Tag
36 articles
Microsoft warns of a critical zero-day vulnerability in Windows Defender that could allow attackers to fill hard disks, sparking a dispute with researcher NightmareEclipse.
Learn to implement a security monitoring framework that protects open-source code from AI-powered attacks, similar to IBM and Red Hat's Lightwell technology.
Learn how symbolic links can be used to trick AI coding assistants into executing malicious code, demonstrating a critical security vulnerability affecting tools like Amazon Q and Cursor.
Security researchers have found a vulnerability in GitHub’s AI coding agent that allows it to leak private repository contents through a polite issue request. The flaw, named GitLost, has no code fix and has not been documented by GitHub.
Discover how AI-powered tools are revolutionizing cybersecurity by automatically detecting security vulnerabilities at an unprecedented scale.
Learn to build a vulnerability scanner tool that identifies security issues in open-source code, similar to OpenAI's GPT-5.5-Cyber model and 'Patch the Planet' initiative.
This article explains how AI is being used to identify and patch open-source software vulnerabilities, addressing critical security challenges in modern software ecosystems.
Learn how a security flaw in a popular WordPress plugin allowed hackers to steal API keys from 100,000 websites by sending a simple request.
Security researchers have uncovered a critical vulnerability in Microsoft 365 Copilot Enterprise Search that could have allowed attackers to exfiltrate sensitive data with a single click.
AISLE, founded by former Avast CEO Ondrej Vlcek, has launched Snapshot, an AI-powered vulnerability scanner that operates entirely within air-gapped networks, ensuring no data leaves the organization's control.
A high-severity vulnerability in the Linux kernel, caused by a single errant character, can be exploited to evade sandbox defenses and gain elevated system privileges.
This article explains how USB Power Delivery vulnerabilities can allow malicious devices to compromise computers without user interaction, demonstrating the security risks of hardware-level protocols.