Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
IEEE

Finetuning Large Language Models for Vulnerability Detection

Abstract: This paper presents the results of finetuning large language models (LLMs) for the task of detecting vulnerabilities in Java source code. We leverage WizardCoder, a recent improvement of the ...

Cracking the code: How a 'prediction machine' is resurrecting the Singapore Stone

Several years ago, my linguistic research team and I began developing a computational tool we call "Read-y Grammarian." Our ...

A.I. Writes Buggy Code. A Silicon Valley Start-Up Wants to Fix It.

Valued at $1.6 billion, a tiny start-up called Axiom is building A.I. systems that can check for mistakes. Axiom Math’s founder and chief executive, Carina Hong, right, and the chief technology ...
CoinDesk

Crypto code commits fall 75% as developers move to AI projects

Developers are shifting toward artificial intelligence infrastructure as blockchain ecosystems lose contributors across major networks, from Ethereum to Solana.

Inside OpenAI’s Race to Catch Up to Claude Code

Anthropic, a smaller rival started by OpenAI defectors, has found runaway success with its programming agent, Claude Code.

Dark Sky Technology Announces Air-Gapped SBOM Generation for Mixed-Code Development Environments with Bulletproof Trust™

New capability delivers compliant, rich, analysis-ready SBOMs from a single folder-based workflow—even for mixed and ...

AI can rewrite open source code—but can it rewrite the license, too?

Computer engineers and programmers have long relied on reverse engineering as a way to copy the functionality of a computer ...

AI is getting scary good at finding hidden software bugs - even in decades-old code

Researchers have found that LLM-driven bug finding is not a drop-in replacement for mature static analysis pipelines. Studies comparing AI coding agents to human developers show that while AI can be ...