Update now! Chrome security vulnerability is being attacked

Google has released an update for Chrome. It patches 21 security vulnerabilities. Attacks are targeting a code smuggling ...
The Hacker News

Which Code Vulnerabilities Actually Get Fixed? New Code Security Data from 50,000+ Repos

Authentication Failures (A07) show the largest gap in the dataset: a 48-percentage-point difference between leaders and the field. Leaders fix at nearly 60%, while the field sits at roughly 12%.
InfoWorld

GitHub rolls out AI-powered fixes for code vulnerabilities

Copilot Autofix, a new addition to the GitHub Advanced Security service, analyzes vulnerabilities in code and offers code suggestions to help developers fix them. GitHub has unveiled Copilot Autofix, ...
InfoWorld

Open source code libraries suffer from vulnerabilities

A recent study found that more than a third of 1,261 open source libraries had a known vulnerability and about a quarter of the downloads were tainted A study of how 31 popular open source code ...

Oracle Identity Manager: Out-of-band update against code smuggling vulnerability

Oracle has released an emergency update for Identity Manager and Web Services Manager to close a code smuggling vulnerability ...
CSOonline

Gen AI is transforming vulnerability hunting for pen-testers and attackers alike

Large language models (LLMs) are proving to be valuable tools for discovering zero-days, bypassing detection, and writing exploit code, thereby lowering the barrier to entry for penetration testers — ...