Devs know AI code is riddled with holes, but ship it anyway

Research by AppSec biz Checkmarx finds that 70 percent of developers believe AI-generated code has more vulnerabilities, and ...
SDxCentral

Broadcom injects security updates into Spring, Java ecosystems

Broadcom rolled out security updates to the Spring and Java ecosystems tied to helping organizations navigate a surge in ...

Microsoft’s open source tools were hacked to steal passwords of AI developers

According to security firm Cloudsmith and community-driven malware analysis site OpenSourceMalware, which were some of the ...

Broadcom Expands Its Investment in Spring and Java Ecosystem Security to Prepare Customers for AI-Enabled Threats

PALO ALTO, Calif., June 08, 2026 (GLOBE NEWSWIRE) -- Today, Broadcom Inc. (NASDAQ: AVGO), a global technology leader that designs, develops, and supplies semiconductor and infrastructure software ...

OpenAI and Anthropic's next lock-in play: Databases of coding intent

Samuel Colvin, CEO of Pydantic, sees the top AI frontier labs creating databases of coding intent.
CSO Online

Claude Code has an MCP security problem — and your developers are already using it

The Mitiga disclosure is the most recent, but it is not the first time Claude Code’s configuration model has created a ...

A Java library just tried to trick AI coding agents into deleting your tests, and it almost worked

The latest flare-up in the debate over AI-assisted coding did not come from a new model release or a benchmark result. It came from a single ...
Wired

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

A so-called software supply chain attack, in which hackers corrupt a legitimate piece of software to hide their own malicious code, was once a relatively rare event but one that haunted the ...

TIOBE Index for May 2026: Top 10 Most Popular Programming Languages

Python stays far ahead after another dip; C holds second, Java retakes third from C++, and R rises to eighth as SQL slips, ...
Dark Reading

Trellix Source Code Breach Highlights Growing Supply Chain Threats

Cybersecurity vendor Trellix published a terse statement last Friday, disclosing that a threat actor recently gained unauthorized access to "a portion of our source code repository." Trellix did not ...
Bleeping Computer

Trellix discloses data breach after source code repository hack

Cybersecurity firm Trellix disclosed a data breach after attackers gained access to "a portion" of its source code repository. Trellix is a global cybersecurity company formed from the October 2021 ...