[x3n0ph3n3]

I disagree -- we're clearly getting better safeguards by way of AI agents to spot potential vulnerabilities!

[jabl]

The question is whether the current situation is a short burst of action, and once those most critical bugs get fixed the hype around AI vulnerability scanning will die down, or whether the current crop of system/infra software written in vulnerable languages like C are beyond redemption and they will provide an endless source of critical bugs for AI to find until we fix them by rewriting them in Rust/Go/whatever.

[yardstick]

An eternal summer of CVEs is upon us

[KronisLV]

Seems like those “rewrite in Rust” folks had a point after all (the viability of it for any number of projects being another thing entirely).

[LtWorf]

https://www.securityweek.com/tanstack-mistral-ai-uipath-hit-...

[Terr_]

A better use of LLMs: To help translate the vast majority of C/C++ developers' output into memory-safe languages. :p

[lionkor]

You're likely joking, but in case someone else misunderstands; this is not going to work. Rust with unsafe{} is the only thing you can translate directly to, even with LLMs. Rust with extensive unsafe{} is not something anyone wants to debug or maintain, and is near impossible to improve quickly.