Log4j stories
Attackers still exploit basic gaps for months, with 88% of SMB breaches in 2025 involving ransomware, the report says.
Leaked AI credentials and unpatched dependencies are leaving production systems exposed across US and European organisations, Orca Security said.
Small firms are still being hit by basic security failures, with SonicWall saying attacks on them rose 20.8% to more than 13 billion hits.
Cobalt weaves AI into its pentesting platform, automating recon and triage while keeping human experts on complex attack paths.
GitHub joins tech giants in a USD $12.5 million Alpha-Omega push, boosting AI-powered defences for critical open source software.
Secure.com warns most apps hide critical flaws in open source components, as unpatched dependencies and licence risks leave firms exposed.
Chainguard expands its rebuilt-from-source Libraries to Python, Java and JavaScript, targeting malware risks in AI-driven software supply chains.
Azul and Chainguard have teamed up to offer zero-CVE Java containers, enhancing security and support for enterprise Java workloads with Hardened, source-built images.
Azul's Intelligence Cloud now cuts Java security false positives by up to 99%, using runtime data to boost vulnerability detection accuracy for DevOps teams.
Azul has launched a Java vulnerability tool that cuts false positives by up to 99%, improving threat detection accuracy for production environments.
Less than 40% of firms fully see their software supply chains amid rising security threats and new EU and US cybersecurity regulations.
Fewer than 40% of organisations have full visibility into their software supply chains, exposing risks amid rising cybersecurity concerns and regulation.
A survey by Azul reveals that 88% of enterprises are exploring alternatives to Oracle Java, citing rising costs and cloud expense concerns as key factors.
Qualys has launched a no-cost Tech Debt Report to help organisations identify and mitigate cyber risks from outdated technology.
Sonatype releases its SBOM Manager, a crucial tool to help organisations track and manage software components.
Check Point fortifies its CloudGuard WAF with a new API Discovery feature, aiming to enhance cloud security by identifying and mitigating API vulnerabilities.
Cato Networks exposes systemic cybersecurity gaps in inaugural threat report, revealing insecure protocols employed across WAN by all examined organisations.
New Relic's fourth annual State of the Java Ecosystem report reveals latest trends in Java development and adoption, highlighting significant growth in Java 21's uptake and shifts in preferred Java Developer Kits.
Azul's new Java security tool cuts false positives by 99%, boosting detection accuracy and helping DevOps teams focus on real risks in production code.
NetRise launches ZeroLens, an AI tool that detects undisclosed software weaknesses in compiled code, aiming to prevent cyberattacks before vulnerabilities emerge.
