Guides
Protect AI models, data, and systems
Test for behavioral risks in conversational AI
Mitigating risks and future trends
AppSec types, tools, and best practices
Automating dependency updates
Manage open source code
Keep source code safe
Improve transparency, security, and compliance
Pre-production scanning and runtime protection
Secure containerized applications
When the guardrails held and the attack still worked
The guardrails held. The AI-assisted attack still worked. Here is why.
Attestation in Cybersecurity: Types, Uses & Best Practices
How cybersecurity attestation proves system integrity and builds digital trust.
AI changed what you ship. It also changed what you have to secure.
AI changed what you ship and what you have to secure.
Frontier Model Is the Wrong Meter for Continuous Security
Why frontier model security is too costly to run as an always-on scanner.
Mastra npm Scope Takeover: 140+ Packages Compromised via easy-day-js Dropper
@Mastra npm: 140+ Packages Compromised
Why AI Can’t Verify Its Own Code and What That Means for Enterprise AppSec
AI-generated code security needs an independent verification layer.
Best Software Composition Analysis Services: Top 8 in 2026
Compare the top 8 software composition analysis services of 2026.
AI Security Agents: Key Capabilities and 5 Critical Best Practices
How AI security agents work, their capabilities, and 5 best practices.
AI Guardrails in 2026: Types, Challenges, and Impact of Agentic AI
AI guardrails explained: types, challenges, and their role in agentic AI.
Miasma: Red Hat Cloud Services npm Packages Hit by a Mini Shai-Hulud-Style Campaign
npm packages in @redhat-cloud-services drop a multi-stage cloud credential stealer.
OWASP Top 10 for LLM Applications: Risks, Impact, and Mitigation
The OWASP Top 10 for LLM applications, explained risk by risk.
Best Application Security Testing Providers: Top 8 in 2026
The top 8 application security testing providers to know in 2026.
Laravel-Lang Composer tag-rewrite Supply Chain Attack
Four Laravel-Lang Composer packages were poisoned via tag rewrite.
The EU Cyber Resilience Act: A Complete Compliance Guide for 2026 and Beyond
Everything companies need to know about EU CRA compliance before 2027.
Mini Shai-Hulud Hits @antv: 323 npm Packages Compromised Through the atool Maintainer Account
Mini Shai-Hulud strikes again: 323 npm packages compromised via @antv's atool.
Inside the RubyGems Supply Chain Attack: How Mend Defender Caught a Coordinated Flood Before It Spread
How Mend.io caught a coordinated RubyGems attack and what it teaches us.
Never miss a post. Opt-out at any time.
Youβre all set to receive our latest posts.
