This story starts when Sébastien Lorber, maintainer of Docusaurus, the React-based open-source documentation project, notices a Pull Request change to the package manifest. Here’s the change proposed to the popular cliui npm package: Specifically, drawing our attention to the npm dependencies change that use an unfamiliar syntax: Most developers would expect to see a semver version range in the value of a package or perhaps a Git or file-based URL.

GitGuardian introduces European data hosting for its Secrets Detection Platform SaaS, ensuring data sovereignty and GDPR compliance. Discover how our new EU hosting options help enterprises meet regulatory requirements and protect sensitive data with ease.

Vulnerability management is often a complex task, particularly when using multiple scanning tools or dealing with the constant flow of new CVEs. Different scanners can uncover the same vulnerability but provide different insights or look at different metadata, making it look like one vulnerability is several without the proper context. We are excited to introduce the Nucleus CVEs Page, designed to enhance how your organization manages vulnerabilities across projects.

Traditional cybersecurity protocols quickly become out of date as cyberattacks and criminals evolve. Organizations are constantly on the lookout for new measures to prevent these attacks and keep their business and client data secure. This is why the zero-trust security principle is rapidly being adopted by organizations everywhere to help them save millions in data breach costs, which hit an all-time high of $4.88 million in 2024.

Nutanix is a hyper-converged virtualization platform for running virtual machines. It can be used as an additional infrastructure or an alternative to VMware vSphere and Microsoft Hyper-V. For more information, you can read this VMware vs Nutanix comparison. You can migrate VMware virtual machines (VMs) from ESXi hosts and clusters to a Nutanix cluster. Read this VMware to Nutanix migration guide to learn how to configure the migration properly.

Teleport provides a secure and scalable solution for managing namespace separation in Kubernetes clusters, streamlining compliance, and enabling financial institutions to maintain both resiliency and agility. Kubernetes has rapidly evolved from a tech buzzword to an indispensable backbone of modern infrastructure in the financial services industry — redefining how institutions scale, secure, and deliver their most critical applications.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Ouch! Now this is an incredible revelation and I ‘doff my hat to them: Using the word ‘hallucinations’ is so funny, yeah, I’ve seen some really weird things AI comes up with that I question what has the machine been taking.

Recently, Sysdig published a blog post about the ways businesses can harden their LLM-based AI applications using the OWASP Top 10 for Large Language Models. So why are we writing about MITRE ATLAS, and how is this any different from the OWASP Top 10 for LLMs?