Black Duck introduces AI model scanning to tackle hidden and obfuscated AI components

Application security solutions provider Black Duck Software Inc. today announced the that it has added artificial ...
InfoWorld

Malicious npm package sneaks into GitHub Actions builds

The typosquatted “@acitons/artifact” package targeted GitHub’s CI/CD workflows, stealing tokens and publishing malicious ...