Skip to main content

Tag: software vulnerability

8 articles

Software development workspace with laptop, notes, and diagrams on a wall or board.

Anthropic's Vulnerability Tool Yields Mixed Results

Anthropic's Project Glasswing, launched in April, aimed to empower companies to detect and fix software vulnerabilities using its innovative Mythos model, but the results have been mixed. The initiative has generated significant buzz, with many outlets picking up Anthropic's messaging, but the actual impact remains to be seen.

Analyst 207
Laptop screen displays code editor with blurred background of software development facility.

AI Agent Exposes 21 Zero-Days in Widely Used FFmpeg Library

In a single, remarkable run, an AI-powered security agent uncovered 21 zero-day vulnerabilities in the widely-used FFmpeg library, a feat that cost just $1,000 and showcases the incredible potential of autonomous security testing. The agent scanned 1.5 million lines of code to produce these groundbreaking findings.

Analyst 207
General Atomics drone parked on a runway with industrial facilities in the background.

General Atomics Resumes Drone Flights After Software Fix

General Atomics has safely resumed drone flights after swiftly addressing a software glitch that caused a crash in April, and implementing a fix to prevent future mishaps. The issue, which stemmed from an autopilot miscalculation, was quickly pinpointed and rectified, allowing testing to resume.

Analyst 207
Cluttered developer workstation with laptop and monitor in bright office setting.

GitHub Hit by Internal Repo Breach via Malicious VS Code Extension

GitHub's internal repositories were breached after a malicious Visual Studio Code extension was used to launch the attack, but thankfully, customer data appears to be safe. The incident has left users wondering what else may have been compromised.

Analyst 207
Software development workstation with code editor and blurred tools, hinting at supply chain logistics in background.

SAP npm Packages Compromised in Supply-Chain Attack

Security researchers have uncovered a supply-chain attack that compromised four official SAP npm packages, allowing attackers to extract sensitive secrets from CI runner memory. The affected packages, which support SAP's Cloud Applications, have been deprecated on NPM and users are urged to update to secure versions.

Analyst 207
System administrator standing behind a computer terminal with a blurred login screen in a server room.

cPanel Discloses Authentication Flaw, Urges Immediate Server Updates

cPanel has uncovered a critical authentication flaw that could let hackers gain unauthorized access to your control panel, and is urging immediate server updates to protect against this threat. Check if your version is vulnerable and update to a patched build right away.

Analyst 207
Cluttered desk with laptop displaying code, papers, and coffee cups, in a blurred office background.

Anthropic's AI Model Exposes New Vulnerability Risks

Anthropic's new AI model, Claude Mythos Preview, has sent shockwaves through the internet security community by autonomously discovering and exploiting software vulnerabilities that even thousands of expert developers missed. This powerful tool is being cautiously released to a select few, leaving many to wonder about the implications of its capabilities.

Analyst 207
Lone figure in shadows holds cracked smartphone, near eerie glowing laptop, against ominous cityscape backdrop.

Protobuf library flaw enables remote JavaScript code execution

A critical flaw in the popular protobuf.js library has been exposed, allowing hackers to execute JavaScript code remotely - and a proof-of-concept exploit has already been published, putting countless systems at risk.

Analyst 207