The Hacker News

Which Code Vulnerabilities Actually Get Fixed? New Code Security Data from 50,000+ Repos

Authentication Failures (A07) show the largest gap in the dataset: a 48-percentage-point difference between leaders and the field. Leaders fix at nearly 60%, while the field sits at roughly 12%.
PC Magazine

Anthropic Rolls Out Autonomous Vulnerability-Hunting AI Tool for Claude Code

Anthropic Rolls Out Autonomous Vulnerability-Hunting AI Tool for Claude Code The new tool, now testing as part of Claude Code, can scan codebases for security vulnerabilities and suggest targeted ...

Update now! Chrome security vulnerability is being attacked

Google has released an update for Chrome. It patches 21 security vulnerabilities. Attacks are targeting a code smuggling ...
InfoWorld

GitHub rolls out AI-powered fixes for code vulnerabilities

Copilot Autofix, a new addition to the GitHub Advanced Security service, analyzes vulnerabilities in code and offers code suggestions to help developers fix them. GitHub has unveiled Copilot Autofix, ...
CSOonline

Telnet vulnerability opens door to remote code execution as root

A critical Telnet vulnerability with a CVSS rating of 9.8 enables attackers to take full control of affected systems before authentication even kicks in, security researchers at Dream Security have ...
Dark Reading

Flaws in Claude Code Put Developers' Machines at Risk

Three critical security vulnerabilities in Anthropic’s AI-powered coding tool, Claude Code, exposed developers to full machine takeover and credential theft simply by opening a project repository.
Android

OpenAI’s Codex Security: An AI Agent That Hunts Down Vulnerabilities

OpenAI has launched Codex Security, an AI-powered vulnerability scanner, in research preview for ChatGPT Pro, Enterprise, and Edu users. Formerly known as Aardvark, the tool aims to reduce false ...