docs: add VPN Central, Nivel4, and Toni Barth coverage to press page

website/docs/press.md

@@ -195,6 +195,30 @@ Coverage positioning CVE Lite CLI as defensive tool innovation at a moment when
 
 ---
 
+### VPN Central
+
+**[OWASP CVE Lite CLI Brings Local Vulnerability Scanning to JavaScript Projects](https://vpncentral.com/owasp-cve-lite-cli-brings-local-vulnerability-scanning-to-javascript-projects/)**
+
+*Yash — VPN Central, June 2026*
+
+> "CVE Lite CLI helps developers understand which vulnerabilities are direct, which are transitive, which can be fixed locally — and gives them the exact command to do it."
+
+A dedicated feature covering CVE Lite CLI's OWASP Incubator Project status, local lockfile scanning approach, and how it differs from CI-based tools by putting security feedback at the developer's terminal before code is pushed.
+
+---
+
+### Nivel4 Labs
+
+**[Nueva herramienta de OWASP permite detectar y corregir dependencias vulnerables en entornos de desarrollo](https://blog.nivel4.com/ciberseguridad/nueva-herramienta-de-owasp-permite-detectar-y-corregir-dependencias-vulnerables-en-entornos-de-desarrollo)**
+
+*patricionivel4 — Nivel4 Labs (Spanish), June 2026*
+
+> "Analiza tus proyectos en segundos y te dice exactamente qué paquetes contienen una vulnerabilidad. Pero no solo identifica problemas — te dice cómo solucionarlos." — Sonu Kapoor
+
+A dedicated Spanish-language feature on Nivel4's cybersecurity blog covering CVE Lite CLI's OWASP recognition, local scanning approach, direct vs transitive classification, auto-fix mode, and HTML report generation. Includes a direct quote from the project author. Nivel4 Labs is a Spanish-language cybersecurity publication covering threats, vulnerabilities, and developer security.
+
+---
+
 ## Practitioner Reviews
 
 Hands-on evaluations by working security engineers and developers testing CVE Lite CLI against real projects.
@@ -261,6 +285,18 @@ A roundup of six open-source security tools shaping the developer security space
 
 ---
 
+### Toni Barth — Quality Engineering Blog
+
+**[Shift Left, Further: OWASP CVE Lite CLI](http://tonibarth.bplaced.net/cve-lite-shift-left-security.html)**
+
+*Toni Barth, Senior Quality Engineer, June 2026*
+
+> "CVE Lite CLI puts the first security evaluation directly after the implementation step — not after the merge, not after the deployment, but right there in your local workflow."
+
+A hands-on practitioner review from a Senior Quality Engineer who ran CVE Lite CLI against a real Next.js project. Barth frames the tool through a QA lens — as a shift-left mechanism that moves the first security check to immediately after implementation, turning dependency security from a CI gate into a local habit. Includes real scan output and a step-by-step walkthrough of the remediation workflow.
+
+---
+
 ### Development Curated
 
 **[Review of CVE Lite CLI](https://developmentcurated.com/testing-and-security/review-of-cve-lite-cli/)**