Tags: code review

AI-powered coding assistants have accelerated software output dramatically, but the speed boost is outpacing security resources. A financial services firm using the Cursor tool saw monthly code production jump from 25,000 to 250,000 lines, creating a backlog of one million unreviewed lines. Security experts warn that the shortage of application security engineers leaves firms exposed to vulnerabilities, especially as developers download entire codebases onto personal laptops. Companies such as Anthropic, OpenAI and Cursor are now racing to embed automated review features, yet human oversight remains essential. Ler mais

Anthropic has introduced an "auto mode" for its Claude Code AI, allowing the system to automatically execute actions it deems safe while blocking those that appear risky. The feature, now in research preview, adds a safety layer that checks for dangerous behavior and prompt‑injection attacks before any action runs. Auto mode works with Claude Sonnet 4.6 and Opus 4.6 and is recommended for isolated, sandboxed environments. The rollout targets Enterprise and API users and follows Anthropic’s recent releases of Claude Code Review and Dispatch for Cowork, reflecting a broader industry move toward more autonomous coding tools. Ler mais

Anthropic has launched Code Review, an AI-driven reviewer built into its Claude Code platform. Designed for enterprise customers, the tool automatically scans pull requests, highlights logical errors, and offers actionable fixes directly in GitHub. By focusing on high‑priority bugs rather than style issues, Code Review aims to reduce the bottleneck caused by the surge of AI‑generated code, helping large development teams ship faster and with fewer defects. Ler mais

Anthropic has added a new Code Review capability to its Claude Code AI coding assistant. The feature automatically analyzes pull requests, flags bugs, and supplies actionable feedback through a high‑signal overview comment and inline notes. It scales its multi‑agent review process based on the size and complexity of the change, typically completing a review in about 20 minutes. While the tool costs more than lightweight alternatives, Anthropic offers caps and dashboards to help manage expenses. Early internal testing shows a surge in substantive review comments, and the feature is now rolling out to Claude for Teams and Enterprise subscribers in a research preview. Ler mais

Vibe coding—using large language models to write software from prompts—offers faster development and broader accessibility, but it also introduces serious security risks. Studies show a significant portion of AI‑generated code contains serious flaws, and attackers can exploit poisoned code libraries to spread vulnerabilities. Experts stress that human oversight, strict code reviews, private sandboxed models, and Zero‑Trust access controls are essential to mitigate these threats while still benefiting from the efficiency of AI‑assisted development. Ler mais