AI slop got better, so now maintainers have more work
… Even if the reports are better, the issues being identified aren't necessarily security flaws that can be exploited and need to be corrected. …
Search
AI agents found vulns in this Linux and Unix print server
… It's also a favorite target for security researchers because a making printers do bad things is fun, and b as the default printing system for Apple device operating systems and most Linux distributions, any CUPS security flaw has a wide blast radius. …
Using AI to code does not mean your code is more secure
… That's a different risk profile." ® devops development ai software security
Anthropic's Project Glasswing CVE count is still guesswork
… He also suggested that Anthropic "create a dedicated security advisory page where security advisories and vulnerability disclosures were published in a consistent way, to provide a way for consumers to understand the question: what vulnerabilities have been discovered by the Anthropic research team…
Snoops plant info-stealing malware on iPhones, Google warns
… From here, the attackers target the XNU kernel through selector 1 in the AppleM2ScalerCSCDriver driver. …
Cryptographer fights RustSec ban over bug reports
… But let's just focus on two, which are the really, really crazy ones that really need to have RustSec publish security advisories because they involve libraries that are being used by Signal, OpenMLS, Google, SSH, Linux kernel, all sorts of places. …