🔍 Static Analysis - Wazzaps

🦀Rust Code

github.com

Making Semgrep rip: How Ripgrep inspired us to shave hours off (some) scans

🧠Memory Allocators Blog

semgrep.dev··Hacker News

SAST vs SCA: Key Differences for AppSec Teams

🔐Cybersecurity

orca.security·

Introducing Soteria: A New Generation of Static Analysis for Rust

🖥️Systems Programming Blog

soteria-tools.com··Hacker News

Arm’s Metis Is the AI Security Agent That Actually Finds Vulnerabilities — Here’s How It Works

🤖AI Agents Blog

medium.com

From Gemini CLI to Antigravity CLI: Automated OWASP Security Compliance and Agentic Remediation in…

🔐Cybersecurity Blog

medium.com

Are We Lost in the Woods? Detecting Silent Semantic Faults for Random Forest Classifiers with Data-informed Static Analysis

🤖AI Agents Academic

arxiv.org·

Pythagora-io/gpt-pilot Compromised on GitHub - Shai-Hulud Credential Stealer Blocked by Python Linter

🔀Concurrency Blog

stepsecurity.io··Hacker News

AgentGG: Open-source agentic SAST scanner

🤖AI Agents

helpnetsecurity.com·

I wish Deno would keep doing what it does best

🗄️SQLite

hackers.pub··Lobsters, Hacker News, r/javascript

Static Code Analysis and the Rules of Zero, Three, and Five

🔒Memory Safety Blog

blog.jetbrains.com·

AI Wrote the Code. Now It Broke. Who's Responsible?

⏱️Tokio

stickyminds.com·

110 QA checks in one scan, auto-fix PR for what it finds

⚙️Compilers

gatetest.ai··Hacker News

Secure Code Review Using AI without burning tokens

⚙️Compilers Blog

medium.com·

CodeQL 2.25.6 adds Swift 6.3.2 support and improves C# coverage - GitHub Changelog

⚡WebAssembly Blog Tutorial

github.blog·

We Cut Semgrep's Taint Analysis Time by 75%

🔧Reverse Engineering Blog

semgrep.dev··Hacker News

GitHub announces npm security changes to tackle supply-chain attacks

⚡WebAssembly News

bleepingcomputer.com·

Announcing Snapshot: AI Code Analysis in Any Environment

🔐Cybersecurity Blog

aisle.com·

nauta-ai/holster-scan: Local-first scanner for AI-hallucinated / typosquatted (slopsquat) packages + agent boundary preflight — catches what generic SAST misses, before an agent runs or a repo is shared.

🤖AI Agents Code

github.com··Hacker News

What is AI SAST?

chore(deps-dev): bump the typescript-eslint group with 2 updates (#22…

Making Semgrep rip: How Ripgrep inspired us to shave hours off (some) scans

SAST vs SCA: Key Differences for AppSec Teams

Introducing Soteria: A New Generation of Static Analysis for Rust

Arm’s Metis Is the AI Security Agent That Actually Finds Vulnerabilities — Here’s How It Works

From Gemini CLI to Antigravity CLI: Automated OWASP Security Compliance and Agentic Remediation in…

Are We Lost in the Woods? Detecting Silent Semantic Faults for Random Forest Classifiers with Data-informed Static Analysis

Pythagora-io/gpt-pilot Compromised on GitHub - Shai-Hulud Credential Stealer Blocked by Python Linter

AgentGG: Open-source agentic SAST scanner

I wish Deno would keep doing what it does best

Static Code Analysis and the Rules of Zero, Three, and Five

AI Wrote the Code. Now It Broke. Who's Responsible?

110 QA checks in one scan, auto-fix PR for what it finds

Secure Code Review Using AI without burning tokens

CodeQL 2.25.6 adds Swift 6.3.2 support and improves C# coverage - GitHub Changelog

We Cut Semgrep's Taint Analysis Time by 75%

GitHub announces npm security changes to tackle supply-chain attacks

Announcing Snapshot: AI Code Analysis in Any Environment

nauta-ai/holster-scan: Local-first scanner for AI-hallucinated / typosquatted (slopsquat) packages + agent boundary preflight — catches what generic SAST misses, before an agent runs or a repo is shared.