In a conversation with Dark Reading’s Terry Sweeney, Black Duck CEO Jason Schmitt explains how AI is reshaping application security and why it must evolve to keep pace.
Derzeit läuft eine Angriffswelle auf Geräte mit älteren iOS-Versionen. Apple äußerte sich im Zusammenhang damit zur Wirksamkeit einer Sicherheitsfunktion.
A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the Discussions section of various projects, to trick users into downloading m
Zu den gesammelten Daten gehören Codeschnipsel und Kontext, den Entwickler in Github Copilot verarbeiten. Die Funktion ist automatisch aktiv. (KI, Microsoft)
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a critical code-injection vulnerability in Langflow. Tracked as CVE-2026-33017, this severe security flaw
In February 2026, threat actors actively exploited two critical remote code execution (RCE) vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM). A recent incident response investigation by WithSe
NVIDIA has recently published its March 2026 security bulletins, addressing a wave of newly discovered vulnerabilities across its hardware and software ecosystems. The technology giant has urged organ
A critical security flaw has been identified in the IDrive Cloud Backup Client for Windows, exposing users to local privilege escalation attacks. Tracked as CVE-2026-1995, this vulnerability allows au
TeamPCP is the likely cyber threat actor behind attacks on Trivy, Checkmarx’s KICS and VS Code plug-ins, and the LiteLLM AI library — and all signs point to more attacks to come.
Anthropic macht dieser Tage Schlagzeilen. Unter anderem hat der Launch von „Claude Code Security“ die Cybersecurity-Welt in Aufruhr versetzt. Das ambitionierte Ziel des Tool ist es, KI-generierten Code ein für alle Mal sicher zu machen. Da hat man den Mund allerdings ganz schön voll genommen.