#vulnerability-detection
#vulnerability-detection

Information security

Microsoft is using Mythos to detect vulnerabilities

'Mythos-Ready' Security: CSA Urges CISOs to Prepare for Accelerated AI Threats

Mythos from Anthropic poses a significant threat by accelerating the timeline between vulnerability detection and exploitation in cybersecurity.

fromFast Company

Anthropic's 'Mythos' AI proves that obsessing over AGI is folly

AI advancements are leading to models that excel in coding and vulnerability detection, raising concerns about security implications.

fromTheregister

4 days ago

Mythos sniffs out your bugs, can't fix your bloody idiots

Mythos is a powerful tool for automating vulnerability detection, but its effectiveness is limited to known vulnerabilities.

Microsoft is using Mythos to detect vulnerabilities

Microsoft integrates AI into cybersecurity to enhance vulnerability detection and prevention during software development.

'Mythos-Ready' Security: CSA Urges CISOs to Prepare for Accelerated AI Threats

Mythos from Anthropic poses a significant threat by accelerating the timeline between vulnerability detection and exploitation in cybersecurity.

fromFast Company

Anthropic's 'Mythos' AI proves that obsessing over AGI is folly

AI advancements are leading to models that excel in coding and vulnerability detection, raising concerns about security implications.

more#ai

fromDevOps.com

6 days ago

Microsoft Turns to Anthropic's Mythos to Improve Cyber Defense

Microsoft integrates Anthropic's AI models into its Security Development Lifecycle to enhance code analysis and vulnerability detection.

fromTheregister

More ancient Linux device support facing the ax

Speeding up the removal of old code is an effective tactic for managing vulnerabilities in software.

fromZero Day Initiative

Zero Day Initiative - CVE-2026-33824: Remote Code Execution in Windows IKEv2

Detection of attacks exploiting this vulnerability requires monitoring specific UDP ports and correlating IKE packets in sequence.

fromSecuritymagazine

Operationally Ineffective: Putting CVEs in a Chokehold with Privilege Disruption

A Common Vulnerability Exposure (CVE) that cannot reach the privilege plane is operationally ineffective - even at a CVSS Score of 10. This should be a core philosophy that is embedded into the fabric of software engineering.

Information security

Software development

fromInfoWorld

Microsoft taps Anthropic's Mythos to strengthen secure software development

Mythos can enhance the security of Microsoft products, benefiting enterprises without direct access.

1Password sees AI as both threat and tool

AI presents both risks and opportunities for password management, requiring firms to balance security with the potential for careless app development.

8 months ago

Privacy technologies

Google's AI Big Sleep discovers twenty new security vulnerabilities in open source

AI-powered vulnerability detector Big Sleep identified twenty new vulnerabilities in open-source software, leveraging collaboration between Google DeepMind and Project Zero.

fromFast Company

1Password sees AI as both threat and tool

AI presents both risks and opportunities for password management, requiring firms to balance security with the potential for careless app development.

8 months ago

Privacy technologies

Google's AI Big Sleep discovers twenty new security vulnerabilities in open source

Mozilla Used Anthropic's Mythos to Find and Fix 151 Bugs in Firefox

Mozilla's Firefox 150 includes protections for 271 vulnerabilities identified using AI tools, highlighting the significant impact of AI on cybersecurity.

Mozilla Used Anthropic's Mythos to Find and Fix 151 Bugs in Firefox

Mozilla's Firefox 150 includes protections for 271 vulnerabilities identified using AI tools, highlighting the significant impact of AI on cybersecurity.

Mozilla Used Anthropic's Mythos to Find and Fix 151 Bugs in Firefox

Mozilla's Firefox 150 includes protections for 271 vulnerabilities identified using AI tools, highlighting the significant impact of AI on cybersecurity.

Mozilla Used Anthropic's Mythos to Find and Fix 151 Bugs in Firefox

Mozilla's Firefox 150 includes protections for 271 vulnerabilities identified using AI tools, highlighting the significant impact of AI on cybersecurity.

more#ai-in-cybersecurity

#ai-security

Information security

Dutch government warns against controversial Anthropic Mythos model

fromAxios

Information security

Anthropic withholds Mythos Preview model because it's hacking is too powerful

Information security

Harness secures AI code and AI apps with two new modules

fromZDNET

AI is getting scary good at finding hidden software bugs - even in decades-old code

AI models can effectively identify decades-old bugs in legacy code, but this capability also enables hackers to exploit vulnerabilities in deployed systems.

fromThe Hacker News

Information security

OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues

Information security

Claude can now scan for complex vulnerabilities, but who will find them?

Dutch government warns against controversial Anthropic Mythos model

Anthropic's Mythos AI model detects vulnerabilities and builds attack chains, achieving a 72.4% exploit success rate, while access is limited to defensive use.

fromAxios

Anthropic withholds Mythos Preview model because it's hacking is too powerful

Mythos Preview can autonomously find and exploit vulnerabilities at an unprecedented level, surpassing previous models significantly.

