Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

10 trillion downloads are crushing open-source repositories - here's what they're doing about it

Companies are treating these repositories like content delivery networks - now the Linux Foundation and colleagues are saying ...

This $1.4 Billion Startup’s AI Writes Code For Weeks At A Time

Backed by $200 million in fresh funding, Blitzy has convinced companies to hand off software development to AI that can build ...

Anthropic's new Claude Security tool scans your codebase for flaws - and helps you decide what to fix first

It uses Opus 4.7 to scan, validate, and generate patches, helping fix dangerous flaws before they can be exploited.