Critical Copilot vulnerability allowed hackers to steal 2FA code from users

Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the ...

Chainguard's new Athena coalition uses AI to fix open-source flaws - before attackers exploit them

Chainguard will use AI to protect open-source code. Athena pools open-source users, developers, and maintainers. Others are ...

Devs know AI code is riddled with holes, but ship it anyway

Research by AppSec biz Checkmarx finds that 70 percent of developers believe AI-generated code has more vulnerabilities, and ...
SDxCentral

Broadcom injects security updates into Spring, Java ecosystems

Broadcom rolled out security updates to the Spring and Java ecosystems tied to helping organizations navigate a surge in ...

Broadcom Expands Its Investment in Spring and Java Ecosystem Security to Prepare Customers for AI-Enabled Threats

PALO ALTO, Calif., June 08, 2026 (GLOBE NEWSWIRE) -- Today, Broadcom Inc. (NASDAQ: AVGO), a global technology leader that designs, develops, and supplies semiconductor and infrastructure software ...
IEEE

Finetuning Large Language Models for Vulnerability Detection

Abstract: This paper presents the results of finetuning large language models (LLMs) for the task of detecting vulnerabilities in Java source code. We leverage WizardCoder, a recent improvement of the ...

A Java library just tried to trick AI coding agents into deleting your tests, and it almost worked

The latest flare-up in the debate over AI-assisted coding did not come from a new model release or a benchmark result. It came from a single ...
InfoQ

Anthropic Introduces Routines for Claude Code Automation

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Birgitta Böckeler, Distinguished Engineer at ...

TIOBE Index for May 2026: R Ascends as Statistical Tools Consolidate

May 2026 TIOBE Index keeps Python #1 as Java edges past C++. R climbs to #8, and Paul Jansen says statistical tools are consolidating around Python and R.
Bleeping Computer

Weaver E-cology critical bug exploited in attacks since March

Hackers have been exploiting a critical vulnerability (CVE-2026-22679) in the Weaver E-cology office automation since mid-March to run discovery commands. The attacks started five days after the ...