships memory savings, a new scan protocol, and a required migration step 2026-03-31 at 15:43 By Sinisa Markovic The open-source spam filtering platform Rspamd released version 4.0.0, delivering infrastructure changes across its scan protocol, memory model, hash storage, and configuration system. Several of the changes are breaking, and at least one requires a

Rspamd 4.0.0 ships memory savings, a new scan protocol, and a required migration step Read More »

Intel puts its data center performance knowledge on GitHub

chip, data center, DevOps, GitHub, hardware, Intel, News, open source /

Intel puts its data center performance knowledge on GitHub 2026-03-31 at 15:43 By Anamarija Pogorelec Intel engineers have published a centralized repository of data center performance knowledge on GitHub, giving practitioners direct access to tuning guides, configuration recommendations, and optimization recipes that previously required hunting across forums and scattered documentation. The repository, called Optimization Zone,

Intel puts its data center performance knowledge on GitHub Read More »

Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise 

AI, Artificial Intelligence, Codex, GitHub, OpenAI, Vulnerabilities, vulnerability /

Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise  2026-03-31 at 11:21 By Kevin Townsend Researchers found an OpenAI Codex vulnerability that could have been exploited to compromise GitHub tokens. The post Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise  Read More »

Hottest cybersecurity open-source tools of the month: March 2026

cybersecurity, GitHub, News, open source, software /

Hottest cybersecurity open-source tools of the month: March 2026 2026-03-31 at 07:37 By Anamarija Pogorelec Presented here is a curated selection of noteworthy open-source cybersecurity solutions that have drawn recognition for their ability to enhance security postures across diverse settings. BlacksmithAI: Open-source AI-powered penetration testing framework BlacksmithAI is an open-source penetration testing framework that uses

Hottest cybersecurity open-source tools of the month: March 2026 Read More »

ShipSec Studio brings open-source workflow orchestration to security operations

Don't miss, GitHub, Hot stuff, News, open source, security operations, software /

ShipSec Studio brings open-source workflow orchestration to security operations 2026-03-30 at 08:04 By Anamarija Pogorelec Security teams have long relied on a mix of shell scripts, cron jobs, and loosely connected tools to chain reconnaissance and vulnerability scanning work together. ShipSec Studio, an open-source security workflow automation platform from ShipSec AI, aims to replace that

ShipSec Studio brings open-source workflow orchestration to security operations Read More »

AI frenzy feeds credential chaos, secrets leak through code, tools, and infrastructure

Artificial Intelligence, code, credentials, cybersecurity, Data leak, GitGuardian, GitHub, News, report, software development /

AI frenzy feeds credential chaos, secrets leak through code, tools, and infrastructure 2026-03-27 at 20:33 By Anamarija Pogorelec Code keeps moving through pipelines, and credentials continue to surface alongside it. GitGuardian’s State of Secrets Sprawl 2026 puts the count at 28.65 million new hardcoded secrets in public GitHub commits in 2025, extending a multi-year rise

AI frenzy feeds credential chaos, secrets leak through code, tools, and infrastructure Read More »

GitHub jumps on the bandwagon and will use your data to train AI

Artificial Intelligence, GitHub, News, Privacy, training /

GitHub jumps on the bandwagon and will use your data to train AI 2026-03-26 at 15:52 By Anamarija Pogorelec GitHub updated how it uses data to improve AI-powered coding assistance. Starting April 24, interaction data from Copilot Free, Pro, and Pro+ users may be used to train and improve GitHub’s models unless users opt out.

GitHub jumps on the bandwagon and will use your data to train AI Read More »

GitHub-hosted malware campaign uses split payload to evade detection

Don't miss, GitHub, Hot stuff, Malware, Netskope, News, trojan /

GitHub-hosted malware campaign uses split payload to evade detection 2026-03-24 at 13:12 By Zeljka Zorz A large-scale malware delivery campaign has been targeting developers, gamers, and general users through fake tools hosted on GitHub, Netskope researchers have warned. These “lures” are highly polished and appear legitimate, occasionally mimicking real projects, thus making them difficult to

GitHub-hosted malware campaign uses split payload to evade detection Read More »

Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack

Aqua Security, GitHub, open source, supply chain attack, Supply Chain Security, Trivy, vulnerability scanner /

Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack 2026-03-23 at 16:12 By Ionut Arghire Hackers published a malicious scanner release and replaced tags to point to information-stealer malware. The post Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack Read More »

Plumber: Open-source scanner of GitLab CI/CD pipelines for compliance gaps

Aurigo Software Technologies, cybersecurity, Don't miss, GitHub, GitLab, News, open source, scanner, software /

