TechRepublic

Hacker Exposes Amazon Q Security Flaws Using Covert Code

Generative AI virtual assistant Amazon Q was unveiled by AWS CEO Adam Selipsky in 2023. Image: AWS A hacker recently injected code into Amazon Q in order to warn users of the platform’s potential ...
Business Wire

AI-Generated Code Poses Major Security Risks in Nearly Half of All Development Tasks, Veracode Research Reveals

BURLINGTON, Mass.--(BUSINESS WIRE)--Veracode, a global leader in application risk management, today unveiled its 2025 GenAI Code Security Report, revealing critical security flaws in AI-generated code ...
TechCrunch

Symbiotic Security helps developers find bugs as they code

Symbiotic Security, which is announcing a $3 million seed round today, watches over developers as they code and points out potential security issues in real time. Other companies do this, but ...
SiliconANGLE

Sonar expands SonarQube with advanced security for third-party open-source code

Code quality testing startup SonarSource SA today announced the upcoming release of SonarQube Advanced Security, a new offering that will extend the company’s analysis capabilities beyond first-party ...
Forbes

How AI-Generated Code Is Unleashing A Tsunami Of Security Risks

Expertise from Forbes Councils members, operated under license. Opinions expressed are those of the author. Let’s back up for a second: Are there advantages to using AI to write code? Certainly. We ...
Infosecurity-magazine.com

Popular LLMs Found to Produce Vulnerable Code by Default

Some of the world’s most popular large language models (LLMs) are producing insecure code by default, according to a new analysis by Backslash Security. The findings demonstrate the security risks ...
Bleeping Computer

Amazon AI coding agent hacked to inject data wiping commands

A hacker planted data wiping code in a version of Amazon's generative AI-powered assistant, the Q Developer Extension for Visual Studio Code. Amazon Q is a free extension that uses generative AI to ...
csis.org

AI-Driven Code Analysis: What Claude Code Security Can—and Can’t—Do

Q1: How does Claude Code Security function—and how does it differ from traditional static application security testing (SAST)? A1: Conventional rule-based static analysis uses pattern matching, ...
CRN

5 Things To Know On Anthropic’s Claude Code Security

The AI platform said Friday it’s adding vulnerability scanning capabilities into its web-based Claude Code tool in a move to compete with application security vendors. Anthropic announced Friday it is ...
Dark Reading

How to Vibe Code With Security in Mind

A tool can be used well or poorly, but much of the time it is neither inherently good nor bad. Take vibe coding, the act of using natural language to instruct an LLM to generate code. Applied poorly, ...
Dark Reading

LLMs' AI-Generated Code Remains Wildly Insecure

The code generated by large language models (LLMs) has improved some over time — with more modern LLMs producing code that has a greater chance of compiling — but at the same time, it's stagnating in ...