惯性聚合
高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文
在惯性聚合中打开
即将跳转到惯性聚合
3
在聚合应用中查看完整内容和互动
立即跳转
取消
推荐订阅源
G
Google Developers Blog
Jina AI
大猫的无限游戏
Martin Fowler
博
博客园 - 司徒正美
云风的 BLOG
C
Cybersecurity and Infrastructure Security Agency CISA
CTFtime.org: upcoming CTF events
S
Securelist
S
Security Affairs
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
L
LINUX DO - 热门话题
博
博客园 - 三生石上(FineUI控件)
T
Threatpost
T
The Blog of Author Tim Ferriss
C
CERT Recently Published Vulnerability Notes
IT之家
P
Palo Alto Networks Blog
Microsoft Azure Blog
Spread Privacy
Cyberwarzone
腾
腾讯CDC
L
LangChain Blog
Know Your Adversary
C
CXSECURITY Database RSS Feed - CXSecurity.com
GbyAI
Threat Intelligence Blog | Flashpoint
I
Intezer
T
Tor Project blog
AWS News Blog
T
Tenable Blog
NISL@THU
Security Latest
cs.CL updates on arXiv.org
H
Hackread – Cybersecurity News, Data Breaches, AI and More
人人都是产品经理
MongoDB | Blog
MyScale Blog
D
DataBreaches.Net
Microsoft Security Blog
钛媒体:引领未来商业与生活新知
量
量子位
美
美团技术团队
The Cloudflare Blog
酷 壳 – CoolShell
罗
罗磊的独立博客
The GitHub Blog
阮一峰的网络日志
OSCHINA 社区最新新闻
Stack Overflow Blog
Aikido Security's Blog
Axios CVE-2026-40175: a critical bug that’s… not exploitable
GlassWorm goes native: New Zig dropper infects every IDE on your machine
Aikido Attack finds multiple 0-days in Hoppscotch
The cybersecurity doomerism around Mythos doesn't match what we see on the ground
axios compromised on npm: maintainer account hijacked, RAT deployed
Popular telnyx package compromised on PyPI by TeamPCP
Aikido × Lovable: Vibe, Fix, Ship
CanisterWorm Gets Teeth: TeamPCP's Kubernetes Wiper Targets Iran
TeamPCP deploys CanisterWorm on NPM following Trivy compromise
Security testing is validating software that no longer exists
Aikido Recognized by Frost & Sullivan with the 2026 Customer Value Leadership Award in ASPM
GlassWorm Hides a RAT Inside a Malicious Chrome Extension
fast-draft Open VSX Extension Compromised by BlokTrooper
Glassworm Strikes Popular React Native Phone Number Packages
Glassworm Is Back: A New Wave of Invisible Unicode Attacks Hits Hundreds of Repositories
How Security Teams Fight Back Against AI-Powered Hackers
Introducing Betterleaks, an open source secrets scanner by the author of Gitleaks
Trump’s 2026 cybersecurity strategy: From compliance to consequence
How does AI pentesting work with compliance?
What continuous pentesting actually requires
Rare Not Random: Using Token Efficiency for Secrets Scanning
Persistent XSS/RCE using WebSockets in Storybook’s dev server
Why Determinism Is Still a Necessity in Security
WAF vs. RASP vs. ADR
Introducing Aikido Infinite: A new model of self-securing software
How Aikido secures AI pentesting agents by design
Astro Full-Read SSRF via Host Header Injection
How to Get Your Board to Care About Security (Before a Breach Forces the Issue)
What is Slopsquatting? The AI Package Hallucination Attack Already Happening
SvelteSpill: A Cache Deception Bug in SvelteKit + Vercel
Top 6 Wiz Code Alternatives
Aikido recognized as Platform Leader in Latio Tech's 2026 Application Security Report
From detection to prevention: How Zen stops IDOR vulnerabilities at runtime
npm backdoor lets hackers hijack gambling outcomes
Introducing Upgrade Impact Analysis: When breaking changes actually matter to your code
Why Trying to Secure OpenClaw is Ridiculous
Claude Opus 4.6 found 500 vulnerabilities. What does this change for software security?
Introducing Aikido Expansion Packs: Safer defaults inside the IDE
International AI Safety Report 2026: What It Means for Autonomous AI Systems
Self-Securing Software: What It Is, Why It Matters, and How It Works
npx Confusion: Packages That Forgot to Claim Their Own Name
What Is Continuous Pentesting?
