AI slop got better, so now maintainers have more work
…Much of the notional productivity gain from AI may just be AI tool users moving the cost of code review off the books. ® open source ai and ml ai software security
Search
Fake applicants are sending security-killing malware
…tools and hand the attackers a foothold on the machine. "An HR professional receives what appears to be a perfectly normal resume," said Aditya K Sood, VP of Security Engineering and AI…
Anthropic, Google, Microsoft paid AI bug bounties – quietly
…This is Anthropic's GitHub Action that uses Claude to analyze code changes and pull requests for vulnerabilities and other security issues. "It uses the AI agent to find vulnerabilities in the…
Linux 7.0 debuts as Linus Torvalds ponders AI's impact
…GKH also last week made a pull request that delivered what he described as “some documentation updates to the security-bugs.rst file to hopefully tell the AI tools (and any users…
Rogue AI agents can work together to hack systems
…In all the scenarios tested, the agents "demonstrated emergent offensive cyber behavior," including independently discovering and exploiting vulnerabilities, escalating privileges to disarm security products, and bypassing leak-prevention tools to exfiltrate secrets…
The agentic AI boom is here; operations will decide who wins
…the agentic AI trade-off Enterprises face a two-sided challenge as they scale agentic AI. AI developers get bogged down by disconnected tools, siloed data, and inconsistent secure access to LLMs…
How JumpCloud unifies IT management to tame shadow AI
…That makes a strong identity and access management (IAM) foundation vital. "Having an effective security management environment in place is necessary if you want to be ready for AI, agentic AI, and…
Security boffins harvest bumper crop of API keys from web
…Using AI to code does not mean your code is more secure The researchers also found repository credentials for a developer responsible for firmware used by various manufacturers of drones and remote…
AI agent hacked McKinsey chatbot for read-write access
Security AI vs AI: Agent hacked McKinsey's chatbot and gained full read-write access in just two hours David and Goliath…but with AI agents Researchers at red-team security startup…
Next.js developer Vercel warns customer creds compromised
…environments and environment variables that were not marked as “sensitive.” Context.ai has also published a security bulletin that reveals a March incident that saw it identify and stop a security incident…