1
修不过来:Anthropic 披露 AI 抓虫首月战报,揪出超 1 万个高危漏洞
AI抓虫效率惊人,Anthropic一个月发现超1万个高危漏洞,误报率甚至优于人工。
IT之家 5 月 23 日消息,Anthropic 昨日(5 月 22 日)发布公告,披露称 Project Glasswing 项目上线 1 个月后,携手约 50 家合作伙伴, 已在关键软件中挖掘出超过 1 万个高危(High)和关键(Critical)级别漏洞。 根据 Project Glass…
2
A hacker group is poisoning open source code at an unprecedented scale
黑客通过VSCode扩展投毒开源代码,GitHub遭供应链攻击,规模史无前例。
GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks.
3
Show HN: A timeline of recent open source CVE intensity and volume
可视化开源CVE趋势,揭示软件供应链安全恶化现状,简洁有力
I was curious what it would look like if I plotted the intensity and volume of software supply chain CVEs over time, given what seemed like a flood of…
4
Hackers have compromised dozens of popular open source packages in an ongoing supply chain attack
数十个流行开源软件包遭供应链攻击,黑客持续投毒,开发者需警惕依赖风险
The attacks are part of a wider campaign known as Mini Shai-Hulud, which has already compromised several open source projects and, in turn, developers…
5
We stopped AI bot spam in our GitHub repo using Git's –author flag
用Git的–author标志轻松拦截AI机器人,保护开源项目免遭垃圾评论污染。
Article URL: https://archestra.ai/blog/only-responsible-ai Comments URL: https://news.ycombinator.com/item?id=48181125 Points: 106 # Comments: 35