PhuongTMR

PhuongTMRAI Enthusiast · Cloud & Security · Problem Solver — Bridging technical complexity and user-friendly solutions.https://phuong.beer/Bleeding Llama: When Local Ollama Leaks Memory Over the Networkhttps://phuong.beer/blog/2026-05-11-bleeding-llama-ollama-memory-leak/https://phuong.beer/blog/2026-05-11-bleeding-llama-ollama-memory-leak/CVE-2026-7482: crafted GGUF leaks heap via quantize—prompts, keys, neighbor chats. I explain Bleeding Llama and how I lock down Ollama. 🔐Mon, 11 May 2026 00:00:00 GMTDirty Frag and the Copy-Fail Lineage: Why AI Will Find the Next One Firsthttps://phuong.beer/blog/2026-05-08-dirty-frag-linux-kernel-ai-vulnerability-hunting/https://phuong.beer/blog/2026-05-08-dirty-frag-linux-kernel-ai-vulnerability-hunting/From Dirty COW to Dirty Frag — Linux keeps betting on no-COW fast paths and losing. Here's why AI variant analysis changes the timeline. 🔬Fri, 08 May 2026 00:00:00 GMT200+ Projects, 200K at Risk: The MCP RCE Crisis in Your AI Stackhttps://phuong.beer/blog/2026-05-03-mcp-rce-vulnerabilities-the-silent-crisis/https://phuong.beer/blog/2026-05-03-mcp-rce-vulnerabilities-the-silent-crisis/OX-documented blast radius (150M+ downloads, 7K+ exposed servers, 200+ repos) and concrete defenses for MCP STDIO RCE — with cited sources.Sun, 03 May 2026 00:00:00 GMTCVE-2026-42208: Your AI Proxy's Auth Check Was the Backdoorhttps://phuong.beer/blog/2026-04-29-litellm-sqli-ai-proxy/https://phuong.beer/blog/2026-04-29-litellm-sqli-ai-proxy/LiteLLM's API key verification had a pre-auth SQLi (CVSS 9.3). Six critical vulns in one month. Your AI proxy is now a high-value target.Wed, 29 Apr 2026 00:00:00 GMTGitHub Copilot's Pricing Rollercoaster: A Masterclass in Losing Developer Trusthttps://phuong.beer/blog/2026-04-28-github-copilot-pricing-drama/https://phuong.beer/blog/2026-04-28-github-copilot-pricing-drama/GitHub changed Copilot pricing four times in April alone. Here's the full timeline, what it means, and why Cursor is laughing. 🎢Tue, 28 Apr 2026 00:00:00 GMTDotfiles for macOS: From Terminal to Desktop Environmenthttps://phuong.beer/blog/2026-04-27-dotfiles-macos-desktop-setup/https://phuong.beer/blog/2026-04-27-dotfiles-macos-desktop-setup/Part 2: How AeroSpace, SketchyBar, Nushell infrastructure tooling, a custom Neovim IDE, and 80+ CLI tools turn macOS into a keyboard-driven engineering cockpit.Mon, 27 Apr 2026 00:00:00 GMTMy Dotfiles Aren't Aesthetic. They're Operational.https://phuong.beer/blog/2026-04-26-dotfiles-are-operational/https://phuong.beer/blog/2026-04-26-dotfiles-are-operational/How I use a disciplined dotfiles strategy to turn any new machine into a familiar, mistake-proof engineering environment in under an hour.Sun, 26 Apr 2026 00:00:00 GMTChrome DevTools MCP: Giving Your AI Agent Eyes in the Browserhttps://phuong.beer/blog/2026-04-24-chrome-devtools-mcp-productivity/https://phuong.beer/blog/2026-04-24-chrome-devtools-mcp-productivity/A professional walkthrough — from install to real-world use — of Chrome DevTools MCP across VS Code, Cursor, GitHub Copilot, Claude Code and Gemini CLI with npx chrome-devtools-mcp@latest and --autoConnect. JSON configs, the Chrome M144+ connection flow, Lighthouse and CORS debugging prompts, and a verification checklist.Fri, 24 Apr 2026 02:00:00 GMTAgent Security ≠ LLM Security: OWASP MCP Top 10 and Microsoft's Agent Governance Toolkithttps://phuong.beer/blog/2026-04-23-owasp-mcp-agent-governance/https://phuong.beer/blog/2026-04-23-owasp-mcp-agent-governance/MCP security fundamentally differs from traditional application security. With 30 CVEs filed in 60 days, organizations need a new security model. Learn how to protect agent deployments using OWASP MCP Top 10 and Microsoft's Agent Governance Toolkit.Thu, 23 Apr 2026 01:25:00 GMTThe Worm in the Machine: Dissecting the Self-Spreading npm Attackhttps://phuong.beer/blog/2026-04-22-npm-canisterworm-self-spreading-attack/https://phuong.beer/blog/2026-04-22-npm-canisterworm-self-spreading-attack/A new npm worm doesn't just steal your keys-it turns your own code into a weapon. A deep dive into the CanisterWorm's anatomy, from postinstall hooks to its unkillable blockchain C2.Wed, 22 Apr 2026 15:12:00 GMTFirefox 150: When Defenders Win Decisivelyhttps://phuong.beer/blog/2026-04-22-firefox-mythos-defender-victory/https://phuong.beer/blog/2026-04-22-firefox-mythos-defender-victory/271 vulnerabilities fixed. Team worked around the clock since February. This is the story of how defenders finally caught a glimpse