The Hacker News

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively exploited.

CISA flags critical Microsoft SCCM flaw as exploited in attacks

CISA ordered federal agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager ...

Claude Code vs ChatGPT Codex: Which AI coding agent is actually better?

I tested Claude Code vs. ChatGPT Codex in a real-world bug hunt and creative CLI build — here’s which AI coding agent thinks like a developer and which one ships safer code.

The Cost of AI Slop in Lines of Code

In the quest to get as much training data as possible, there was little effort available to vet the data to ensure that it was good.
CSO Online

The new paradigm for raising up secure software engineers

The new challenge for CISOs in the age of AI developers is securing code. But what does developer security awareness even ...

These 4 critical AI vulnerabilities are being exploited faster than defenders can respond

These 4 critical AI vulnerabilities are being exploited faster than defenders can respond ...
SecurityWeek

Zast.AI Raises $6 Million for AI-Powered Code Security

Zast.AI has raised $6 million in funding to secure code through AI agents that identify and validate software vulnerabilities ...

Google says hackers are abusing Gemini AI for all attacks stages

Google Threat Intelligence Group (GTIG) has published a new report warning about AI model extraction/distillation attacks, in ...
Stacker on MSN

The problem with OpenClaw, the new AI personal assistant

Oso reports on OpenClaw, an AI assistant that automates tasks but raises security concerns due to its access to sensitive data and external influences.
Opinion

Opinion: Moltbook’s 'vibe-coded' breach is the future of security failures

Earlier this month, the now viral social network Moltbook exposed 1.5 million API authentication tokens and 35,000 email addresses within days of launch. The cause: a single misconfigured database ...