This ensures that all agent activity adheres to the company’s specific commercial licenses, internal security policies, ...

Researchers warn Agentjacking can abuse Sentry errors to make AI coding agents run malicious code on developer machines.

The latest flare-up in the debate over AI-assisted coding did not come from a new model release or a benchmark result. It came from a single ...

The controversy over vibe coding reached a new high this week after a developer added hidden instructions to his open source Java testing app to sabotage projects performed by AI coding agents. The ...

Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ongoing attacks exploiting a high-severity code injection vulnerability.

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java Spring ecosystem. Maintainers of Thymeleaf, a widely used template engine for ...

AI is proving better than expected at finding old, obscure bugs. Unfortunately, AI is also good at finding bugs for hackers to exploit. In short, AI still isn't ready to replace programmers or ...

Enterprise software maker SAP on Tuesday announced the release of 17 new security notes as part of its January 2026 Security Patch Day. Four of the notes address critical-severity vulnerabilities. The ...

Apache Commons Text is used for processing character strings in Java apps. A critical vulnerability allows the injection of malicious code. In the “Apache Commons Text” library, developers have ...

EasyDI is a small dependency injection (DI) library for java projects. It's designed for small projects that don't need a full-blown DI-framework. To be as easy as possible EasyDI has fewer features ...