Plumber: Open-source scanner of GitLab CI/CD pipelines for compliance gaps 2026-03-23 at 09:18 By Anamarija Pogorelec GitLab CI/CD pipelines often accumulate configuration decisions that drift from security baselines over time. Container images get pinned to mutable tags, branches lose protection settings, and required templates go missing. An open-source tool called Plumber automates the detection of

Plumber: Open-source scanner of GitLab CI/CD pipelines for compliance gaps Read More »

Betterleaks: Open-source secrets scanner

Aikido Security, DevSecOps, Don't miss, GitHub, Hot stuff, News, open source, scanner, scanning, software /

Betterleaks: Open-source secrets scanner 2026-03-19 at 09:02 By Anamarija Pogorelec Secrets scanning has become standard practice across engineering organizations, and Gitleaks has been one of the most widely used tools in that space. The author of that project has now released a new tool called Betterleaks, which is designed to scan git repositories, directories, and

Betterleaks: Open-source secrets scanner Read More »

Major tech companies invest $12.5 million in open source security

Anthropic, Artificial Intelligence, AWS, cybersecurity, GitHub, Google, Microsoft, News, open source, OpenAI, OpenSSF, The Linux Foundation /

Major tech companies invest $12.5 million in open source security 2026-03-18 at 11:31 By Sinisa Markovic The Linux Foundation announced $12.5 million in grant funding backed by Anthropic, AWS, GitHub, Google, Google DeepMind, Microsoft, and OpenAI to strengthen open source security. The funding will be directed through the foundation’s Alpha-Omega Project and the Open Source

Major tech companies invest $12.5 million in open source security Read More »

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

GitHub, GlassWorm, Malware, Malware & Threats /

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath 2026-03-16 at 13:51 By Ionut Arghire Hundreds of GitHub accounts were accessed using credentials stolen in the VS Code GlassWorm campaign. The post ForceMemo: Python Repositories Compromised in GlassWorm Aftermath appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath Read More »

VulHunt: Open-source vulnerability detection framework

Binarly, Don't miss, framework, GitHub, Hot stuff, News, open source, software /

VulHunt: Open-source vulnerability detection framework 2026-03-16 at 07:40 By Anamarija Pogorelec Binarly has published VulHunt Community Edition, making the core scanning engine from Binarly’s commercial Transparency Platform available to independent researchers and practitioners. What VulHunt does VulHunt Community Edition is a framework for detecting vulnerabilities in compiled software. It operates against multiple binary representations simultaneously,

VulHunt: Open-source vulnerability detection framework Read More »

Cloud-audit: Fast, open-source AWS security scanner

AWS, cloud security, Don't miss, GitHub, Hot stuff, News, scanner, software /

Cloud-audit: Fast, open-source AWS security scanner 2026-03-11 at 09:21 By Mirko Zorz Running AWS security audits without a dedicated security team typically means choosing between enterprise platforms with per-check billing and generic open-source scanners that produce findings with no remediation guidance. Cloud-audit, a Python CLI tool published on GitHub by Mariusz Gebala, takes a narrower

Cloud-audit: Fast, open-source AWS security scanner Read More »

Open-source tool Sage puts a security layer between AI agents and the OS

agentic AI, cybersecurity, Don't miss, Gen Digital, GitHub, Hot stuff, News, open source, software /

Open-source tool Sage puts a security layer between AI agents and the OS 2026-03-09 at 08:06 By Anamarija Pogorelec Autonomous AI agents running on developer workstations execute shell commands, fetch URLs, and write files with little or no inspection of what they are doing. Open-source project Sage inserts an interception layer between an AI agent

Open-source tool Sage puts a security layer between AI agents and the OS Read More »

IronCurtain: An open-source, safeguard layer for autonomous AI assistants

agentic AI, Artificial Intelligence, Don't miss, GitHub, Hot stuff, News, open source /

IronCurtain: An open-source, safeguard layer for autonomous AI assistants 2026-02-28 at 07:07 By Zeljka Zorz Veteran security engineer Niels Provos is working on a new technical approach designed to stop autonomous AI agents from taking actions you haven’t specifically authorized. His open-source software solution, called IronCurtain, aims to neutralize the risk of an LLM-powered agent

IronCurtain: An open-source, safeguard layer for autonomous AI assistants Read More »

Hottest cybersecurity open-source tools of the month: February 2026

cybersecurity, Don't miss, GitHub, News, open source, software /

Hottest cybersecurity open-source tools of the month: February 2026 2026-02-26 at 07:07 By Anamarija Pogorelec This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Pompelmi: Open-source secure file upload scanning for Node.js Software teams building services in JavaScript are adding more layers of defense to handle

Hottest cybersecurity open-source tools of the month: February 2026 Read More »

Scroll to Top