AI Code Tools Widely Hallucinate Packages
The hallucination problem is not just pervasive, it is persistent as well, according to new research.
The hallucination problem is not just pervasive, it is persistent as well, according to new research.
Related
OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps
A high-severity security flaw has been disclosed in the One Identity OneLogin Identity and Access Management (IAM) solution that, if successfully exploited, could expose sensitive OpenID Connect (OIDC) application client secrets under certain circumstances. The vulnerability, tracked as CVE-2025-59363, has been assigned a CVSS score of 7.7 out of 10.0. It has been described as…
China-Backed Salt Typhoon Hacks US National Guard for Nearly a Year
Between March and December of last year, infamous Chinese state-sponsored APT Salt Typhoon gained access to sensitive US National Guard data.
County Pays $600K to Wrongfully Jailed Pen Testers
Iowa police arrested two penetration testers in 2019 for doing their jobs, highlighting the risk to security professionals in red teaming exercises.
Akira RaaS Targets Nutanix VMs, Threatens Critical Orgs
The Akira ransomware group has been experimenting with new tools, bugs, and attack surfaces, with demonstrated success in significant sectors.
Risk ‘Comparable’ to SolarWinds Incident Lurks in Popular Software Update Tool
Some of the world’s biggest technology companies use a program liable to introduce malware into their software. The potential consequences are staggering, but there’s an easy fix.
‘K2 Think’ AI Model Jailbroken Mere Hours After Release
Researchers discovered that measures designed to make AI more transparent to users and regulators can also make it easier for bad actors to abuse.