Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Best Kubernetes Dependency Scanners in 2026: 7 Tools Compared

What is a Kubernetes dependency scanner? A Kubernetes dependency scanner finds known vulnerabilities in software packages your containers depend on—operating system packages, open-source libraries, and anything pulled in by package managers like npm, pip, or apt. It compares dependencies against vulnerability databases of known CVEs.
Featured Post

It's Good to Talk: Dialogue and Community are Essential to Global Cybersecurity

The recent World Economic Forum meeting focused on "A Spirit of Dialogue". The conference themes emphasized the role of communication and connection in overcoming challenges and driving prosperity in the years ahead.

14 ways to lose Azure DevOps data

Table of contents: hide Azure Devops is a popular CI/CD platform utilized by software development teams. The core use includes source code hosting, CI/CD, project management, test managements and dependency management. Given the extensive capabilities of Azure DevOps, the attack vector for cyber criminals is also bigger – putting more pressure on securing sensitive data. With the growth of sophisticated cyber attacks – cyber security must also be re-evaluated and properly addressed.

Inside the Threat Landscape: Biannual Cybersecurity Briefing Webinar

Staying ahead of cyber threats has never been more critical, and WatchGuard is here to help you do just that. Join cybersecurity experts Corey Nachreiner (CSO) and Marc Laliberte (Director of Security Operations) on February 19, 2026 for the Inside the Threat Landscape: Biannual Cybersecurity Briefing, a must-attend, live webinar designed to equip you with the latest threat insights and defensive strategies straight from the WatchGuard Threat Lab.

CVE-2025-11953 - Metro4Shell RCE in React Native Metro Server

A critical unauthenticated remote code execution (RCE) vulnerability has been identified in the React Native Metro development server, with nearly 3,500 exposed instances currently reachable on the public internet. Tracked as CVE-2025-11953, also known as Metro4Shell, this flaw affects the Metro server used during React Native application build and testing workflows.

Agentic SOC in Practice Where Human Analysts Still Matter Most

Security operations centers (SOCs) are changing rapidly. Automation is playing a key role in how SOCs make decisions and proceed with investigations. This change has raised an important question: ‘If systems start acting on their own, why would human analysts be used?’ Agentic SOC is not going to remove people from security operations. It is about changing the way work is done and where analysts can apply their judgment.

New Malware Kit Promises Guaranteed Publication in the Chrome Web Store

A new malware-as-a-service (MaaS) kit called “Stanley” is offering users guaranteed publication in the Chrome Web Store, bypassing Google’s security verification process, according to researchers at Varonis. “For $2,000 to $6,000, Stanley provides a turnkey website-spoofing operation disguised as a Chrome extension, with its premium tier promising guaranteed publication on the Chrome Web Store,” Varonis says.

Clawing For Scraps: Risks of OpenClaw AKA ClawdBot

The world of AI is still advancing rapidly, but so are the threats. Wherever you get your news, Clawdbot, or is it Moltbot, or is it now called OpenClaw(?) is everywhere lately. You can’t avoid talk of this AI personal assistant. It’s actually now called OpenClaw after some naming drama, and at the time of writing has 166k followers on GitHub. The repository also has an alarming number of forks, issues, and pull requests.

Mobile Payment Security in PCI DSS 4.0.1: In-App Purchase Protection vs Web Checkout

Nearly 70% of online purchases now happen on mobile, yet PCI scoping decisions are still often made as if mobile is just a smaller browser. It is not. A native in-app payment flow and a mobile web checkout trigger materially different obligations under PCI DSS 4.0.1. In one case, risk concentrates inside the application runtime through SDKs, platform storage, and release controls.