1. The US Congressional Budget Office confirmed unauthorized ac…
The US Congressional Budget Office confirmed unauthorized access to its networks in a suspected foreign cyberattack potentially exposing emails with congressional offices.
Category: Newsletter
2. A significant data leak from Chinese cybersecurity firm Know…
A significant data leak from Chinese cybersecurity firm Knownsec exposed cyber weapon specifications, proprietary hacking tool source code, government collaboration details, and a list of 80 compromised overseas surveillance targets.
Category: Newsletter
3. A detailed demonstration shows how an ARM-based IoT device’s…
A detailed demonstration shows how an ARM-based IoT device’s Address Space Layout Randomization (ASLR) can be bypassed using Return-Oriented Programming (ROP), enabling unauthenticated remote code execution via memory manipulation.
Category: Newsletter
4. The article advocates for redesigning systems in which AI en…
The article advocates for redesigning systems in which AI enhances meaningful signals instead of obscuring them, improving overall user experience and information delivery.
Category: Newsletter
5. Qilin ransomware group exfiltrated 300GB of data from Corner…
Qilin ransomware group exfiltrated 300GB of data from Cornerstone Staffing Solutions, including 120,000 resumes, Social Security numbers, salary data, and financial records, with threats of sophisticated phishing campaigns.
Category: Newsletter
6. EchoGram exploits gaps in training data guardrails by inject…
EchoGram exploits gaps in training data guardrails by injecting nonsensical “flip tokens” that cause false positives and bypasses in GPT-5.1, Claude, and Gemini, posing a dual threat of alert fatigue and actual malicious prompt bypasses.
Category: Newsletter
7. Dimension
Dimension.dev introduces AI agents that intelligently select relevant integrations and learned behaviors to handle tasks efficiently across tools like Gmail, Slack, GitHub, and Drive, mimicking natural coworker interactions for engineering teams.
Category: Newsletter
8. OpenAI released GPT-5
OpenAI released GPT-5.1-Codex-Max, a coding model that outperforms Gemini 3 on SWE-Bench-Verified and Terminal-Bench. It is optimized for long-running, multi-step tasks and available across various platforms except the Free tier, with API soon.
Category: Newsletter
9. Meta launched SAM 3, a model supporting text prompts like “y…
Meta launched SAM 3, a model supporting text prompts like “yellow school bus” to segment and track objects in images and videos, along with SAM 3D for reconstructing 3D scenes from single images, with applications in AR/VR and media editing.
Category: Newsletter
10. xAI unveiled Grok 4
xAI unveiled Grok 4.1 Fast, a tool-calling model featuring a 2 million token context window with superior agentic capabilities outperforming Gemini 3 Pro and GPT-5.1. Alongside, the Agent Tools API enables autonomous agent functionality such as web browsing and code execution.
Category: Newsletter
11. Karpathy is an open-source, autonomous ML engineer that trai…
Karpathy is an open-source, autonomous ML engineer that trains models using Claude Code SDK, Google ADK, and Claude Scientific Skills. It supports both automated and interactive workflows and runs locally via Claude Code and OpenRouter API.
Category: Newsletter
12. Mosaic employs multimodal AI agents with a node-based UI to …
Mosaic employs multimodal AI agents with a node-based UI to automate video editing workflows such as removing bad takes and creating clips, allowing parallel branching to produce multiple video variants efficiently.
Category: Newsletter
13. pyscn is a static analysis tool built with Go and tree-sitte…
pyscn is a static analysis tool built with Go and tree-sitter that detects complexity issues, dead code, duplicates, and dependency coupling in Python projects, aiming for large-scale incremental analyses at module level.
Category: Newsletter
14. A curated list of LLM applications featuring RAG, AI agents,…
A curated list of LLM applications featuring RAG, AI agents, multi-agent teams, MCP, voice agents, and more, utilizing OpenAI, Anthropic, Google, and open-source models, many runnable locally on users’ computers.
Category: Newsletter
15. The RondoDox botnet leverages a vulnerability in the XWiki S…
The RondoDox botnet leverages a vulnerability in the XWiki SolrSearch endpoint, sending base64-encoded Groovy payloads via HTTP GET requests to download and execute malware. Existing IOC blocklists remain effective against this threat.
Category: Newsletter