Introducing Aikido Package Health: a Better Way to Trust Your Dependencies
AI Pentesting: Minimum Safety Requirements for Security Testing
Secure SDLC for Engineering Teams (+ Checklist)
Fake Clawdbot VS Code Extension Installs ScreenConnect RAT
G_Wagon: npm Package Deploys Python Stealer Targeting 100+ Crypto Wallets
Gone Phishin': npm Packages Serving Custom Credential Harvesting Pages
Malicious PyPI Packages spellcheckpy and spellcheckerpy Deliver Python RAT
Top 10 AI Security Tools For 2026
Agent Skills Are Spreading Hallucinated npx Commands
Understanding Open-Source License Risk in Modern Software
The CISO Vibe Coding Checklist for Security
Top 6 Graphite alternatives for AI code review in 2026
From “No Bullsh*t Security” to $1B: We Just Raised Our $60m Series B
Critical n8n Vulnerability Allows Unauthenticated Remote Code Execution (CVE-2026-21858)
AI-Driven Pentesting of Coolify: Seven CVEs Identified
Top Continuous Pentesting Tools in 2026
SAST vs SCA: Securing the Code You Write and the Code You Depend On
JavaScript, MSBuild, and the Blockchain: Anatomy of the NeoShadow npm Supply-Chain Attack
How Engineering and Security Teams Can Meet DORA’s Technical Requirements
IDOR Vulnerabilities Explained: Why They Persist in Modern Applications
Shai Hulud strikes again - The golden path
MongoBleed: MongoDB Zlib Vulnerability (CVE-2025-14847) and How to Fix It
First Sophisticated Malware Discovered on Maven Central via Typosquatting Attack on Jackson
The Fork Awakens: Why GitHub’s Invisible Networks Break Package Security
Top 10 Cyber Security Tools For 2026
SAST in the IDE is now free: Moving SAST to where development actually happens
AI Pentesting in Action: A TL;DV Recap of Our Live Demo
The Top 7 Threat Intelligence Tools in 2026
React & Next.js DoS Vulnerability (CVE-2025-55184): What You Need to Fix After React2Shell
OWASP Top 10 for Agentic Applications (2026): What Developers and Security Teams Need to Know
DAST vs Pentesting v AI Pentesting: Why DAST Cannot Replace Modern Pentesting
PromptPwnd: Prompt Injection Vulnerabilities in GitHub Actions Using AI Agents
Top 7 Cloud Security Vulnerabilities
Critical React & Next.js RCE Vulnerability (CVE-2025-55182): What You Need to Fix Now
How to Comply With the UK Cybersecurity & Resilience Bill: A Practical Guide for Modern Engineering Teams
Shai Hulud 2.0: What the Unknown Wonderer Tells Us About the Attackers’ Endgame
SCA Everywhere: Scan and Fix Open-Source Dependencies in Your IDE
Safe Chain now enforces a minimum package age before install
Shai Hulud Attacks Persist Through GitHub Actions Vulnerabilities
Shai Hulud Launches Second Supply-Chain Attack: Zapier, ENS, AsyncAPI, PostHog, Postman Compromised
CORS Security: Beyond Basic Configuration
Revolut Selects Aikido Security to Power Developer-First Software Security
The Future of Pentesting Is Autonomous
How Aikido and Deloitte are bringing developer-first security to enterprise
Secrets Detection: A Practical Guide to Finding and Preventing Leaked Credentials
Invisible Unicode Malware Strikes OpenVSX, Again
AI as a Power Tool: How Windsurf and Devin Are Changing Secure Coding
Building Fast, Staying Secure: Supabase’s Approach to Secure-by-Default Development
OWASP Top 10 2025: Official List, Changes, and What Developers Need to Know
Top 10 JavaScript Security Vulnerabilities in Modern Web Apps
The Return of the Invisible Threat: Hidden PUA Unicode Hits GitHub repositorties
Top 7 Black Duck Alternatives in 2026
What Is IaC Security Scanning? Terraform, Kubernetes & Cloud Misconfigurations Explained
AutoTriage and the Swiss Cheese Model of Security Noise Reduction
Top Software Supply Chain Security Vulnerabilities Explained
The Top 7 Kubernetes Security Tools
Top 10 Web Application Security Vulnerabilities Every Team Should Know
What Is CSPM (and CNAPP)? Cloud Security Posture Management Explained
Top 14 VS Code Extensions for 2026
Divine Odazie
·
2026-01-07
·
via
Aikido Security's Blog
A practical guide to the best VS Code extensions for 2026, covering productivity, testing, collaboration, and…
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。
原文来自
— 版权归原作者所有。