1. The US Congressional Budget Office confirmed unauthorized ac…
The US Congressional Budget Office confirmed unauthorized access to its networks in a suspected foreign cyberattack potentially exposing emails with congressional offices.
Category: Newsletter
2. A significant data leak from Chinese cybersecurity firm Know…
A significant data leak from Chinese cybersecurity firm Knownsec exposed cyber weapon specifications, proprietary hacking tool source code, government collaboration details, and a list of 80 compromised overseas surveillance targets.
Category: Newsletter
3. A detailed demonstration shows how an ARM-based IoT device’s…
A detailed demonstration shows how an ARM-based IoT device’s Address Space Layout Randomization (ASLR) can be bypassed using Return-Oriented Programming (ROP), enabling unauthenticated remote code execution via memory manipulation.
Category: Newsletter
4. The article advocates for redesigning systems in which AI en…
The article advocates for redesigning systems in which AI enhances meaningful signals instead of obscuring them, improving overall user experience and information delivery.
Category: Newsletter
5. Qilin ransomware group exfiltrated 300GB of data from Corner…
Qilin ransomware group exfiltrated 300GB of data from Cornerstone Staffing Solutions, including 120,000 resumes, Social Security numbers, salary data, and financial records, with threats of sophisticated phishing campaigns.
Category: Newsletter
6. EchoGram exploits gaps in training data guardrails by inject…
EchoGram exploits gaps in training data guardrails by injecting nonsensical “flip tokens” that cause false positives and bypasses in GPT-5.1, Claude, and Gemini, posing a dual threat of alert fatigue and actual malicious prompt bypasses.
Category: Newsletter
7. The RondoDox botnet leverages a vulnerability in the XWiki S…
The RondoDox botnet leverages a vulnerability in the XWiki SolrSearch endpoint, sending base64-encoded Groovy payloads via HTTP GET requests to download and execute malware. Existing IOC blocklists remain effective against this threat.
Category: Newsletter
8. Semantic memory and working memory serve distinct roles in A…
Semantic memory and working memory serve distinct roles in AI—semantic memory enables personalization across sessions, while working memory maintains execution state within tasks. They should be treated as separate systems with different requirements.
Category: Newsletter
9. Anthropic released beta features including a Tool Search Too…
Anthropic released beta features including a Tool Search Tool to reduce token usage, Programmatic Tool Calling for orchestration via Python code, and Tool Use Examples to improve accuracy in complex parameter handling.
Category: Newsletter
10. AI coding agents are transforming software development by au…
AI coding agents are transforming software development by autonomously managing tasks across the lifecycle. Teams integrating such agents can deliver faster and more efficiently without major workflow disruptions.
Category: Newsletter
11. The Anthropic team announced MCP Apps, enabling MCP servers …
The Anthropic team announced MCP Apps, enabling MCP servers to render interactive user interfaces via sandboxed iframes. This structured approach improves UI resource management and security through layered protections and auditability.
Category: Newsletter
12. Zipchat
Zipchat.ai offers an AI sales agent tailored for Shopify brands that answers product questions instantly, recommends upsells, recovers abandoned carts, and automates support to boost revenue and reduce costs.
Category: Newsletter
13. AI2 released OLMo 3, a fully open large model suite optimize…
AI2 released OLMo 3, a fully open large model suite optimized for reasoning, chat, and tool use. The release includes multiple model variants and a complete open-source training lifecycle for enhanced transparency and development.
Category: Newsletter
14. Google’s Agent Development Kit now includes a reference impl…
Google’s Agent Development Kit now includes a reference implementation called “Deep Search,” demonstrating agent workflows that recursively think through problems via human collaboration and autonomous execution.
Category: Newsletter
15. Parallel introduced the Extract API in beta, offering clean …
Parallel introduced the Extract API in beta, offering clean markdown extraction from any URL, including complex JavaScript-heavy sites and multi-page PDFs. It supports compressed excerpts or full content extraction.
Category: Newsletter