BLOG

We’re proud to share that Cycode has been named a Leader in the Gartner® Magic Quadrant™ for Software Supply Chain Security (SSCS), 2026…

In March 2025, the tj-actions/changed-files attack hit a popular action used by more than 23,000 repositories and, within 24 hours, turned affected builds into a dump of their own secrets, printed straight into the workflow logs…

Between January and February 2026, security researchers filed more than 30 CVEs against Model Context Protocol servers, clients, and infrastructure…

Security teams now deal with more alerts, faster attacks, and a larger attack surface to manage, which is difficult for analysts to handle…

Security teams now deal with more alerts, faster attacks, and a larger attack surface to manage, which is difficult for analysts to handle…

Modern applications are built more than they’re written, with open source and third-party packages now constituting the majority of most codebases…

The second installment of our Cycode Maestro data series, with more conversations, more tenants, and a clearer picture of how agentic security actually gets used in the wild…

When video assistant referee (VAR) was introduced at the 2018 World Cup, it gave officials the chance to do something they had only ever dreamed of: call a near-perfect game…

When video assistant referee (VAR) was introduced at the 2018 World Cup, it gave officials the chance to do something they had only ever dreamed of: call a near-perfect game…

A few weeks ago I wrote about why AI models getting dramatically better at finding vulnerabilities actually makes life harder for application security teams, not easier…