How the Internet Broke Everyone’s Bullshit Detectors

From AI-generated images to restricted satellite data, the systems used to verify what’s real online are struggling to keep ...

Mythos autonomously exploited vulnerabilities that survived 27 years of human review. Security teams need a new detection playbook

Claude Mythos autonomously found zero-days in OpenBSD, FFmpeg, FreeBSD and major browsers that survived decades of expert ...

Anthropic’s New Powerful Mythos Model Has Cybersecurity Experts Worried

Anthropic says it is testing a powerful new AI model that can spot serious weaknesses in software, and releasing it as part ...
Nature

Concurrency Bug Detection in Multithreaded Programs

Concurrency bug detection is a critical area in the development of multithreaded programmes, where errors arising from simultaneous thread execution can lead to unpredictable and often catastrophic ...
The Hacker News

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

Cybersecurity researchers have disclosed details of a now-patched bug impacting Open VSX's pre-publish scanning pipeline to cause the tool to allow a malicious Microsoft Visual Studio Code (VS Code) ...
theregister

Using AI to code does not mean your code is more secure

As more people use AI tools to write code, the tools themselves are introducing more vulnerabilities. Researchers affiliated with Georgia Tech SSLab have been tracking CVEs attributable to flaws in AI ...
theregister

AI bug reports went from junk to legit overnight, says Linux kernel czar

Interview I was at a press luncheon at KubeCon Europe this week when, to my surprise, who should sit down next to me but long-term Linux kernel maintainer Greg Kroah-Hartman. Greg, who lives in the ...
Bleeping Computer

GitHub adds AI-powered bug detection to expand security coverage

GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static analysis and cover more languages and frameworks. The developer ...
Bleeping Computer

AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code

The AppsFlyer Web SDK was temporarily hijacked this week with malicious code used to steal cryptocurrency in a supply-chain attack. The payload can intercept cryptocurrency wallet addresses entered on ...