Appsec adventures

This article highlights that many Latin American nations remain behind global peers in cybersecurity preparedness even as threat activity in the region grows sharply. Governments, critical infrastructure and private sectors often lack comprehensive incident response plans, up-to-date defenses, skilled personnel and secure cloud practices. Regulatory efforts are uneven, and adop­tion of frameworks like Zero Trust is nascent. Experts warn that without greater investment in tools, training and governance, the region will continue to struggle against increasingly sophisticated ransomware, espionage and supply-chain attacks, leaving businesses and citizens at heightened risk. ( darkreading.com ) https://www.darkreading.com/threat-intelligence/latin-americas-cyber-maturity-lags-threat-landscape

Security researchers report that threat actors are now using a newly identified toolkit called “ILovePoop” to scan tens of millions of IP addresses for servers vulnerable to the critical React2Shell flaw (CVE-2025-55182), a high-severity remote code execution vulnerability found in React Server Components and frameworks like Next.js. Initially exploited in broad, noisy campaigns dropping cryptominers and botnets, activity has evolved into more deliberate reconnaissance against high-value targets including government, defense, finance and industrial organizations. The ongoing scanning underscores that the vulnerability remains actively pursued worldwide months after disclosure. ( darkreading.com )  https://www.darkreading.com/application-security/attackers-new-tool-scan-react2shell-exposure

ForgeProof, presented on a dedicated Flying Cloud Technology landing page, appears to be a code provenance and security offering aimed at the “AI era” —likely focused on tracking and verifying the origin, integrity, and history of code artifacts to improve supply chain trust and security in environments that heavily rely on AI and automated development workflows (context from related mentions of code provenance tools and data surveillance products from Flying Cloud Technology). Flying Cloud itself provides patented data surveillance and enterprise data security solutions that monitor and defend data usage, lineage, and compliance across environments, and ForgeProof seems positioned as part of extending that trust into code and AI contexts. ( flyingcloudtech.com )  https://forgeproof.flyingcloudtech.com/ also read  https://www.reddit.com/r/devsecops/comments/1rgugcw/why_were_opensourcing_a_code_provenance_tool_now/

The article analyzes Common Vulnerabilities and Exposures (CVE) data for the Linux kernel, showing that in 2024 the kernel accumulated 3,108 CVEs, a 79 % increase from 2023, with high-severity flaws making up about 42 % and critical issues around 4.8 % of all entries. The piece breaks down severity categories using CVSS v3.1 scores, highlights that networking and memory management subsystems generate a large share of vulnerabilities, and compares Linux’s CVE counts to other operating systems, noting that the open-source model’s transparency contributes to larger totals. ( commandlinux.com ) https://commandlinux.com/statistics/common-vulnerabilities-and-exposures-cve-severity-distribution-for-linux/

In this blog post Bruce Schneier explains that large language models (LLMs), including tools like ChatGPT, often produce weak and predictable password suggestions when prompted to generate credentials. Because their outputs are based on patterns learned from common text, the passwords they suggest tend to resemble each other and lack sufficient randomness and entropy, making them easy targets for guessing or brute-force attacks. Schneier argues that relying on LLM-generated passwords weakens security and that truly random password generators or password managers are safer choices for creating strong credentials.  https://www.schneier.com/blog/archives/2026/02/llms-generate-predictable-passwords.html

Anthropic’s launch of Claude Code Security, an AI-driven tool that scans codebases for vulnerabilities and proposes fixes, has rattled the cybersecurity industry and investors, pushing down stocks of major vendors like CrowdStrike and Palo Alto Networks. The capability places Anthropic in direct competition with established application security providers by using reasoning-based analysis rather than traditional static scanning, though experts say it currently covers only a small part of broader security needs. Despite hype and volatility, long-term investment in cybersecurity innovation remains steady. ( govinfosecurity.com )  https://www.govinfosecurity.com/blogs/claude-code-security-has-shaken-cybersecurity-market-p-4056