Perplexity launches Bumblebee: How its new read-only dev scanner differs from Chainguard

Perplexity launches Bumblebee: How its new read-only dev scanner differs from Chainguard ...
The Anderson Independent-Mail

EnforceAuth Open-Sources Zift — A Code Scanner Built to Close the Authorization Gap in ...

First open-source tool to automatically discover authorization decisions across multi-language codebases and emit Rego policy stubs ready for Open Policy Agent. SAN ...
Decrypt

Perplexity Built a Tool That Checks Your Computer for Infected Software—Without Setting ...

Bumblebee from Perplexity scans developer machines for compromised packages and AI tool configs, without triggering malware.
InfoWorld

How GlassWorm wormed its way back into developers’ code — and what it says about open ...

First discovered in October, GlassWorm employs undisplayable Unicode characters to make malicious code invisible to code editors in VS Code environments. The worm has also now wriggled its way into ...
Scientific American

Open-source software has an invisible vulnerability. Hackers have found it

The danger in the code came from characters that are invisible to the human eye. In early March researchers at several security firms examined what looked like empty space and found hidden Unicode ...
SecurityWeek

Open Source DockSec Uses AI to Cut Through Vulnerability Noise in Docker Images

DockSec correlates findings from container security scanners and uses AI to generate remediation guidance and exact Dockerfile fixes.
VentureBeat

Anthropic and OpenAI just exposed SAST's structural blind spot with free tools

OpenAI launched Codex Security on March 6, entering the application security market that Anthropic had disrupted 14 days earlier with Claude Code Security. Both scanners use LLM reasoning instead of ...