GitHub stories

Orca Security warns that AI credentials, vulnerable dependencies and lax pipeline controls are leaving production environments exposed across US and Europe.

Cursor 3 rebuilds the coding workspace around AI agents, adding cross-repository collaboration, cloud handoffs and review tools for developers.

Avocado urges Australian firms to tighten repository security as the ACSC reissues a high alert on active supply chain attacks and secrets sprawl.

Kestra secures USD $25 million from RTP Global to launch Kestra 2.0, roll out Kestra Cloud and expand in North America and Europe.

Liquibase rolls out AI-backed database governance and deployment connectors for ServiceNow, GitHub, Harness and Terraform to improve auditability.

Aerospike adds durable memory for LangGraph agents to keep context through restarts, failures and concurrent sessions.

NetRise unveils Provenance, a tool to trace open source maintainers and stop risky dependencies before they spread through software.

New Relic secures a third consecutive Leader ranking in IDC's Worldwide AIOps 2026 assessment, highlighting its AI-led observability tools.

Mimecast chief warns human risk is now cybersecurity's 'eighth layer' as malicious insiders overtake negligence in Australian attacks.

Veracode unveils an AI-driven tool that automatically fixes open-source vulnerabilities, tackling mounting security debt in software supply chains.

Aqua Security's Trivy GitHub Action was hijacked to ship infostealer code via CI/CD pipelines, exposing secrets across downstream users.

SpecterOps broadens BloodHound Enterprise to map identity attack paths across Okta, GitHub and Jamf-managed Macs in hybrid environments.

Entro launches AGA to map, monitor and control AI agents in enterprises, tackling shadow AI and non-human identity risks at scale.

Cobalt launches Security Program Manager service to run enterprise pentesting, align tests with business goals and speed up remediation.

ThoughtSpot rolls out Spotter for Industries, AI analytics agents tuned to sector rules to close the “context gap” in enterprise decisions.

AI-fuelled coding drives record 29 million hardcoded secrets on GitHub in 2025, with leaks from AI tools and services surging sharply.

1Password unveils Unified Access to secure AI agents and machine credentials, promising endpoint-to-agent visibility for security teams.

GitHub joins tech giants in a USD $12.5 million Alpha-Omega push, boosting AI-powered defences for critical open source software.

Linux Foundation wins USD $12.5m from tech giants to bolster AI-era open source security and ease pressure on overstretched maintainers.

VAST Data unveils Foundation Stacks, turning NVIDIA AI Blueprints into production-ready pipelines on its AI Operating System.