Wired

Security News This Week: Hackers Are Posting the Claude Code Leak With Bonus Malware

A WIRED investigation based on Department of Homeland Security records this week revealed the identities of paramilitary Border Patrol agents who frequently used force against civilians during ...
Bleeping Computer

VS Code zero-day lets hackers steal GitHub tokens in one click

A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authentication tokens by tricking users into clicking a ...
Bleeping Computer

Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used JavaScript implementation of Google's Protocol Buffers. The tool is highly ...
Infosecurity-magazine.com

Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code

Vibe coding tools like Anthropic's Claude Code are flooding software with new vulnerabilities, Georgia Tech researchers have warned. At least 35 new common vulnerabilities and exposures (CVE) entries ...
csis.org

AI-Driven Code Analysis: What Claude Code Security Can—and Can’t—Do

Q1: How does Claude Code Security function—and how does it differ from traditional static application security testing (SAST)? A1: Conventional rule-based static analysis uses pattern matching, ...
CSOonline

AI is reshaping DevSecOps to bring security closer to the code

Accelerated use of AI in software development is rapidly altering the scope, skills, and strategies involved in securing code as it is created. Artificial intelligence tools are revamping DevSecOps ...
Forbes

Vibe Coding Has A Massive Security Problem

Vibe coding, where AI generates code from plain language, is rapidly adopted but creates significant security risks. Studies reveal thousands of high-impact vulnerabilities and exposed secrets in live ...