SecurityWeek

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments

Anthropic’s Claude Code Security Review, Google’s Gemini CLI Action, and GitHub Copilot Agent hacked via prompt injection ...

Git identity spoof fools Claude into giving bad code the nod

Security boffins say Anthropic's Claude can be tricked into approving malicious code with just two Git commands by spoofing a ...

Endor Labs Launches Agentic Code Security Benchmark, Finds Top-Performing AI Coding Agents Pass Tests But Still Fail Security

Endor Labs, today announced the launch of the agentic code security benchmark, extending the existing SusVibes framework from leading academic researchers to evaluate how securely AI coding agents ...
SecurityWeek

Splunk Enterprise Update Patches Code Execution Vulnerability

Splunk has released patches that resolve high- and medium-severity vulnerabilities in Splunk Enterprise and MCP Server.

AI Coding Is Exploding And Application Security Is Accelerating With It

AI coding will accelerate innovation across every industry. That acceleration doesn't diminish application security; ...

Gitar, a startup that uses agents to secure code, emerges from stealth with $9 million

The company uses AI to review code that, more often than not these days, has also been generated by AI.

Gimp: Unpatched vulnerability allows code injection with GIFs

Security vulnerabilities in Gimp allow code injection with manipulated files like GIFs. There is no update yet.
InfoWorld

The two-pass compiler is back – this time, it’s fixing AI code generation

The compiler analyzed it, optimized it, and emitted precisely the machine instructions you expected. Same input, same output.

Hacken’s Q1 2026 Report Shows Where Web3 Security is Still Lacking

Hacken’s Q1 2026 security report puts Web3 losses at $482.6 million, with phishing and social engineering driving most of the ...

Capsule Security Exits Stealth With $7M to Stop AI Agents From Going Rogue at Runtime

Runtime visibility and real-time control stop malicious actions and tool abuse across agent platforms without proxies, ...

Secure Container Software Strengthens Cloud Native Security

Businesses are moving to modern application development and using secure container software solutions. These tools protect ...

OpenAI rotates macOS certs after Axios attack hit code-signing workflow

OpenAI is rotating potentially exposed macOS code-signing certificates after a GitHub Actions workflow executed a malicious ...