AI Now’s Friendly Fire PoC shows Claude Code and Codex running README-planted payloads on hosts when autonomous command ...
IBM and Red Hat have launched Lightwell to automate vulnerability remediation across enterprise open-source software ...
A PNG hiding a prompt injection could steal your repo's secrets, researchers demonstrate. The technique, dubbed 'Ghostcommit, ...
A coding LLM doesn't care whether you code, just whether your input has rules ...
CData Software today launched three products for developers building AI applications on enterprise data: Connect AI Developer Edition (free), the CData Connect AI Python SDK (open source), and CData ...
JadePuffer, a ransomware operation, used an AI agent to carry out much of the intrusion chain from reconnaissance, key theft, ...
VS Code 1.127 enhances agent session management, introduces per-site browser permissions, and makes browser tools for agents ...
The Meta-Harness Omnigent combines AI agents like Claude Code and Codex under a common policy and collaboration layer – under an Apache 2.0 license.
AI coding assistants can speed up bounded tasks, but research shows security and review risks rise in complex codebases.
Varonis reported the flaw to Google in late 2025 and it has been addressed, but it reminds defenders to take a look at their ...
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.