CSO Online

The new paradigm for raising up secure software engineers

The new challenge for CISOs in the age of AI developers is securing code. But what does developer security awareness even ...

Why LLMs are plateauing – and what that means for software security

Despite rapid generation of functional code, LLMs are introducing critical, compounding security flaws, posing serious risks for developers.

CISA flags critical Microsoft SCCM flaw as exploited in attacks

CISA ordered federal agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager ...

These 4 critical AI vulnerabilities are being exploited faster than defenders can respond

These 4 critical AI vulnerabilities are being exploited faster than defenders can respond ...
Security Info Watch

Why Web Forms Are Becoming Financial Services’ Most Expensive Blind Spot

Why an overlooked data entry point is creating outsized cyber risk and compliance exposure for financial institutions.
The Hacker News

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively exploited.

Google says hackers are abusing Gemini AI for all attacks stages

Google Threat Intelligence Group (GTIG) has published a new report warning about AI model extraction/distillation attacks, in ...
SecurityWeek

Zast.AI Raises $6 Million for AI-Powered Code Security

Zast.AI has raised $6 million in funding to secure code through AI agents that identify and validate software vulnerabilities ...

Anthropic published the prompt injection failure rates that enterprise security teams have been asking every vendor for

Anthropic's Opus 4.6 system card breaks out prompt injection attack success rates by surface, attempt count, and safeguard ...

The Cost of AI Slop in Lines of Code

In the quest to get as much training data as possible, there was little effort available to vet the data to ensure that it was good.