Thoughts, experiences, and technical insights from my journey in software development.
Popular hashtags
Zhipu AI's GLM 5.2 scored 39% F1 on IDOR detection, beating Claude Code (32%), at 1/6 the cost of frontier models. Here's what it means for security testing.
DeepSeek open-sourced DSpark — a speculative decoding system that accelerates per-user token generation by up to 85% on V4-Flash without adding GPUs.
Model Context Protocol (MCP) has evolved from an Anthropic experimental feature into a new industry standard, reshaping the future of AI-driven DevOps.
A new Gartner report warns that consumption-based pricing models could drive AI coding agent bills up to $5,000 per month per developer.
The Patch the Planet initiative by OpenAI and Trail of Bits leverages GPT-5.5-Cyber to automatically generate and merge security patches for major open-source projects.
AWS Blocks enters Public Preview, delivering an offline local-first experience powered by WebAssembly PostgreSQL (PGlite) and optimized for AI coding agents.
Moving past simple text generation, AI agents are now operating infrastructure directly using MCP, AWS Continuum, and AWS DevOps Agent.
AI found 12 zero-days in OpenSSL, but curl had to kill its bug bounty program due to AI-generated spam. Welcome to the era of the verification bottleneck.
Tech giants Google, GitHub, Microsoft, and Nvidia announce the Agentic Resource Discovery (ARD) standard, paving the way for the Agentic Web.
An independent developer discovered a massive, automated malware campaign using 10,000 cloned GitHub repositories to bypass security filters and target AI agents.
Google Chrome is set to release versions 150 and 151, completely removing the remaining legacy flags for Manifest V2. This officially marks the end of uBlock Origin on Chrome.
The Miasma supply chain attack compromised 73 Microsoft GitHub repos, weaponizing the setup hooks of Claude Code and Cursor to silently harvest developer credentials.