Developer Tech

AI discovers bugs faster than teams can respond

AI bug discovery is speeding up how software vulnerabilities are found, and in some cases turning them into working exploits ...
GovInfoSecurity

Grafana AI Bug Leaks Data With Zero-Click Exploit

A Grafana AI flaw enables zero-click data exfiltration by hiding malicious prompts in URLs, said a Noma Security report.
Nature

Concurrency Bug Detection in Multithreaded Programs

Concurrency bug detection is a critical area in the development of multithreaded programmes, where errors arising from simultaneous thread execution can lead to unpredictable and often catastrophic ...
The Hacker News

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

Cybersecurity researchers have disclosed details of a now-patched bug impacting Open VSX's pre-publish scanning pipeline to cause the tool to allow a malicious Microsoft Visual Studio Code (VS Code) ...
MacRumors

Claude Code Users Report Rapid Rate Limit Drain, Suspect Bug [Update]

Claude Code users have been flooding GitHub and Reddit over the last few days with complaints that their usage limits are being exhausted at a suspiciously fast rate, with many reporting that sessions ...
Bleeping Computer

PTC warns of imminent threat from critical Windchill, FlexPLM RCE bug

PTC Inc. is warning of a critical vulnerability in Windchill and FlexPLM, widely used product lifecycle management (PLM) solutions, that could allow remote code execution. The security issue, ...
WMUR

Consumer Reports tests portable carbon monoxide detectors to help protect travelers

INEXPENSIVE DEVICE COULD SAVE YOUR LIFE. SO MY PARENTS WERE ON VACATION IN A HOTEL WHEN THEY WERE FOUND DEAD IN THEIR HOTEL ROOM. CHRIS HUGHES CHILD’S PARENTS DIED FROM A CARBON MONOXIDE LEAK AT A ...
Bleeping Computer

AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code

The AppsFlyer Web SDK was temporarily hijacked this week with malicious code used to steal cryptocurrency in a supply-chain attack. The payload can intercept cryptocurrency wallet addresses entered on ...
Ars Technica

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
ZDNet

This new Claude Code Review tool uses AI agents to check your pull requests for bugs - here's how

Anthropic launches AI agents to review developer pull requests. Internal tests tripled meaningful code review feedback. Automated reviews may catch critical bugs humans miss. Anthropic today announced ...
TechCrunch

Anthropic launches code review tool to check flood of AI-generated code

When it comes to coding, peer feedback is crucial for catching bugs early, maintaining consistency across a codebase, and improving overall software quality. The rise of “vibe coding” — using AI tools ...
The Verge

Anthropic’s latest Claude Code update is designed to find bugs for you.

The multi-agent tool, called Code Review, should catch “bugs human reviewers often miss,” Anthropic said. Agents run in parallel and deliver a high-level overview, plus in-line comments for individual ...