LLM security advice looks solid until you check the hard cases
Plenty of people now type their security worries straight into a chatbot. A hacked account, a suspicious email, a stalker who might be tracking a phone, all of it lands in the …
Best practices for AI in open-source work
Free and open source software developers us AI coding assistants such as Claude Code, Copilot CLI, Antigravity, and OpenCode in their daily work. The Software Freedom …
Most teams will ship AI-written infrastructure code with little review
AI-assisted development has settled into everyday practice across software organizations, and developers using it move from idea to working code in hours. That code does not …
Hundreds of AI-powered iOS apps found exposing credentials
Mobile app developers are packing AI features into everything from writing assistants to productivity tools and lifestyle apps. New research shows that securing access to …
Most agentic AI projects in production have stalled over data problems
Enterprises are connecting AI agents to live data feeds and putting them to work on tasks that once required human review, from IT operations to software development. The …
Low-skilled attacker used Claude, Codex to breach 14 companies
Researchers have long warned that AI agents could lower the skill floor for offensive cyber operations, and a recent report by OALABS (Open Analysis) researchers bears that …
The SOC’s visibility gap comes down to staffing
AI has settled into security operations centers faster than any earlier wave of technology. Around four in five practitioners report reaching for AI or machine learning tools …
Open-source CI/CD abuse detector guards against stolen credential attacks
CI/CD Abuse Detector is an open-source project that uses a large language model to flag suspicious changes to continuous integration and continuous deployment pipelines, …
A hardware neural network backdoor that hides in plain sight
Deep learning systems on phones, cars, and other edge devices increasingly run on custom silicon. Specialized chips such as FPGAs and ASICs give these systems the speed and …
Senior engineers are spending their week cleaning up AI-generated code
At most U.S. technology companies, machines now write the bulk of the code that ships each week. The engineer’s job has shifted toward reviewing what the AI produces, …
LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271)
A command injection vulnerability (CVE-2026-42271) in BerryAI’s LiteLLM open-source AI gateway is being exploited by attackers, the US Cybersecurity and Infrastructure …
Treating AI agents like service accounts for federated query security
In this interview with Help Net Security, Paras Malhotra, CISO at Starburst, explains how the company handles data governance across federated query environments. Topics …
Featured news
Resources
Don't miss
- The uptime questions every engineering leader should ask this week
- LLM security advice looks solid until you check the hard cases
- Scoring AI hackers when there is no answer key
- Law enforcement hits StealC and Amadey malware networks
- Cisco Unified CM flaw actively exploited to drop webshells (CVE-2026-20230)