Anthropic and OpenAI just exposed SAST's structural blind spot with free tools

Can free AI scanners replace enterprise SAST? Anthropic and OpenAI found 500-plus zero-days pattern-matching tools missed — and both scanners are free.
VentureBeat

Anthropic's Claude Code Security is available now after finding 500+ vulnerabilities: how security leaders should respond

Anthropic pointed its most advanced AI model, Claude Opus 4.6, at production open-source codebases and found a plethora of security holes: more than 500 high-severity vulnerabilities that had survived ...
Bleeping Computer

What 5 Million Apps Revealed About Secrets in JavaScript

Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now. Intruder’s research team built a new secrets detection method and scanned 5 ...
Forbes

Why AI-Accelerated Development Challenges Traditional Security Testing

A CTO at a fintech company recently told me something that's been keeping him up at night: "We used to ship a major release every quarter. Now we're deploying multiple times per day. But we're still ...
InfoQ

LinkedIn Leverages GitHub Actions, CodeQL, and Semgrep for Code Scanning

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Cory Benfield discusses the evolution of ...
Bleeping Computer

Hackers exploit security testing apps to breach Fortune 500 firms

Threat actors are exploiting misconfigured web applications used for security training and internal penetration testing, such as DVWA, OWASP Juice Shop, Hackazon, and bWAPP, to gain access to cloud ...
Managingip.com

Testing the limits: experiment shows AI falls short in drafting patent applications

The author took a case from her portfolio where the application had already been submitted with the patent office, thus there are no privacy issues. The application is in the mechanical field and ...
SiliconANGLE

Aikido Security raises $60M Series B at $1B valuation to unify application security

Belgian cybersecurity company Aikido Security NV today announced that it had raised $60 million in new funding at a $1 billion valuation to further enhance its unified platform for code, cloud and ...
CSOonline

For application security: SCA, SAST, DAST and MAST. What next?

If you think SAST and SCA are enough, you’re already behind. The future of app security is posture, provenance and proof, not alerts. I have stared at enough scanner dashboards to recognize the ...
Infosecurity-magazine.com

Palo Alto Networks Introduces New Vibe Coding Security Governance Framework

The generalization of vibe coding has already led to major security incidents, according to Palo Alto Networks. This emerging practice, which consists of writing code and developing applications via ...
Forbes

Why Static Data Security, Traditional DSPM Kills Your AI Strategy

For years, the cybersecurity market relied on tools built for a world where data mostly sat still—neatly stored in databases and scanned intermittently like a photograph capturing a moment in time.