Security Boulevard

NetRise Launches Provenance to Map Who Is Behind Open Source Components and How Risk Spreads

NetRise launched NetRise Provenance on March 24 at RSAC 2026, a new product that adds contributor-level visibility to software supply chain analysis.
WinBuzzer

Trivy Breached Twice in a Month via GitHub Actions

Attackers have hijacked 75 of 76 GitHub Actions tags for Aqua Security's Trivy scanner, distributing credential-stealing ...
Dark Reading

GitHub: How Code Provenance Can Prevent Supply Chain Attacks

GARTNER SECURITY & RISK MANAGEMENT SUMMIT — Washington, DC — Having awareness and provenance of where the code you use comes from can be a boon to prevent supply chain attacks, according to GitHub's ...
ITWire

GitHub releases private vulnerability reporting and npm package provenance

The largest open-source software repository, GitHub, has announced two product updates to support developers, maintainers, and security researchers in ensuring the integrity of open-source projects, ...
dbta

JFrog and GitHub Collaborate to Address Growing Developer Responsibilities and Demands

Development teams are often in charge of managing both the source code and its binaries, as well as all its risks. JFrog and GitHub’s integrated solution centers bi-directional linking between source ...