Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...
CSO Online

Flaws in four popular VS Code extensions left 128 million installs open to attack

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.
Business Wire

AI-Generated Code Poses Major Security Risks in Nearly Half of All Development Tasks, Veracode Research Reveals

BURLINGTON, Mass.--(BUSINESS WIRE)--Veracode, a global leader in application risk management, today unveiled its 2025 GenAI Code Security Report, revealing critical security flaws in AI-generated code ...
Que.com on MSN

OpenAI’s new coding model boosts productivity, raises cybersecurity threats

OpenAI’s latest coding-focused AI model is being positioned as a major leap forward for software development teams—promising faster prototyping, cleaner ...
Forbes

How AI-Generated Code Is Unleashing A Tsunami Of Security Risks

Expertise from Forbes Councils members, operated under license. Opinions expressed are those of the author. Let’s back up for a second: Are there advantages to using AI to write code? Certainly. We ...
SiliconANGLE

Sonar expands SonarQube with advanced security for third-party open-source code

Code quality testing startup SonarSource SA today announced the upcoming release of SonarQube Advanced Security, a new offering that will extend the company’s analysis capabilities beyond first-party ...
Hosted on MSN

AI-written code now behind 20% of security breaches

Recent analysis indicates a growing concern in cybersecurity: one in five security breaches is now attributed to AI-written code. This marks a significant shift in the landscape of digital threats.
SiliconANGLE

Wiz launches new code security tool to strengthen cloud-native development

Cloud security firm Wiz Inc. today announced the launch of Wiz Code, a new product designed to secure every stage of the product lifecycle. Based on technology from Raftt, a cybersecurity firm ...
TechCrunch

Symbiotic Security helps developers find bugs as they code

Symbiotic Security, which is announcing a $3 million seed round today, watches over developers as they code and points out potential security issues in real time. Other companies do this, but ...
Bleeping Computer

Cybersecurity firm's Chrome extension hijacked to steal users' data

At least five Chrome extensions were compromised in a coordinated attack where a threat actor injected code that steals sensitive information from users. One attack was disclosed by Cyberhaven, a data ...
Business Wire

Nokod Security mentioned in the 2025 Gartner® Research on Governing Low-Code/No-Code Applications

NEW YORK & TEL AVIV--(BUSINESS WIRE)--Nokod Security, the security company for no-code development, today announced that its main dashboard is mentioned via a photo as an Example of a Third-Party ...