Cybernews

Malicious campaign targeting vulnerable OpenWebUI servers: technical analysis

During an investigation into exposed OpenWebUI servers, the Cybernews research team identified a malicious campaign targeting ...

Waratek Redefines Secure Development with Launch of Waratek IAST at JavaOne 2026

AI-assisted code speeds development, but introduces vulnerabilities at an alarming rate. Waratek IAST reports flaws ...
InfoQ

Java 26 Delivers Language Innovation, Library Improvements, Performance and Security

Oracle has released version 26 of the Java programming language and virtual machine. As the first non-LTS release since JDK ...

Pervaziv AI Launches Cortex 3.0 in Chrome, Edge and Firefox – World’s First Cross-Browser/IDE AI Coding & Security Agent

Cortex 3.0 delivers AI-powered code generation, vulnerability scanning, Enterprise AI & DevSecOps integrations, ...

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

This app is quietly reformulating America’s food supply

Food scanning app Yuka is empowering consumers to demand that processed food brands make their products healthier.
CNET

I Tried a Scan-to-Cook Meal Delivery Service. I'm Completely Obsessed

This unique meal delivery service takes the guesswork out of preparing your supply of premade meals. Here's what I thought of ...

Betterleaks, a new open-source secrets scanner to replace Gitleaks

A new open-source tool called Betterleaks can scan directories, files, and git repositories and identify valid secrets using ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...

Cracking the code: How a 'prediction machine' is resurrecting the Singapore Stone

Several years ago, my linguistic research team and I began developing a computational tool we call "Read-y Grammarian." Our ...

AI is getting scary good at finding hidden software bugs - even in decades-old code

Researchers have found that LLM-driven bug finding is not a drop-in replacement for mature static analysis pipelines. Studies ...
GitHub

garak, LLM vulnerability scanner

garak checks if an LLM can be made to fail in a way we don't want. garak probes for hallucination, data leakage, prompt injection, misinformation, toxicity generation, jailbreaks, and many other ...