Security vulnerabilities stories

A recent cyber attack has compromised over 23,000 GitHub repositories, raising alarms over software supply chain security and the exploitation of trusted components.

A malicious commit in the tj-actions/changed-files GitHub Action, used in over 23,000 repositories, threatens software security across numerous CI pipelines.

Tenable Research has raised alarms over security vulnerabilities in the generative AI model DeepSeek R1, warning it could simplify malware creation.

Nozomi Networks has been ranked third in Fast Company's World’s Most Innovative Companies 2025 for its pivotal work in securing critical infrastructure from cyber threats.

JFrog has incorporated NVIDIA NIM microservices into its Software Supply Chain Platform, enhancing secure AI model deployment and streamlining enterprise solutions.

A recent SANS Institute and OPSWAT report reveals serious shortcomings in ICS/OT cybersecurity budgets, with over half of organisations experiencing security incidents last year.

Opus Security has unveiled its Autonomous Vulnerability Management Platform, harnessing AI to streamline cybersecurity processes and reduce remediation delays by up to 90%.

Verizon Business has teamed up with Accenture to enhance cybersecurity solutions for mid and large enterprises, tackling the rising threats in the digital landscape.

Cybersecurity firm UpGuard has unveiled AI-powered tools that enable users to conduct vendor risk assessments in under 60 seconds, enhancing efficiency in risk management.

UK SMEs are expected to boost their dependence on managed security services in 2025, with 80% viewing this as a valuable move, reveals Six Degrees research.

MSys Technologies has announced its acquisition of Gophers Lab, aiming to tackle challenges in the FinTech sector and drive digital transformation.

Australia has climbed to fourth place globally for cyberattacks on critical infrastructure, as a report reveals a surge in diverse threats targeting various sectors.

A new whitepaper from Telstra International reveals that 80% of manufacturing firms faced security incidents last year, yet only 45% felt prepared to tackle the threats.

The Open-Source AI Foundation has launched to promote transparency in AI systems for government agencies, coinciding with DeepSeek's commitment to open source its AI models.

GitHub has partnered with Endor Labs, integrating advanced security software to help developers swiftly identify and manage critical vulnerabilities within the platform.

DeepSeek faces intense scrutiny over significant security flaws and data management practices, prompting bans across multiple countries amidst privacy concerns.

Akamai Technologies has launched the Defenders’ Guide 2025, a comprehensive report for APJ cybersecurity professionals facing rising cyber threats.

AttackIQ has acquired DeepSurface to enhance its cybersecurity services, aiming to improve risk management and bolster protections against cyber threats.

A survey by Azul reveals that 88% of enterprises are exploring alternatives to Oracle Java, citing rising costs and cloud expense concerns as key factors.

A major data leak impacting Fortinet firewalls has revealed sensitive information from 15,000 devices following a critical vulnerability, prompting urgent cybersecurity measures.