code

  • Blog
    digitpatrox20 hours ago
    14

    HPE investigates breach as hacker claims to steal source code

    Hewlett Packard Enterprise (HPE) is investigating claims of a new breach after a threat actor said they stole documents from the company’s developer environments. The company has told BleepingComputer that it hasn’t found any evidence of a security breach, but it is investigating the threat actor’s claims. “HPE became aware on January 16 of claims being made by a group…

    Read More »
  • Blog
    digitpatrox24 hours ago
    13

    AI-generated code risks: What CISOs need to know

    AI tools such as GitHub Copilot, Gemini Code Assist, and Claude can be used for powerful programming assistance – but security leaders are concerned about the risks they pose. Security leaders in the US, UK, Germany, and France are worried that the use of AI-generated code within their organization could lead to a security incident, according to recent research. With…

    Read More »
  • Blog
    digitpatrox4 days ago
    19

    AI helped Google engineers cut code migration times in half

    Google has significantly cut code migration times internally through the use of AI tools, a paper has revealed. Citing a growing interest in more bespoke large language model (LLM) uses, the paper’s authors explained that the purpose of the report was to share Google’s experience using AI in code migration. While it’s not a research paper in that the authors…

    Read More »
  • Blog
    digitpatrox2 weeks ago
    31

    New macOS malware uses Apple’s own code to quietly steal credentials and personal data — how to stay safe

    While Apple’s Macs aren’t targeted by hackers as often as Windows PCs, they’re far from impenetrable. Security researchers at Check Point Research recently pushed out an alert warning 100 million Apple users that a new variant of the infamous Banshee malware has been detected, capable of stealing browser credentials, cryptocurrency wallets, and other personal data. Check Point first uncovered the…

    Read More »
  • Blog
    digitpatrox2 weeks ago
    73

    AI coding tools aren’t the solution to the unfolding ‘developer crisis’ – teams think they can boost productivity and delivery times, but end up bogged down by manual remediation and unsafe code

    Despite its efficiency benefits, AI code generation and similar solutions may not be the panacea to the ongoing ‘developer crisis’, new research warns. AI code generation tools may have helped increase velocity, but deployment errors mean devs are becoming increasingly bogged down in manual tasks remediating the systems’ various failings. A new report from Harness interviewed 500 engineering leaders and…

    Read More »
  • Blog
    digitpatrox4 weeks ago
    49

    Apache fixes remote code execution bypass in Tomcat web server

    Apache has released a security update to address an important vulnerability in Tomcat web server that could lead to an attacker achieving remote code execution. Apache Tomcat is an open-source web server and servlet container widely used to deploy and run Java-based web applications. It provides a runtime environment for Java Servlets, JavaServer Pages (JSP), and Java WebSocket technologies. The product…

    Read More »
  • Blog
    digitpatrox4 weeks ago
    52

    Adobe warns of critical ColdFusion bug with PoC exploit code

    Adobe has released out-of-band security updates to address a critical ColdFusion vulnerability with proof-of-concept (PoC) exploit code. In an advisory released on Monday, the company says the flaw (tracked as CVE-2024-53961) is caused by a path traversal weakness that impacts Adobe ColdFusion versions 2023 and 2021 and can enable attackers to read arbitrary files on vulnerable servers. “Adobe is aware that CVE-2024-53961…

    Read More »
  • Blog
    digitpatroxDecember 21, 2024
    57

    Sophos discloses critical Firewall remote code execution flaw

    Sophos has addressed three vulnerabilities in its Sophos Firewall product that could allow remote unauthenticated threat actors to perform SQL injection, remote code execution, and gain privileged SSH access to devices. The vulnerabilities affect Sophos Firewall version 21.0 GA (21.0.0) and older, with the company already releasing hotfixes that are installed by default and permanent fixes through new firmware updates. The…

    Read More »
  • Blog
    digitpatroxDecember 16, 2024
    56

    Code Faster and Better for Just $28

    TL;DR: Turbocharge your programming, particularly your collaborations, with Microsoft Visual Studio Professional 2022 for Windows — it’s on sale for just $27.97 through December 22. Time is money, so boosting your productivity can have a significant impact on your bottom line, such as when you can collaborate on programming seamlessly and efficiently across platforms with your teams. That is exactly…

    Read More »
  • Blog
    digitpatroxNovember 30, 2024
    176

    Supply chain scares and Google’s AI code

    November has come to a close, and the depths of winter are just around the corner. But that doesn’t mean events in tech are slowing down at all – nor that attackers are taking an early Christmas break. In the past month, we’ve seen a slew of cyber incidents, ranging from high-profile exploits of Microsoft vulnerabilities to a ransomware attack…

    Read More »
Load More
Back to top button
close