Harness secures AI code and AI apps with two new modules

Harness launches AI Security and Secure AI Coding modules to detect, test, and protect AI components throughout the application lifecycle while scanning AI-generated code for vulnerabilities in real time.

fromZDNET

AI is getting scary good at finding hidden software bugs - even in decades-old code

AI models can effectively identify decades-old bugs in legacy code, but this capability also enables hackers to exploit vulnerabilities in deployed systems.

fromThe Hacker News

OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues

OpenAI launched Codex Security, an AI-powered security agent that identifies, validates, and fixes vulnerabilities in code, now available in research preview with free access for one month.

Information security

Claude can now scan for complex vulnerabilities, but who will find them?

NinjaOne free trial. Test the unified IT operations platform

NinjaOne is a unified IT operations platform that consolidates multiple IT management functions into a single cloud-native console.

Autonomous Offensive Security Firm XBOW Raises $120M at $1B+ Valuation

XBOW uses AI reasoning and adversarial workflows to continuously test applications for security flaws. Unlike traditional point-in-time penetration testing, the platform operates autonomously to identify and validate vulnerabilities at machine speed, aiming to keep pace with both modern development cycles and AI-powered attackers.

Venture

fromFortune

Exclusive: RunSybil, a startup using AI to automate penetration testing, raises $40M in VC funding in round led by Khosla Ventures | Fortune

RunSybil secured $40 million in funding to deploy AI agents that autonomously conduct continuous penetration testing on live software systems to identify security vulnerabilities.

OpenAI unveils Codex Security to detect vulnerabilities in AI code

OpenAI's Codex Security tool uses AI and agent-based analysis to detect code vulnerabilities with reduced false positives by understanding entire codebase context and prioritizing actual security risks.

Claude's New AI Vulnerability Scanner Sends Cybersecurity Shares Plunging

Cybersecurity company stocks fell sharply after Anthropic announced Claude Code Security, an AI capability for finding code vulnerabilities, triggering market concerns about AI replacing traditional security solutions.

fromFortune

AI can now hunt software bugs on its own. Anthropic is turning that into a security tool. | Fortune

Claude Code Security uses Anthropic's Opus 4.6 AI to review entire codebases, detect high-severity vulnerabilities, rate severity, and suggest fixes for developer approval.

4 months ago

MongoBleed threatens databases, but detection tool is available

A zlib decompression flaw (MongoBleed) in MongoDB 4.4–8.2.2 is actively exploited to extract server memory and sensitive data without authentication.

5 months ago

Amazon Is Using Specialized AI Agents for Deep Bug Hunting

Amazon built Autonomous Threat Analysis (ATA), a system of competing specialized AI agents to proactively find and fix security flaws before attackers exploit them.

5 months ago

OpenAI Aardvark automatically detects vulnerabilities

Aardvark autonomously detects, attempts exploits in sandboxes, and patches code vulnerabilities while integrating with developer workflows and recognizing 92% of test vulnerabilities.

fromCSO Online

6 months ago

Google DeepMind launches an AI agent to fix code vulnerabilities automatically

CodeMender, an AI agent using Gemini Deep Think, autonomously discovered and fixed vulnerabilities, submitting 72 security patches across large open-source codebases.

#ethereum

Cryptocurrency

What Happens When Smart Contracts Break | HackerNoon

Cryptocurrency

AVVERIFIER Outpaces Mythril and ETHBMC in Smart Contract Vulnerability Detection | HackerNoon

Digital life

A New Tool Uncovers Over $11.2 Billion at Risk in Ethereum Smart Contracts | HackerNoon

Cryptocurrency

Detecting Vulnerabilities, Byte by Byte: The Architecture of AVVERIFIER | HackerNoon

Software development

Why Most Smart Contract Analysis Tools Fail at Address Verification | HackerNoon

Cryptocurrency

What Happens When Smart Contracts Break | HackerNoon

Cryptocurrency

AVVERIFIER Outpaces Mythril and ETHBMC in Smart Contract Vulnerability Detection | HackerNoon

Digital life

A New Tool Uncovers Over $11.2 Billion at Risk in Ethereum Smart Contracts | HackerNoon

Cryptocurrency

Detecting Vulnerabilities, Byte by Byte: The Architecture of AVVERIFIER | HackerNoon

Software development

Why Most Smart Contract Analysis Tools Fail at Address Verification | HackerNoon

Cryptocurrency

A Static Taint Analyzer for Address Verification Vulnerabilities in Ethereum | HackerNoon

Software development

How a Three-Phase Detector Identifies Smart Contract Vulnerabilities | HackerNoon

Cryptocurrency

Testing Smart Contract Security with AVVERIFIER | HackerNoon

Cryptocurrency

A $8.2M Hack and the Blind Spot in Ethereum Smart Contract Verification | HackerNoon

Cryptocurrency

A Static Taint Analyzer for Address Verification Vulnerabilities in Ethereum | HackerNoon

Software development

How a Three-Phase Detector Identifies Smart Contract Vulnerabilities | HackerNoon

Cryptocurrency

Testing Smart Contract Security with AVVERIFIER | HackerNoon

Cryptocurrency

A $8.2M Hack and the Blind Spot in Ethereum Smart Contract Verification | HackerNoon

more#smart-contracts