Monday recap. Same mess, new week. A sketchy dev tool got people pwned, old bugs came back from the dead, and security products somehow needed protecting from themselves. A bunch of companies spent ...

Developers are discovering that Model Context Protocol shines at providing AI coding agents with highly relevant software engineering context, on demand, at run time.

ソフトウェアの脆弱(ぜいじゃく)性を探す作業はこれまで、専門知識を持つセキュリティ研究者がコードを読み、問題が本当に悪用可能かどうかを検証するという時間のかかる作業でした。しかし、Anthropicが開発した高性能AI「Claude Mythos Preview」は、脆弱性の発見だけでなく実際に悪用できるかどうかの検証まで高い精度で行えるとされています。Claude Mythos Previewの ...

North Korea-linked hackers have upgraded the InvisibleFerret malware to bypass script-based security tools, converting its Python code into compiled modules that are harder for defenders to inspect ...

Anthropicは、未公開AIモデル「Claude Mythos Preview」を活用するサイバーセキュリティプロジェクト「Project ...

The Open Source Security Foundation (OpenSSF), a cross-industry initiative of the Linux Foundation focused on sustainably ...

Kiro, Spec Kit, Tessl, and Zenflow offer a more systematic and structured approach to developing with AI agents than vibe ...

Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering ...