Source Code Management (SCM) stories - Page 2

NetRise unveils Provenance, a tool to trace open source maintainers and stop risky dependencies before they spread through software.

Mimecast chief warns human risk is now cybersecurity's 'eighth layer' as malicious insiders overtake negligence in Australian attacks.

Veracode unveils an AI-driven tool that automatically fixes open-source vulnerabilities, tackling mounting security debt in software supply chains.

Aqua Security's Trivy GitHub Action was hijacked to ship infostealer code via CI/CD pipelines, exposing secrets across downstream users.

GitLab opens agentic AI to free-tier users, sets USD $0.25 flat fee for automated code reviews and expands security false-positive filtering.

SpecterOps broadens BloodHound Enterprise to map identity attack paths across Okta, GitHub and Jamf-managed Macs in hybrid environments.

Morphisec unveils Adaptive AI Defence to spot shadow AI, block compromised agents and thwart AI-driven ransomware in real time.

Entro launches AGA to map, monitor and control AI agents in enterprises, tackling shadow AI and non-human identity risks at scale.

Cobalt launches Security Program Manager service to run enterprise pentesting, align tests with business goals and speed up remediation.

North Korean IT workers using Western collaborators and fake identities are infiltrating remote jobs to funnel foreign salaries home.

ThoughtSpot rolls out Spotter for Industries, AI analytics agents tuned to sector rules to close the “context gap” in enterprise decisions.

Secure Code Warrior launches SCW Trust Agent: AI, giving security teams commit-level visibility and control over AI-influenced code.

AI-fuelled coding drives record 29 million hardcoded secrets on GitHub in 2025, with leaks from AI tools and services surging sharply.

1Password unveils Unified Access to secure AI agents and machine credentials, promising endpoint-to-agent visibility for security teams.

GitHub joins tech giants in a USD $12.5 million Alpha-Omega push, boosting AI-powered defences for critical open source software.

Linux Foundation wins USD $12.5m from tech giants to bolster AI-era open source security and ease pressure on overstretched maintainers.

VAST Data unveils Foundation Stacks, turning NVIDIA AI Blueprints into production-ready pipelines on its AI Operating System.

VAST Data unveils Foundation Stacks, open-source pipelines turning NVIDIA AI Blueprints into production-ready workflows on its AI OS.

PagerDuty links Anthropic, Cursor and LangChain to expand its AI ops ecosystem, boosting incident response across modern software stacks.

GenAI use in healthcare is fuelling patient data policy breaches, with regulated records making up 89% of AI-linked violations, research shows.