doorss

Thomas Ptacek examines the sudden and enormous impact frontier AI models are having on vulnerability research, fundamentally changing the field.

A writeup of how Claude Code discovered a Linux vulnerability that had been hidden for 23 years, illustrating the growing capabilities of AI in security research.

The Linux kernel maintainer describes how AI-generated security reports have evolved from obvious slop to high-quality submissions that are overwhelming maintainers with their volume.

The Axios team published a full postmortem on the supply chain attack that injected malware into a release, revealing individually targeted social engineering against maintainers.

An argument for minimizing software dependencies, framing each one as an expanded attack surface for supply chain compromises.

Anthropic's interpretability research investigates how emotion-like concepts emerge and function within large language models, exploring whether models that say they're happy or sorry have internal representations resembling emotions.

Simon Willison discusses the cognitive costs and benefits of working with AI coding agents, drawn from his appearance on Lenny's Podcast.

An essay arguing that the value of code itself is diminishing as AI generation capabilities improve, shifting what matters in software engineering.

GitHub's COO reports that platform activity has exploded from 1 billion commits in all of 2025 to 275 million per week, on pace for 14 billion this year, with GitHub Actions growing from 400K to 6 million daily runners.

Microsoft releases a smaller, more efficient AI model as compute resource constraints force the industry to consider alternatives to ever-larger frontier systems.

Research reveals that LinkedIn is scanning and detecting users' installed browser extensions, raising privacy concerns about platform-level surveillance of user tooling.

A user discovers that Adobe software silently modified their system hosts file, prompting discussion about the boundaries of what installed applications should be allowed to do.

Suomen ilmatilassa lensi räjähdelastissa oleva drooni, jota viranomaiset eivät havainneet. Tilanne paljasti vakavia puutteita droonien torjunnassa.

Iranin sota on heiluttanut Euribor-korkoja, ja Nordean pääanalyytikon mukaan korkojen nousu vaikuttaa jo Suomen talouskasvuun.

Wärtsilä paljasti vahingossa lähes 500 kesätyöhakijan sähköpostiosoitteet. Yhtiön mukaan kyseessä oli inhimillinen virhe.

Cursor announces version 3 of its AI-powered code editor, a major release in the rapidly evolving space of AI-assisted development tools.

A case study of a feature that never worked correctly, examining what perceived urgency does to AI coding agent output when using Claude Code.