GitHub Copilot CLI gets a second-opinion feature built on cross-model review
Coding agents make decisions in sequence: a plan is drafted, implemented, then tested. Any error introduced early compounds as subsequent steps build on the same flawed …
Microsoft releases open-source toolkit to govern autonomous AI agents
AI agents can book travel, execute financial transactions, write and run code, and manage infrastructure without human intervention at each step. Frameworks like LangChain, …
Intel puts its data center performance knowledge on GitHub
Intel engineers have published a centralized repository of data center performance knowledge on GitHub, giving practitioners direct access to tuning guides, configuration …
Rspamd 4.0.0 ships memory savings, a new scan protocol, and a required migration step
The open-source spam filtering platform Rspamd released version 4.0.0, delivering infrastructure changes across its scan protocol, memory model, hash storage, and …
Hottest cybersecurity open-source tools of the month: March 2026
Presented here is a curated selection of noteworthy open-source cybersecurity solutions that have drawn recognition for their ability to enhance security postures across …
ShipSec Studio brings open-source workflow orchestration to security operations
Security teams have long relied on a mix of shell scripts, cron jobs, and loosely connected tools to chain reconnaissance and vulnerability scanning work together. ShipSec …
AI frenzy feeds credential chaos, secrets leak through code, tools, and infrastructure
Code keeps moving through pipelines, and credentials continue to surface alongside it. GitGuardian’s State of Secrets Sprawl 2026 puts the count at 28.65 million new hardcoded …
GitHub jumps on the bandwagon and will use your data to train AI
GitHub updated how it uses data to improve AI-powered coding assistance. Starting April 24, interaction data from Copilot Free, Pro, and Pro+ users may be used to train and …
GitHub-hosted malware campaign uses split payload to evade detection
A large-scale malware delivery campaign has been targeting developers, gamers, and general users through fake tools hosted on GitHub, Netskope researchers have warned. These …
GitHub just made it much harder to ship a vulnerable pull request
GitHub is expanding its application security capabilities with AI-powered security detections designed to identify risks earlier in the development process, with public …
Plumber: Open-source scanner of GitLab CI/CD pipelines for compliance gaps
GitLab CI/CD pipelines often accumulate configuration decisions that drift from security baselines over time. Container images get pinned to mutable tags, branches lose …
Llamafile, Mozilla’s portable LLM runner, gets GPU support and a rebuilt core
Running a large language model on a single machine without cloud access or a container runtime remains a priority for practitioners working in air-gapped or …
Featured news
Resources
Don't miss
- Social engineering attacks on open source developers are escalating
- Chaos malware expands from routers to Linux cloud servers
- What managing partners should ask AI vendors before signing any contract
- Anthropic’s new AI model finds and exploits zero-days across every major OS and browser
- Comp AI: The open-source way to get compliant with SOC 2, ISO 27001, HIPAA and GDPR