Fetching from the wire…
Public story · 2026-03-16 · source-backed
Help Net Security tested Claude Code, OpenAI Codex, and Google Gemini and found all three systematically reproduce SQL injection, path traversal, hardcoded credentials, and insecure deserialization. The problem is structural — training corpora contain vulnerable code at high frequency, and agents optimize for functional correctness over security correctness. Help Net Security
Each link below shares sources, entities, or timing with this story.
Claude Code uses Sonnet / Shared entities / Same source / Shared topic / What happened next
Linked by a graph relationship (Claude Code uses Sonnet); both cover Claude Code, Google Gemini, OpenAI Codex; cite the same source (Help Net Security).
Claude Code uses MCP / Shared entities / Same source domain / Shared topic / Earlier coverage / Tension
Linked by a graph relationship (Claude Code uses MCP); both cover Claude Code, Help Net Security; reported by the same outlet (helpnetsecurity.com).
Cline benchmarked against Claude Code / Shared entities / Same source domain / Shared topic / What happened next
Linked by a graph relationship (Cline benchmarked against Claude Code); both cover Claude Code, Help Net Security; reported by the same outlet (helpnetsecurity.com).