Notícias

0patch provides crucial security updates for Windows 10 and fills the support gap left by Microsoft. Here's how my experience with it has been.

Open source code sits inside nearly every commercial application, and development teams continue to add new dependencies. Black Duck's 2026 Open Source Security and Risk Analysis Report data shows that nearly all audited codebases contain open source components, with average component counts rising sharply over the past year. That growth brings a parallel increase in exposure. Mean vulnerabilities per codebase climbed from 280 to 581 in one year, more than doubling. Median vulnerabilities also rose. … More → The post Open-source security debt grows across commercial software appeared first on Help Net Security.

In this Help Net Security interview, Joni Klippert, CEO at StackHawk, discusses what defines DAST coverage in 2026 and why scan completion does not equal security. She explains how AI-driven DAST testing automates attack surface discovery, supports business-logic testing in pre-production, and reduces the manual setup that has limited adoption. Klippert also describes how organizations can implement runtime testing without instrumenting production systems. In 2026, what does “good DAST coverage” mean, and how should teams … More → The post AI-driven DAST reduces manual setup and surfaces exploitable vulnerabilities appeared first on Help Net Security.

A sharp rise in AI-assisted software development is driving unprecedented increases in open source security and licensing risk, according to new research from Black Duck. The company's 2026 Open Source Security and Risk Analysis (OSSRA) report reveals that vulnerabilities in commercial software codebases have more than doubled year-on-year, highlighting growing concerns that organisations are producing […] The post AI-Driven Development Fuels Surge in Open Source Vulnerabilities, Black Duck Finds appeared first on IT Security Guru.

Datadog report reveals two-fifths of services are affected by exploitable bugs

Anthropic has patched vulnerabilities whose impact was demonstrated by Check Point via malicious configuration files. The post Claude Code Flaws Exposed Developer Devices to Silent Hacking appeared first on SecurityWeek.

TrendAI has fixed eight critical and high-severity issues in Windows and macOS endpoint security products. The post Trend Micro Patches Critical Apex One Vulnerabilities appeared first on SecurityWeek.

Trend Micro has patched two critical Apex One vulnerabilities that allow attackers to gain remote code execution (RCE) on vulnerable Windows systems. [...]

Locking down your smart home is about reducing entry points - here's how to do it right.

Flaws in Anthropic's Claude Code could allow remote code execution and theft of API keys when users open untrusted repositories. Check Point Research team found multiple vulnerabilities in Anthropic's Claude Code AI coding assistant that could lead to remote code execution and API key theft. The vulnerabilities abuse features such as Hooks, MCP servers, and […]