"Using a ... dataset of 100 real and 100 fake CVE-IDs, we manually analyzed the credibility ... of [ChatGPT's] outputs. ChatGPT generated plausible security advisories for 96% of given real CVE-IDs and 97% of fake CVE-IDs, demonstrating a limitation in differentiating between real and fake IDs."
24.07.2025 06:54 β π 0 π 0 π¬ 0 π 0
Congratulations to intern student Bayu Fedra Abdullah for Student Best Paper award at the 2025 International Conference on Smart Computing, IoT, and Machine Learning (SIML) for our paper "Using LLMs for Security Advisory Investigations: How Far Are We?" ieeexplore.ieee.org/document/110...
24.07.2025 06:54 β π 0 π 0 π¬ 1 π 0
The GitHub logo centered among various geometric shapes.
You can't secure what you don't know about. π
GitHub's dependency graph can help. β
Use it to get a project's entire software supply chain, including both direct and indirect dependencies.
Enable this feature and improve your project's security.π
github.blog/security/sup...
14.07.2025 21:09 β π 31 π 5 π¬ 0 π 1
"For our initial analysis, we look at a sample of heavily-depended upon NPM packages, and identify that such end-of-chain packages make up a significant portion of these critical dependency chain (over 50%)."
13.06.2025 08:39 β π 0 π 0 π¬ 0 π 0
"For a long time, the dominant philosophy [within package networks like NPM] has been to βreuse as much as possible [...]'. In this vision paper, we investigate packages that challenge the typical concepts of reuseβthat is, packages with no dependencies [...]...."
13.06.2025 08:39 β π 0 π 0 π¬ 1 π 0
All @acm.org publications will be 100% Open Access as of January 2026. When we announced this at POPL and CHI this year, conference participants spontaneously erupted in applause. The CS community is excited about ACM's move to OA!
19.05.2025 17:50 β π 74 π 32 π¬ 1 π 2
@plago.bsky.social defines software sustainability as follows: βthe preservation of the long term and beneficial use of software, and its appropriate evolution, in a context that continuously changes.β
#ICSE2025
@icseconf.bsky.social
02.05.2025 13:48 β π 3 π 1 π¬ 0 π 0
'Analyzing a dataset of 2,763 NPM libraries, we found that 39.49% are self-contained. Of these ... 40.42% previously had dependencies that were later removed. This analysis revealed a significant trend of dependency reduction within the NPM ecosystem.'
09.05.2025 05:55 β π 0 π 0 π¬ 0 π 0
Today I start my new position as Assistant Professor at the Nara Institute of Science and Technology Software Design Lab. π₯³
01.04.2025 07:42 β π 1 π 0 π¬ 0 π 0
We found some instances of vulnerabilities being discussed in GitHub issues instead of being disclosed through secure channels. Primarily, these issues were made by users external to the project.
28.03.2025 07:05 β π 0 π 0 π¬ 0 π 0
Presented undergrad intern @ NAIST Sushawapak's ERA paper 'On Categorizing Open Source Software Security Vulnerability Reporting Mechanisms on GitHub' at SANER 2025, Montreal, Canada this month. Paper Link: arxiv.org/abs/2502.07395 Slides: brittany-reid.github.io/talks/saner-...
28.03.2025 07:05 β π 2 π 0 π¬ 1 π 0
Tenure-Track Assistant Professor in Software Engineering. @SchulichENGG - @UCalgary. My research goal is to make software engineering more colorful! π
Professor at the University of Massachusetts Amherst
https://people.cs.umass.edu/~brun/
Professor of Software Engineering at University of York, UK. Research interests in automated, low-code and model-based software engineering. http://dimitris.io
Assistant Professor in Software Engineering. University of Florence, Italy.
Empirical Research, Software Architecture, Technical Debt, Green Software, Software Testing, Life, the Universe, and Everything.
π¨βπ« Software Engineering Prof. https://ost.ch/i
π Author of Patterns for API Design https://api-patterns.org/
βπ» Growing Green Software Blog https://medium.com/growing-green-software
The 34th edition of the ACM SIGSOFT International Symposium on Software Testing and Analysis
Trondheim, Norway // 25-28 June 2025
https://conf.researchr.org/home/issta-2025
Academic researcher in Internet of Things, wearables, sensors, and machine learning for medical, care, well-being, and sports applications. Work at KTH Royal Institute of Technology
https://www.jacobsson.nl/research/
Programming Language Specification and Standardization. Professor at University of Bergen, Norway. TC39 Delegate. Co-convener of TC39-TG5. Ecma International Executive Committee member. Opinions are my own.
Security researcher with an interest in formal methods.
Building fuzzers @ Interrupt Labs |
Teaching @ Australian National University
https://adrian-herrera.com
he / him. Associate Professor in Software Engineering.
Software Engineer, Writer, curious about distributed social media applications
Professor for Secure Software Engineering at TU Dortmund
π³οΈβππ»π
https://benhermann.eu
https://sse.cs.tu-dortmund.de
Prof. of software engineering and testing at the University of Namur, Belgium. Check our teamwork at https://snail.info.unamur.be π§πͺπ¨βπ»π³οΈβπ
Asst. Prof of CS@Technion, program synthesis is all about correctness. PL/SE/HCI, she/her
Elmore New Frontiers Professor @PurdueCS | Ex @Meta @UWaterloo @IllinoisCDS @MSFTResearch @IBMResearch | #SE #TextAnalytics #LLM4Code #AI #Security
https://www.cs.purdue.edu/homes/lintan/
Professor at FEUP University of Porto and researcher at INESC TEC. Distributed Systems and Data. Co-creator of CRDTs. Founder eurotux.com. Still searching for unknown unknowns. (π¦ July 2023)
Web: https://cbaquero.github.io/web/
Asst. Prof. Drexel Dept. Of Computer Science @drexeluniv | Research on mining software repositories, empirical software engineering
https://preethac.github.io/
Assistant Professor (Lecturer) at University of Manchester
Formal Methods Engineering Lab: https://manchester-fme.github.io
Software Security @MPI, PhD @NUS, Dipl.-Inf. @TUDresden.
Research Group: http://mpi-softsec.github.io
Assoc. prof. at Uppsala University, working in programming languages and verification
