‘Vibe coding’ using LLMs susceptible to most common security flaws

Laura FrenchApril 24, 2025

OpenAI’s models were most likely to produce vulnerable code in tests by Backslash Security.

RESOURCES

AI/ML
AI at RSAC: The innovations that will shape cybersecurity’s future
Ransomware
From ransomware recovery to endpoint security innovation: The ThreatLocker story
Application security
Why comprehensive scan coverage is critical for DevSecOps lifecycle success and regulatory compliance
Critical Infrastructure Security
We’re the federal government, and we’re (maybe) no longer here to help
DevSecOps
Security without speed bumps: Using WAF simulator to transform DevSecOps workflows

PODCASTS

FEATURED

Perspectives Spotlight: Expert Insights

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

A digital lock rests prominently on a circuit board, symbolizing the importance of cybersecurity.

Vulnerability Management

Commvault Command Center bug rated 10.0 patched

Steve ZurierApril 24, 2025

CVE-2025-34028 could lead to a complete compromise of the Command Center.

Background image presenting cyber security and attack concept

Network Security

Hackers exploiting vulnerabilities at higher rates, reports Verizon

Shaun NicholsApril 23, 2025

Stolen credentials still make up most common threat vector in annual cybersecurity report.

A sign on top of a building reads "Siemens" in blue letters.

Critical Infrastructure Security

Critical bugs in Siemens, Schneider Electric gear top CISA advisory

Steve ZurierApril 23, 2025

CISA cites 16 CVEs impacting industrial systems in ICS advisory, four critical.

Trading security and spying concept with noface hacker using laptop an digital display with financial graphs and forex chart. Double exposure

Financial malware on the rise as espionage attacks decline

Shaun NicholsApril 23, 2025

Threat actors are getting more work from the private sector than from government sponsored agencies.

(Credit: Andreas Prott – stock.adobe.com)

Google fixes Cloud Composer privilege escalation vulnerability

Laura FrenchApril 22, 2025

Tenable researchers say “ConfusedComposer” highlights how attackers can exploit cloud service permissions.

The Cybersecurity and Infrastructure Security Agency (CISA) emblem is seen at its headquarters in Arlington, Va.

Security Strategy, Plan, Budget

Two senior officials resign from federal cybersecurity office, CISA

Steve ZurierApril 22, 2025

Continued brain drain includes two of the experts who managed CISA’s Secure by Design program.

Microsoft reports improvement in Secure By Design for products, services

Shaun NicholsApril 21, 2025

Microsoft said it's making strides in guarding its own systems against external threat actors.

Fog ransomware notes troll with DOGE references, bait insider attacks

Laura FrenchApril 21, 2025

Recent Fog samples are spread through phishing emails referencing pay adjustments.

EVENTS