InfoQ Homepage Application Security Content on InfoQ
-
GitHub Rolls out Post-Quantum SSH Security to Protect Code from Future Threats
GitHub has deployed a hybrid post-quantum key-exchange algorithm for SSH access, strengthening protection against future quantum decryption threats. The rollout, now live across most regions, pairs classical and quantum-resistant methods to counter “store now, decrypt later” attacks and marks a major step toward quantum-safe software development.
-
Layered Defences are Key to Combating AI-Driven Cyber Threats, CNCF Report Finds
The Cloud Native Computing Foundation has published an analysis of modern cybersecurity practices, finding that attacks using Artificial Intelligence are now a significant threat. The report highlights the criticality for organisations to adopt multi-layered defense strategies as artificial intelligence transforms both the threat landscape and the protective measures available to businesses.
-
Google Cloud KMS Launches Post-Quantum KEM Support to Combat "Harvest Now, Decrypt Later" Threat
Google Cloud's Key Management Service now supports post-quantum Key Encapsulation Mechanisms (KEMs), addressing future threats from quantum computing. This update empowers organizations to prepare against "Harvest Now, Decrypt Later" attacks while ensuring long-term data confidentiality.
-
NPM Ecosystem Suffers Two AI-Enabled Credential Stealing Supply Chain Attacks
The Node Package Manager (npm) ecosystem has suffered from two major supply chain attacks in recent months, affecting hundreds of packages and exposing developers to credential theft and data exfiltration. The attack vector of these incidents shows an AI-enabled evolution of how open-source software dependencies can be compromised.
-
AWS Introduces EC2 Instance Attestation
AWS has introduced EC2 instance attestation, a new security feature that enables customers to verify that their virtual machines are running approved software configurations in a cryptographically secure manner. The capability is powered by the Nitro Trusted Platform Module (NitroTPM) and Attestable AMIs.
-
Pixnapping: Side-Channel Vulnerability Allows Android Apps to Capture Sensitive Screen Data
A newly discovered class of attacks targets Android devices, allowing malicious apps to steal on-screen information from other apps using a technique known as pixel stealing. Dubbed Pixnapping, the attack leverages previously known side-channel vulnerabilities and affects virtually all apps, including Signal, Google Authenticator, Venmo, and many others.
-
HashiCorp Warns Traditional Secret Scanning Tools are Falling behind
HashiCorp has issued a warning that traditional secret scanning tools are failing to keep up with the realities of modern software development. In a new blog post, the company argues that post-commit detection and brittle pattern matching leave dangerous gaps in coverage.
-
Cursor 1.7 Adds Hooks for Agent Lifecycle Control
Cursor has introduced a Hooks system in version 1.7 that allows developers to intercept and modify agent behavior at defined lifecycle events. Hooks can be used to block shell commands, run formatters after edits, or observe agent actions in real time.
-
Linux Security Tools Bypassed by io_uring Rootkit Technique, ARMO Research Reveals
Security researchers at ARMO have uncovered a significant vulnerability in Linux runtime security tools that stems from the io_uring interface, an asynchronous I/O mechanism that can completely bypass traditional system call monitoring. The research demonstrates how attackers can exploit this blind spot to operate undetected by most existing security solutions.
-
Agentic AI Expands into SecOps to Ease Human Workloads
Agentic AI is beginning to reshape malware detection and broader security operations. These systems are being used not to replace humans, but to take on the lower value jobs that have historically tied up analysts — from triaging alerts to reverse-engineering suspicious files.
-
Supply Chain Security: Provenance Tools Becoming Standard in Developer Platforms
Software provenance is gaining new importance as organizations look for ways to secure their supply chains against tampering and comply with emerging standards like SLSA.
-
“A Security Nightmare”: Docker Warns of Risks in MCP Toolchains
A new blog post from Docker warns that AI-powered developer tools built on the Model Context Protocol (MCP) are introducing critical security vulnerabilities — including real-world cases of credential leaks, unauthorized file access, and remote code execution.
-
Kubernetes Introduces Post-Quantum Support for TLS
A recent Kubernetes enhancement aims to pave the way to future-proofing cluster security against quantum computing threats. In a blog post, the Kubernetes community highlighted support for post-quantum cryptography (PQC) via a hybrid key exchange mechanism integrated with the Kubernetes Key Management Service (KMS) plugin system.
-
Uber Unveils Multi-Cloud Secrets Management Platform to Secure 150,000+ Credentials
Uber has revealed details of its internally developed Multi-Cloud Secrets Management Platform, designed to address the security challenges of managing over 150,000 secrets across its massive distributed infrastructure. The platform represents a significant evolution in how large-scale technology companies approach credential security in multi-cloud environments.
-
Guardian's Secure Messaging: Open Source Messaging Uses Millions of App Users as Traffic Cover
The Guardian has recently released Secure Messaging, a highly secure and user-friendly tool designed to protect journalistic sources by concealing the very fact that messaging is occurring. The open source project achieves strong plausible deniability by generating bait traffic through the routine activity of existing users of The Guardian's mobile app.