Privacy professionalsfromCSO Online3 weeks agoHacker inserts destructive code in Amazon Q as update goes liveMalicious actors exploit AI tools due to insufficient security measures, leading to serious vulnerabilities in software supply chains.
Privacy technologiesfromTheregister1 month agoStopping the rot when good software goes bad means new rulesModern software tools, unlike their historical counterparts, can act maliciously against users' intentions.
fromThe Hacker News1 month agoPrivacy technologiesMalicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension
fromThe Hacker News1 month agoSoftware developmentNew Flaw in IDEs Like Visual Studio Code Lets Malicious Extensions Bypass Verified Status
fromTechzine Global4 months agoArtificial intelligenceHackers abuse AI code assistants with hidden instructions
fromThe Hacker News1 month agoPrivacy technologiesMalicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension
fromThe Hacker News1 month agoSoftware developmentNew Flaw in IDEs Like Visual Studio Code Lets Malicious Extensions Bypass Verified Status
Artificial intelligencefromTechzine Global4 months agoHackers abuse AI code assistants with hidden instructionsResearchers uncover a new attack method that manipulates AI systems using configuration files, leading to undetected malicious code.
fromWIRED3 months agoAI Code Hallucinations Increase the Risk of 'Package Confusion' AttacksOnce the attacker publishes a package under the hallucinated name, containing some malicious code, they rely on the model suggesting that name to unsuspecting developers.Artificial intelligence
DevOpsfromInfoQ4 months agoCompromised GitHub Action Highlights Risks in CI/CD Supply ChainsA popular GitHub Action was compromised, exposing critical security weaknesses in the CI/CD pipeline of open-source Actions.
