Seems reasonable: "Our findings reveal that the standalone LLM introduces nearly 9x more new vulnerabilities than developers, with many of these exhibiting unique patterns not found in developers'code. Agentic workflows also generate a significant number of vulnerabilities, particularly when granting LLMs more autonomy, potentially increasing the likelihood of misinterpreting project context or task requirements. We find that vulnerabilities are more likely to occur in LLM patches associated with a higher number of files, more lines of generated code, and GitHub issues that lack specific code snippets or information about the expected code behavior and steps to reproduce"

https://www.semanticscholar.org/paper/Are-AI-Generated-Fixes-Secure-Analyzing-LLM-and-on-Sajadi-Damevski/235c52bdef09f6fec47a17fcdbc072ff6a5bd275?utm_source=alert_email&utm_content=LibraryFolder&utm_campaign=AlertEmails_WEEKLY&utm_term=LibraryFolder&email_index=0-0-0&utm_medium=59735069

If you need to identify #malware quickly, give #malcat a try: its Kesakode code identification is fast and can even work offline!

More info: https://doc.malcat.fr/analysis/kesakode.html

A reminder, the Fediverse cost money.

Yes, it is free for YOU to use, but your local administrator pays for domain registration, web hosting, storage space, CDN, and of course, bandwidth.

The busier and more active your Fedi site, the most it cost.

If you are able, consider reaching out to your admin, and asking how you can help. Even small contributions add up and make a difference.

#Fediverse #Fedi #ActivityPub #Mastodon #Misskey

TIL: Some surprising code execution sources in bash

https://yossarian.net/til/post/some-surprising-code-execution-sources-in-bash

#til #shell #security

“Generative A.I. appeals to people who think they can express themselves in a medium without actually working in that medium. But the creators of traditional novels, paintings, and films are drawn to those art forms because they see the unique expressive potential that each medium affords. It is their eagerness to take full advantage of those potentialities that makes their work satisfying, whether as entertainment or as art.”

https://www.newyorker.com/culture/the-weekend-essay/why-ai-isnt-going-to-make-art