The Cost of AI Slop in Lines of Code

In the quest to get as much training data as possible, there was little effort available to vet the data to ensure that it was good.
The Register on MSN

Google: China's APT31 used Gemini to plan cyberattacks against US orgs

Meanwhile, IP-stealing 'distillation attacks' on the rise A Chinese government hacking group that has been sanctioned for targeting America's critical infrastructure used Google's AI chatbot, Gemini, ...

CISA flags critical Microsoft SCCM flaw as exploited in attacks

CISA ordered federal agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager vulnerability patched in October 2024 and now exploited in attacks.

How to test OpenClaw without giving an autonomous agent shell access to your corporate laptop

OpenClaw jumped from 1,000 to 21,000 exposed deployments in a week. Here's how to evaluate it in Cloudflare's Moltworker ...
The Register on MSN

Attackers finally get around to exploiting critical Microsoft bug from 2024

As if admins haven't had enough to do this week Ignore patches at your own risk. According to Uncle Sam, a SQL injection flaw in Microsoft Configuration Manager patched in October 2024 is now being ...
The Hacker News

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively ...

LLM Security Isn’t Just Theoretical—It’s A QA Problem You Can Test

As a QA leader, there are many practical items that can be checked, and each has a success test. The following list outlines what you need to know: • Source Hygiene: Content needs to come from trusted ...
Microsoft

Copilot Studio agent security: Top 10 risks you can detect and prevent

Copilot Studio agents are increasingly powerful. With that power comes risk: small misconfigurations, over‑broad sharing, ...