GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
Ministry of Testing

Coaching with code: using AI to learn how to automate tests

Leverage AI as a personalised "code coach" to bridge the gap between manual testing and automation by translating plain English into executable scripts and providing line-by-line logic explanations.

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
IEEE

GenProgJS: A Baseline System for Test-Based Automated Repair of JavaScript Programs

Abstract: Originally, GenProg was created to repair buggy programs written in the C programming language, launching a new discipline in Generate-and-Validate approach of Automated Program Repair (APR) ...
IEEE

AutoPT: How Far Are We From the Fully Automated Web Penetration Testing?

Abstract: Penetration testing is essential for ensuring Web security by identifying and mitigating vulnerabilities in advance, and the rapid progress of large language models (LLMs) shows great ...