SecurityWeek

First-Ever Exploitation of PTC Windchill Vulnerability Discovered in the Wild

Hackers exploited a vulnerability in PTC Windchill in the wild, marking the first confirmed real-world abuse of the PLM ...
cryptopolitan

Microsoft, Google patch flaws as Cordyceps spread across open-source repositories

Security researchers at Novee found over 300 exploitable CI/CD workflow chains across repositories belonging to Microsoft, Google, Apache, Cloudflare, and the Python Software Foundation. The flaws ...
TMCnet

AgileAI Labs Unveils Spec2TestAI's Natural Language No-Code Automated Testing Tool

Software Development Teams build an end-to-end project knowledge base that self-improves generating enhanced, fully traceable ...

Minimus opens catalog of hardened container images to all developers

Developers get unrestricted access to thousands of nearly CVE-free images from the Minimus catalog of distroless, hardened container images.
SecurityWeek

Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking

Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...
Security Boulevard

OpenAI Expands Daybreak With Codex Security and GPT-5.5-Cyber Updates

With AI-assisted security tools driving up the volume of reported vulnerabilities, security teams are under increased pressure to validate findings and ...
Developer Tech

OpenAI deploys GPT-5.5-Cyber for open-source vulnerability fixes

OpenAI has deployed GPT-5.5-Cyber to execute automated open-source vulnerability remediation alongside security firm Trail of ...
Unite.AI

OpenAI’s Daybreak Wants to Own the Patch, Not Just the Bug

OpenAI expanded its Daybreak security program on June 22, 2026, and it's easy to read the announcement as one more model drop ...
InfoWorld

OpenAI rolls out AI-led push to fix open-source software flaws

Patch the Planet’ pairs automated analysis with expert review to uncover and remediate vulnerabilities in core infrastructure ...

OpenAI's new GPT-5.5-Cyber tops Claude Mythos 5 in vulnerability benchmark0 0

OpenAI is rolling out the full, limited-release version of GPT-5.5-Cyber—a specialized AI model that outperforms its ...
Dark Reading

'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows

By targeting the automated workflows around repositories with targeted pull requests, attackers can potentially target ...