11 articles in this topic.
This topic page curates research-focused writing on Code Security, with an emphasis on practical security implications, reproducible observations, and implementation-aware takeaways. Instead of isolated summaries, the collection is organized to help you connect attack techniques, defensive controls, and evaluation criteria across multiple papers and project write-ups.
Across 11 articles, this cluster highlights how Code Security appears in real workflows and where teams commonly miss risk boundaries. The coverage includes news digest, tutorial, project, paper review and connects this theme with adjacent areas such as LLM Security, AI Safety, Agent Security, so you can move from conceptual understanding to deployable engineering decisions.
This page is maintained as a high-signal index for Code Security. Use it to follow newer articles first, then branch into adjacent topics and defensive patterns that repeatedly appear across projects and paper reviews.
The unifying theme of this week's AI security landscape is the critical transition from superficial, syntax-level filtering to deep, state-aware behavioral defenses across both agentic workflows and s
The dominant security theme today is the structural breakdown of boundaries between reasoning engines and executive environments, transitioning the primary threat vector from semantic prompt manipulat
The systematic scaling of automated, AI-driven vulnerability discovery has triggered a structural crisis in legacy patch-management frameworks, as evidenced by the 263% surge in CVEs forcing an overha
The dominant security vector of this cycle is the exploitation of human trust and unpatched legacy infrastructure as primary entry points, contrasting sharply with academic focus on complex algorithmi
The modern AI threat landscape is undergoing a structural phase shift where security boundaries are migrating away from isolated prompt-engineering patches toward compositional, system-level, and hard
The dominant theme in AI security is the operational crisis emerging from the rapid transition of large language models (LLMs) from passive information-retrieval engines to active, high-privileged age
The single dominant theme this week is the institutional transition of AI safety from academic red-teaming to formalized, monetized application security frameworks at the semantic layer. As major prov
A comprehensive guide to Python pickle deserialization vulnerabilities, explaining how attackers exploit the __reduce__ method to achieve remote code execution and why 'never unpickle untrusted data' remains critical security advice.
An introduction to Pickleguard, a defense mechanism that detects and prevents malicious pickle payloads through static analysis, opcode inspection, and allowlist-based filtering before deserialization occurs.
An analysis of AgentFuzz, a novel fuzzing framework that automatically detects taint-style vulnerabilities in LLM-based agents through LLM-assisted seed generation, feedback-driven scheduling, and sink-guided mutation.
A comprehensive analysis of hierarchical contrastive learning approaches for classifying code vulnerabilities into CWE types, addressing long-tail distribution, class isolation, and input length limitations.