A flood of useful security reports
The idea of using large language models (LLMs) to discover security problems is not new. Googl [...]
Introducing Project Glasswing: Giving Maintainers Advanced AI to Secure the World's Code
linuxfoundation.orgOpen source maintainers have often lacked the resources and tools of larger organizations. Project Glasswing changes that with AI.
AI Slop & the Vulnerability Treadmill
It has not been a relaxing few months for software security teams. In December, React disclosed its first critical CVE: an unauthenticated remote code execution flaw in Server Components. In March, not only was Aqua Security’s Trivy, a widely-used security scanning tool, compromised twice in three weeks through a GitHub Actions misconfiguration, but hackers also
Claude Mythos Finds Zero-Days—But Rust Quietly Shuts The Door
Writing memory-safe code beats patching your way to safety