Supply Chain Security stories - Page 4

HPE Threat Labs warns cybercrime now runs like big business, as AI-fuelled, industrial-scale attacks hammer government and finance.

Dell unveils quantum-ready PC firmware and AI-focused data protection tools to counter emerging threats across devices and AI workloads.

Aqua Security's Trivy GitHub Action was hijacked to ship infostealer code via CI/CD pipelines, exposing secrets across downstream users.

GitLab opens agentic AI to free-tier users, sets USD $0.25 flat fee for automated code reviews and expands security false-positive filtering.

Yubico and Delinea unite hardware keys with identity checks to ensure each high‑risk AI agent action is explicitly approved by a human.

Iceland-based Varist has launched a free malware scanner that rates suspicious files in seconds to counter fast-evolving AI-driven threats.

OPSWAT founder Benny Czarny urges a prevention-first cyber defence in his new book, arguing detection-led tools can no longer keep pace.

DigiCert reports record Q4 ARR in FY26 as DigiCert ONE platform growth, acquisitions and automation demand drive digital trust expansion.

SpecterOps broadens BloodHound Enterprise to map identity attack paths across Okta, GitHub and Jamf-managed Macs in hybrid environments.

Miggo and Grafana link runtime security to Grafana Cloud telemetry, promising major cuts to critical vulnerability noise for joint users.

Keysight debuts SBOM Manager to automate software bills of materials as EU and US cyber rules tighten transparency and compliance demands.

Chainguard launches a free Catalog Starter pack, giving developers five production-grade secure container images from its vast library.

North Korean IT workers using Western collaborators and fake identities are infiltrating remote jobs to funnel foreign salaries home.

Lineaje launches UnifAI, a security and governance layer to centralise control, discovery and policy for enterprise agentic AI deployments.

JFrog launches an MCP registry to centralise and secure AI coding agents, extending software supply chain controls to agent workflows.

TrendAI integrates its AI security platform with HPE Private Cloud AI to secure enterprise AI deployments from infrastructure to applications.

TrendAI and Nvidia link DSX Air with digital twin security tools so AI datacentre “factories” can be hardened before hardware is built.

TrendAI and Nvidia deepen collaboration to embed layered security and governance into OpenShell, protecting long-lived autonomous AI agents.

AI-fuelled coding drives record 29 million hardcoded secrets on GitHub in 2025, with leaks from AI tools and services surging sharply.

Secure Code Warrior launches SCW Trust Agent: AI, giving security teams commit-level visibility and control over AI-influenced code.