SCA stories
Banks face a costly overhaul as EU rules will soon make digital identity wallets mandatory for strong customer authentication, reshaping onboarding and fraud checks.
Attackers hid malware in familiar package workflows, prompting Sonatype to log 21,764 malicious open-source packages in the quarter.
Most engineering teams could struggle to meet EU Cyber Resilience Act reporting deadlines, with many still handling SBOMs manually or only after incidents.
Organisations remain exposed as malware in open-source packages surged in 2025, with most advisories and account takeovers reported last year.
The malicious packages could leave build systems and Kubernetes clusters exposed, prompting checks across CI/CD pipelines and AI frameworks.
Enterprises could spot compromised maintainers sooner, as the new tool maps open-source contributors, dependencies and policy breaches across builds.
Fime's EMEA lab wins EMVCo nod to test fingerprint sensors for biometric cards, supporting global roll-out of trusted contactless payments.
Sonatype says smaller AI tied to live software data can outsecure larger models on dependency upgrades, slashing risk and cost.
Veracode unveils an AI-driven tool that automatically fixes open-source vulnerabilities, tackling mounting security debt in software supply chains.
Harness has launched AI Security and Secure AI Coding tools to spot and block vulnerabilities in AI-powered apps and AI-generated code.
Retailers are bearing the cost as millions of valid card payments are challenged, leaving banks to refund GBP £3.5 billion in a year.
High decline rates and chargeback risk are already hitting merchants as AI agents struggle to pass payment checks built for human shoppers.
Four of New Zealand’s biggest lenders are testing AI-driven payments as Visa moves to safeguard shopping across merchants and platforms.
UK Xero users can now manage supplier, expense and employee payments in one place as Dext expands its payments tool with payroll.
Poor checkout experiences are costing European retailers repeat business, as payabl.'s new Visa Click to Pay aims to cut friction and fraud.
Australian developers can now access free vulnerability tools as Vulnetix takes a formal role in global software flaw tracking.
Australian organisations face fresh risk of cloud and identity compromise as the cyber watchdog reissues its alert on repository attacks.
Backslash adds cross-tool governance to discover, vet and monitor 'Skills' powering AI coding assistants like Cursor, Claude Code and Copilot.
Token.io launches Account on File to make Pay by Bank a near one-tap checkout, cutting steps and boosting conversion for UK and EU merchants.
Ditto launches cryptographic digital ID platform for EU, promising reusable wallet-based identities and less personal data exposure.
