AI Code in the Wild: Measuring Security Risks and Ecosystem Shifts of AI-Generated Code in Modern Software

Large language models LLMs for code generation are becoming integral to modern software development, but their real-world prevalence and security impact remain poorly understood. We present the first large-scale empirical study of AI-generated code AIGCode in the wild. We build a high-precision...

AI Advertising Company Hacked

At least some of this is coming to light: Doublespeed, a startup backed by Andreessen Horowitz a16z that uses a phone farm to manage at least hundreds of AI-generated social media accounts and promote products has been hacked. The hack reveals what products the AI-generated accounts are promoting...

PT-2025-52316

Name of the Vulnerable Software and Affected Versions Hubstaff version 1.6.14 Description The software contains a DLL search order hijacking issue. An attacker can replace a missing system32wow64log.dll with a malicious library. By using tools like Metasploit to create a custom DLL and placing it...

CVE-2025-14356

The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'uacf7getgeneratedpdf' function in all versions up to, and including, 3.5.33. This makes it possible for authenticated attackers, with Subscriber-level...

Deepfakes, AI resumes, and the growing threat of fake applicants

Recruiters expect the odd exaggerated resume, but many companies, including us here at Malwarebytes, are now dealing with something far more serious: job applicants who aren't real people at all. From fabricated identities to AI-generated resumes and outsourced impostor interviews, hiring pipelin...

CVE-2025-63872

DeepSeek V3.2 has a Cross Site Scripting XSS vulnerability, which allows JavaScript execution through model-generated SVG content...

EUVD-2025-200270

DeepSeek V3.2 has a Cross Site Scripting XSS vulnerability, which allows JavaScript execution through model-generated SVG content...

Improper Restriction of Communication Channel to Intended Endpoints

Overview fastcrud is a FastCRUD is a Python package for FastAPI, offering robust async CRUD operations and flexible endpoint creation utilities. Affected versions of this package are vulnerable to Improper Restriction of Communication Channel to Intended Endpoints due to improper handling of the...

CVE-2025-63872

DeepSeek V3.2 is affected by an XSS vulnerability that allows JavaScript execution through model-generated SVG content. The CVE-2025-63872 entry notes a network-based vulnerability with low exploit complexity and requiring user interaction , resulting in a Medium (6.1) base score per CVSS 3.1. Mu...

CVE-2025-63872

DeepSeek V3.2 has a Cross Site Scripting XSS vulnerability, which allows JavaScript execution through model-generated SVG content...

injection-research

injection-research A study comparing injection vulnerabilities...

Deepfake Geography: Detecting AI-Generated Satellite Images

The rapid advancement of generative models such as StyleGAN2 and Stable Diffusion poses a growing threat to the authenticity of satellite imagery, which is increasingly vital for reliable analysis and decision-making across scientific and security domains. While deepfake detection has been...

SUSE CVE-2025-40161

In the Linux kernel, the following vulnerability has been resolved: mailbox: zynqmp-ipi: Fix SGI cleanup on unbind The driver incorrectly determines SGI vs SPI interrupts by checking IRQ number 16, which fails with dynamic IRQ allocation. During unbind, this causes improper SGI cleanup leading to...

MAL-2025-186265 Malicious code in concurrently-configstore-lyra-perseus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbdd3e3fbd31161db4d4c071bc50e19eb1af1064e748a5e2f0131d7ff033d0b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Siemens SIMATIC S7-1500 Improper Check for Unusual or Exceptional Conditions (CVE-2019-19646)

pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integritycheck PRAGMA command in certain cases of generated columns. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Malicious code in odasv-kuu-bofauf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 671ac42e26ca631bebd6ac8cc3ea966bb11422ea27bb3c80c3d0fe49fd5f0c62 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hitachi-poke103 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cff1cad525eaac9e84e01f34831802bdb0387c108e2f16eecac2250cac5a1318 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rindaman-poke23 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3617c2cbd6476df934330153ece4593b9ce48955102cb9e44c84640bc224d844 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in diago-klp-kaba (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a9e41825e677eecb5fed4a2612d1137fd600f96ac890e51436ad374286e735e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-167667 Malicious code in teagood-namakai13 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f66c713481f826f8eacb00e4724a93ea8bb6e5abc7b5657b6830e5f10889411 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...