Security
The security failure modes of AI-generated code: common vulnerability classes, slopsquatting and hallucinated packages, and prompt injection against coding agents.
Security
Security Vulnerabilities in AI Code
Veracode's 100+ LLMs: 45% introduced OWASP Top 10 flaws, XSS failed at 86%, Java at 72% - and security stayed flat across model generations. The classes, the causes, and a defense stack ordered deterministic-first.
Updated: July 2, 2026Read article →
Security
Slopsquatting
Attackers register the packages AI hallucinates - 19.7% of recommendations, 205k invented names, 43% repeating consistently. The mechanic, the USENIX 2025 numbers, and the defenses that close the install path.
Updated: July 2, 2026Read article →
Security
Prompt Injection Against Coding Agents
An agent reads a poisoned README and runs the attacker's instructions - OWASP's #1 LLM risk, with 2026 CVEs against Copilot, Claude Code and MCP servers. Why it may be structural, and why containment beats cure.
Updated: July 2, 2026Read article →
Want to follow the beta, or test it when it opens?
Join early access