CSOonline

Arnica’s real-time, code-risk scanning tools aim to secure supply chain

Software supply chain security provider Arnica has added new real-time scanning tools to its namesake code-security suite, including static application security testing (SAST), infrastructure as code ...
Dark Reading

Claude Source Code Leak Highlights Big Supply Chain Missteps

Sophisticated cyberattacks targeting a variety of open source projects, including the Trivy security-scanner project, the widely used Axios Javascript package, and now Anthropic's accidental ...