AppSec stories

Hamilton-born Capture The Bug taps top US tech leaders to drive North American growth as demand rises for continuous security testing.

GitLab releases Duo AI Agent Platform to orchestrate AI across the full DevOps lifecycle, promising faster, governed software delivery.

F5 rolls out AI Guardrails and AI Red Team to harden runtime security, blending adversarial testing with real-time policy enforcement.

Agentic AI promises rapid software gains, but a recent Claude Code cyberattack shows how “double agents” can outpace unprepared developers.

WaveMaker predicts by 2026 AI will speed prototyping but boost demand for senior oversight, personalised UIs and specialised software agents.

Codific urges boards to prioritise preemptive cyber defence, identity and supply-chain control as 2026 scrutiny and rules tighten.

DryRun lands USD $8.7m seed round as demand grows for its AI-native code security tools targeting LLM-driven and autonomous coding workflows.

Backslash Security wins InfoWorld 2025 Technology of the Year award for AI security, spotlighting risks in AI-native software development.

Intruder finds over 42,000 sensitive tokens hidden in JavaScript bundles, exposing a major blind spot in modern web app security tools.

OWASP has launched its first Top 10 list for agentic AI, warning autonomous systems act as a powerful but risky new digital workforce.

AI-native malware, deepfake fraud and attacks on connected devices will dominate enterprise cyber risk in 2026, VIPRE has warned.

Keeper launches a zero-knowledge secrets manager extension for JetBrains IDEs, aiming to eliminate hardcoded credentials in codebases.

Coder.com launches AI governance stack to run coding agents in self-hosted workspaces, giving enterprises centralised control and security.

Checkmarx snaps up AI start-up Tromzo to fold reasoning-based agents into its AppSec platform and speed autonomous code security.

JFrog appoints former Udemy marketing leader Genefa Murphy as CMO to spearhead global growth in AI-driven software supply chain tools.

Cyber attacks on SaaS platforms are soaring, pushing boards to make AI‑driven security a core strategy as misconfigurations fuel mass breaches.

Codific sees 2026 cybersecurity shaped by shadow AI, passwordless logins, tighter regulation and a sharper focus on software supply chains.

Tracebit launches a free community canary platform, bringing high-signal breach detection to developers, security hobbyists and small teams.

Radware predicts 2026 will usher in an ‘Internet of Agents’, as AI-driven machines overtake humans in traffic, attacks and cyber defence.

Backslash launches MCP Security to monitor AI coding agents on developer machines, tackling data leaks, prompt injection and privilege abuse.