New app counts bug splats on your car 新应用程序统计被车撞扁的飞虫数量 Episode 210802 / 02 Aug 2021 Counting squashed bugs with an app!

The OWASP-backed tool scans JavaScript and TypeScript lockfiles locally, aiming to help developers catch and remediate dependency risks before CI failures.

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary code on the host system. The security issue is tracked as CVE-2026-26956 and ...

Output rose sharply: Faros found that higher AI adoption was associated with a 34% increase in task completion per developer and a 66% increase in epics completed per developer. Quality and review ...

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used JavaScript implementation of Google's Protocol Buffers. The tool is highly ...

The Internet Bug Bounty program has paused new submissions, citing a massive expansion in vulnerability discovery by AI code scanners. Established in 2012 and backed by leading software companies, the ...

Claude Code users have been flooding GitHub and Reddit over the last few days with complaints that their usage limits are being exhausted at a suspiciously fast rate, with many reporting that sessions ...

AI is proving better than expected at finding old, obscure bugs. Unfortunately, AI is also good at finding bugs for hackers to exploit. In short, AI still isn't ready to replace programmers or ...

Anthropic launches AI agents to review developer pull requests. Internal tests tripled meaningful code review feedback. Automated reviews may catch critical bugs humans miss. Anthropic today announced ...

The multi-agent tool, called Code Review, should catch “bugs human reviewers often miss,” Anthropic said. Agents run in parallel and deliver a high-level overview, plus in-line comments for individual ...