This page collects WhisperX intelligence signals tagged #Code Analysis. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A vulnerability that lay dormant within the Linux kernel for over two decades has been unearthed, not by a human security researcher, but by an artificial intelligence. The discovery was made by Anthropic's Claude Code, an AI assistant designed for software development tasks. This finding highlights a significant shift...
A Semgrep security scan has flagged critical Server-Side Request Forgery (SSRF) vulnerabilities in a PHP codebase, exposing a direct path for attackers to force the server to make unauthorized network requests. The automated rule `ssrf-taint` detected that user-controlled input flows directly into network-fetching func...
A Semgrep security scan has flagged a critical, unpatched Cross-Site Scripting (XSS) vulnerability in a PHP codebase. The automated tool identified three distinct instances where unsanitized, user-controlled data is directly echoed to the browser, creating a direct path for malicious script injection and potential acco...
A new benchmark is putting frontier large language models to the ultimate test: can they find real, known security vulnerabilities in live, high-profile codebases before the patch is applied? N-Day-Bench addresses the critical flaw in static AI security tests—data contamination and memorization—by constructing a fresh,...
A Semgrep security scan has flagged critical Server-Side Request Forgery (SSRF) vulnerabilities in PHP code, exposing a direct path for attackers to force the server to make unauthorized requests to internal services or arbitrary external hosts. The automated rule `ssrf-taint` detected that user-controlled input flows ...