Source Code Management (SCM) stories

GitLab deepens Google Cloud partnership so Duo Agent Platform users can tap Vertex AI models, while counting the spend against existing commitments.

Orca Security warns that AI credentials, vulnerable dependencies and lax pipeline controls are leaving production environments exposed across US and Europe.

Cursor 3 rebuilds the coding workspace around AI agents, adding cross-repository collaboration, cloud handoffs and review tools for developers.

AI is boosting developer output, but Australian firms are finding the bigger challenge is joining up fragmented tools, data and governance.

Avocado urges Australian firms to tighten repository security as the ACSC reissues a high alert on active supply chain attacks and secrets sprawl.

Kestra secures USD $25 million from RTP Global to launch Kestra 2.0, roll out Kestra Cloud and expand in North America and Europe.

Liquibase rolls out AI-backed database governance and deployment connectors for ServiceNow, GitHub, Harness and Terraform to improve auditability.

Percona teams up with Chainguard to offer supported, hardened container images for MySQL, PostgreSQL and MongoDB databases.

AppOmni upgrades Heisenberg to help teams trace GitHub Actions and spot tainted dependencies after the LiteLLM supply chain breach.

Aerospike adds durable memory for LangGraph agents to keep context through restarts, failures and concurrent sessions.

NetRise unveils Provenance, a tool to trace open source maintainers and stop risky dependencies before they spread through software.

New Relic secures a third consecutive Leader ranking in IDC's Worldwide AIOps 2026 assessment, highlighting its AI-led observability tools.

Mimecast chief warns human risk is now cybersecurity's 'eighth layer' as malicious insiders overtake negligence in Australian attacks.

Veracode unveils an AI-driven tool that automatically fixes open-source vulnerabilities, tackling mounting security debt in software supply chains.

Aqua Security's Trivy GitHub Action was hijacked to ship infostealer code via CI/CD pipelines, exposing secrets across downstream users.

GitLab opens agentic AI to free-tier users, sets USD $0.25 flat fee for automated code reviews and expands security false-positive filtering.

SpecterOps broadens BloodHound Enterprise to map identity attack paths across Okta, GitHub and Jamf-managed Macs in hybrid environments.

Entro launches AGA to map, monitor and control AI agents in enterprises, tackling shadow AI and non-human identity risks at scale.

Cobalt launches Security Program Manager service to run enterprise pentesting, align tests with business goals and speed up remediation.

ThoughtSpot rolls out Spotter for Industries, AI analytics agents tuned to sector rules to close the “context gap” in enterprise decisions.