Dark Reading

Microsoft VS Code Undermined in Asian Spy Attack

A Chinese state-aligned espionage group has become the first documented threat actor to weaponize a known exploit in VS Code in a malicious attack. Visual Studio Code, or VS Code, is Microsoft's free ...
Nature

Threats to scientific software from over-reliance on AI code assistants

The adoption of generative artificial intelligence (AI) code assistants in scientific software development is promising, but user studies across an array of programming contexts suggest that ...
War on the Rocks

Your Defense Code Is Already AI-Generated. Now What?

Somewhere in a defense ministry, someone is drafting a policy on whether to permit AI-assisted software development in defense procurement. The sentiment is understandable, but the policy is ...
Bleeping Computer

Hackers exploit critical bug in Array Networks SSL VPN products

America's cyber defense agency has received evidence of hackers actively exploiting a remote code execution vulnerability in SSL VPN products Array Networks AG and vxAG ArrayOS. The security issue is ...
CSOonline

Patched Apache ActiveMQ bug abused to drop Godzilla web shells

The attack methods being used to abuse the bug can successfully circumvent security measures, evading detection by security endpoints during scanning. A patched critical remote code execution (RCE) ...