Home Security

Security

Security researcher exploits GitHub gotcha, gets admin access to all Istio repositories and more

A security researcher investigated an archive of commits on GitHub, which developers had likely thought they had deleted, […]

“Serious” MySQL bug celebrates 20 years unfixed – another reason to switch to PostgreSQL?

A bug in MySQL submitted in June 2005 with a severity of “S2 (Serious)” remains unfixed 20 years […]

Misconfigured GitHub Actions could leave repos and secrets exposed, Sysdig finds

Sysdig researchers have warned that developers and maintainers could be leaving their repos open to hijacking through inadequately […]

Redefining identity security in the age of agentic AI

Now AI agents have identity, too. Here’s how to handle it The rise of agentic AI systems is […]

Cursor AI editor hits 1.0 milestone, including BugBot and high-risk background agents

Anysphere has released version 1.0 of its AI editor, Cursor, along with new features including previews of a […]

Researchers warn of prompt injection vulnerability in GitHub MCP with no obvious fix

A team of researchers at Invariant Labs, based in Zurich, Switzerland, has warned developers of a prompt injection […]

MCP will be built into Windows to make an ‘agentic OS’ but security will be a key concern

Microsoft’s Build developer conference is under way in Seattle, where the company has revealed plans to make the […]

PHP security audit of critical code reveals flaws, fixed in new release

The PHP Foundation has reported the results of a security audit of the most critical parts of the […]

The risks of GitHub Actions: Researcher describes severe potential of CodeQL vulnerability, now fixed

A researcher has described how a vulnerability in GitHub’s CodeQL, a tool for detecting security issues, had the […]

Next.js team fixes vuln that allows auth bypass when middleware is used, revises documentation recommending this method

Security researchers Rachid Allam and Yasser Allam found a vulnerability in the Next.js middleware that makes it trivial […]