ZDNet

Google open-sources Atheris, a tool for finding security bugs in Python code

Google's security experts have open-sourced another automated fuzzing utility in the hopes that developers will use it to find security bugs and patch vulnerabilities before they are exploited. Named ...
ZDNet

AWS's AI code reviewer now spots Log4Shell-like bugs in Java and Python code

Amazon Web Services (AWS) has updated the 'detectors' in its CodeGuru Reviewer tool to seek out log injection flaws like the recently disclosed Log4Shell bug in the popular Java logging library Log4J.

Popular Python libraries used in Hugging Face models subject to poisoned metadata attack

Vulnerabilities in popular AI and ML Python libraries used in Hugging Face models with tens of millions of downloads allow ...
Bleeping Computer

NumPy Is Awaiting Fix for Critical Remote Code Execution Bug

The current version of the popular NumPy library relies on unsafe default usage of a Python module that could lead to remote code execution in the context of the affected application. The issue was ...
TechSpot

Python affected by 15-year-old bug that keeps on giving

In brief: The Python programming language is being impacted by security issue programmers have know about for a while. Trellix researchers recently rediscovered a bug, highlighting the risk for ...