The Worm in the Machine: Dissecting the Self-Spreading npm Attack
A new npm worm doesn't just steal your keys-it turns your own code into a weapon. A deep dive into the CanisterWorm's anatomy, from postinstall hooks to its unkillable blockchain C2.
Blog
Thoughts on engineering, AI, security, and the craft of building things.
Firefox 150: When Defenders Win Decisively
271 vulnerabilities fixed. Team worked around the clock since February. This is the story of how defenders finally caught a glimpse of victory against the attacker advantage.
Git 2.52–2.54: Worktrees, History Rewriting, and Monorepo Speed
Three Git releases packed the features I've been asking for: parallel worktrees without the stash dance, rewrite commits without rebasing, and geometric repacking that turns hours into minutes.
The Pattern Repeats: Claude Design and the Death of Design Handoff?
Figma dropped 7.5% when Claude Design launched. The market might be pricing in a workflow shift that could reshape how we build interfaces.
MiniMax M2.7: When AI Agents Rewrite Their Own Code
MiniMax M2.7 achieves 30% performance gains without retraining by treating its agent harness as mutable infrastructure — and it changes everything about how we deploy AI
An AI Tool I'd Never Heard Of Just Cracked Open Vercel
On April 19 Vercel disclosed a breach. The attacker walked in through a third-party AI tool's OAuth app — and your stack probably trusts ten of those.
Why I Swapped LocalStack for Floci — And Didn't Look Back
LocalStack started gating CI behind auth tokens. Here's how I moved my daily AWS dev loop to Floci — faster boots, MIT license, no signup wall.
Did Anthropic Crack the Recurrent Code? The Looped LLM Theory Behind Claude Mythos
Claude Mythos achieved 80% exploit success rate vs Opus 4.6's 38.7%. The performance gap is too large to be just 'more parameters'. Here's why I believe Anthropic built the first production-grade Looped Language Model—and what it means for AI in 2026.
MCP Security: The Attack Surface Nobody's Talking About
Model Context Protocol just handed AI agents the keys to your infrastructure. Here's why tool poisoning and preference manipulation are more dangerous than prompt injection—and what you can actually do about it. 🔓