The Hacker News

Which Code Vulnerabilities Actually Get Fixed? New Code Security Data from 50,000+ Repos

Most application security (AppSec) teams know their OWASP Top 10, the industry-standard list of the most critical software security risks. Fewer know which of those categories their organization ...
Infosecurity Magazine

Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code

Security researchers from Georgia Tech have observed a surge in reported CVEs for which the flaw was introduced by ...
InfoWorld

GitHub rolls out AI-powered fixes for code vulnerabilities

Copilot Autofix, a new addition to the GitHub Advanced Security service, analyzes vulnerabilities in code and offers code suggestions to help developers fix them. GitHub has unveiled Copilot Autofix, ...

Oracle Identity Manager: Out-of-band update against code smuggling vulnerability

Oracle has released an emergency update for Identity Manager and Web Services Manager to close a code smuggling vulnerability ...
InfoWorld

Open source code libraries suffer from vulnerabilities

A recent study found that more than a third of 1,261 open source libraries had a known vulnerability and about a quarter of the downloads were tainted A study of how 31 popular open source code ...
SecurityWeek

Russian APT Exploits Zimbra Vulnerability Against Ukraine

Russia-linked APT28 has exploited a high-severity XSS vulnerability in Zimbra in attacks against Ukrainian entities.