CVE-2026-20896 lets reachable Gitea Docker containers trust spoofed X-WEBAUTH-USER headers when reverse proxy auth is enabled ...
Threat actors are exploiting a vulnerability in Gitea’s reverse-proxy authentication mechanism to access internet-accessible instances by supplying only a valid username.
Explore the latest news and expert commentary on Application Security, brought to you by the editors of Dark Reading ...
Software supply chain security was hard enough. Then AI joined the build pipeline. For five years, "software supply chain security" meant one question: what's in your code? Which open-source packages, ...
Anthropic accuses Alibaba of using 25,000 fake accounts to scrape Claude AI The alleged campaign generated 28.8 million queries in a large-scale model-extraction effort to replicate AI capabilities.