AI Code Tools Widely Hallucinate Packages

Blog

Byadmblake April 14, 2025

The hallucination problem is not just pervasive, it is persistent as well, according to new research.

Blog

Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk

Meta has warned that a security vulnerability impacting the FreeType open-source font rendering library may have been exploited in the wild. The vulnerability has been assigned the CVE identifier CVE-2025-27363, and carries a CVSS score of 8.1, indicating high severity. Described as an out-of-bounds write flaw, it could be exploited to achieve remote code execution…

Read More Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk
Blog

ZAST.AI Raises $6M Pre-A to Scale “Zero False Positive” AI-Powered Code Security

January 5, 2026, Seattle, USA — ZAST.AI announced the completion of a $6 million Pre-A funding round. This investment came from the well-known investment firm Hillhouse Capital, bringing ZAST.AI’s total funding close to $10 million. This marks a recognition from leading capital markets of a new solution: ending the era of high false positive rates…

Read More ZAST.AI Raises $6M Pre-A to Scale “Zero False Positive” AI-Powered Code Security
Blog

North Korea’s Kimsuky Taps Trusted Platforms to Attack South Korea

The campaign heavily uses Dropbox folders and PowerShell scripts to evade detection and quickly scrapped infrastructure components after researchers began poking around.

Read More North Korea’s Kimsuky Taps Trusted Platforms to Attack South Korea
Blog

Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft

Cybersecurity researchers are calling attention to a new type of credential phishing scheme that ensures that the stolen information is associated with valid online accounts. The technique has been codenamed precision-validating phishing by Cofense, which it said employs real-time email validation so that only a select set of high-value targets are served the fake login…

Read More Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft
Blog

From Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation

Fortra on Thursday revealed the results of its investigation into CVE-2025-10035, a critical security flaw in GoAnywhere Managed File Transfer (MFT) that’s assessed to have come under active exploitation since at least September 11, 2025. The company said it began its investigation on September 11 following a “potential vulnerability” reported by a customer, uncovering “potentially…

Read More From Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation
Blog

Traditional Data Loss Prevention Solutions Are Not Working for Most Organizations

Post Content

Read More Traditional Data Loss Prevention Solutions Are Not Working for Most Organizations

Related