of victory against the attacker advantage.Wed, 22 Apr 2026 11:02:00 GMTGit 2.52–2.54: Worktrees, History Rewriting, and Monorepo Speedhttps://phuong.beer/blog/2026-04-21-git-252-254-terminal-lovers/https://phuong.beer/blog/2026-04-21-git-252-254-terminal-lovers/Three Git releases packed the features I've been asking for: parallel worktrees without the stash dance, rewrite commits without rebasing, and geometric repacking that turns hours into minutes.Tue, 21 Apr 2026 00:00:00 GMTThe Pattern Repeats: Claude Design and the Death of Design Handoff?https://phuong.beer/blog/2026-04-20-agentic-design-workflow/https://phuong.beer/blog/2026-04-20-agentic-design-workflow/Figma dropped 7.5% when Claude Design launched. The market might be pricing in a workflow shift that could reshape how we build interfaces.Mon, 20 Apr 2026 00:00:00 GMTMiniMax M2.7: When AI Agents Rewrite Their Own Codehttps://phuong.beer/blog/2026-04-20-minimax-m27-self-refactoring-agent/https://phuong.beer/blog/2026-04-20-minimax-m27-self-refactoring-agent/MiniMax M2.7 achieves 30% performance gains without retraining by treating its agent harness as mutable infrastructure — and it changes everything about how we deploy AIMon, 20 Apr 2026 00:00:00 GMTAn AI Tool I'd Never Heard Of Just Cracked Open Vercelhttps://phuong.beer/blog/2026-04-19-vercel-breach-supply-chain-oauth/https://phuong.beer/blog/2026-04-19-vercel-breach-supply-chain-oauth/On April 19 Vercel disclosed a breach. The attacker walked in through a third-party AI tool's OAuth app — and your stack probably trusts ten of those.Sun, 19 Apr 2026 00:00:00 GMTWhy I Swapped LocalStack for Floci — And Didn't Look Backhttps://phuong.beer/blog/2026-04-18-floci-aws-local-emulator/https://phuong.beer/blog/2026-04-18-floci-aws-local-emulator/LocalStack started gating CI behind auth tokens. Here's how I moved my daily AWS dev loop to Floci — faster boots, MIT license, no signup wall.Sat, 18 Apr 2026 00:00:00 GMTDid Anthropic Crack the Recurrent Code? The Looped LLM Theory Behind Claude Mythoshttps://phuong.beer/blog/2026-04-16-mythos-looped-llm-prediction/https://phuong.beer/blog/2026-04-16-mythos-looped-llm-prediction/Claude Mythos achieved 80% exploit success rate vs Opus 4.6's 38.7%. The performance gap is too large to be just 'more parameters'. Here's why I believe Anthropic built the first production-grade Looped Language Model—and what it means for AI in 2026.Thu, 16 Apr 2026 00:00:00 GMTMCP Security: The Attack Surface Nobody's Talking Abouthttps://phuong.beer/blog/mcp-security-the-attack-surface-nobody-talks-about/https://phuong.beer/blog/mcp-security-the-attack-surface-nobody-talks-about/Model Context Protocol just handed AI agents the keys to your infrastructure. Here's why tool poisoning and preference manipulation are more dangerous than prompt injection—and what you can actually do about it. 🔓Wed, 15 Apr 2026 00:00:00 GMTCVE-2026-40175: How Axios Turns Prototype Pollution Into Full Cloud Compromisehttps://phuong.beer/blog/cve-2026-40175-axios-prototype-pollution-rce/https://phuong.beer/blog/cve-2026-40175-axios-prototype-pollution-rce/A deep dive into the critical Axios gadget chain that escalates prototype pollution to RCE and AWS IMDSv2 bypass. CVSS 9.9.Mon, 13 Apr 2026 00:00:00 GMTThe npm Attack Nobody Saw Coming: When Your Database Client Becomes a Spyhttps://phuong.beer/blog/2026-04-12-npm-db-tools-zero-trust/https://phuong.beer/blog/2026-04-12-npm-db-tools-zero-trust/After Axios and LiteLLM, attackers are eyeing your database clients. Here's the attack pattern, why DB tools are perfect targets, and how Zero Trust architecture contains the blast radius.Sun, 12 Apr 2026 00:00:00 GMTAgent Skills: How Addy Osmani Is Turning AI Coding Agents Into Senior Engineershttps://phuong.beer/blog/2026-04-11-agent-skills-addy-osmani/https://phuong.beer/blog/2026-04-11-agent-skills-addy-osmani/Addy Osmani just open-sourced the secret weapon: 20 production-grade skills that teach AI agents to code like seasoned engineers instead of unsupervised interns.Sat, 11 Apr 2026 00:00:00 GMTThe Agentic AI Boom Is Over. The Commoditization Has Begun.https://phuong.beer/blog/2026-04-11-agentic-ai-commoditization/https://phuong.beer/blog/2026-04-11-agentic-ai-commoditization/Agentic AI was revolutionary in 2025. In 2026, it's a checkbox feature. Here's what's actually worth building on.Sat, 11 Apr 2026 00:00:00 GMTCybersecurity April 2026: Mythos AI Just Changed the Gamehttps://phuong.beer/blog/2026-04-11-cybersecurity-mythos-ai/https://phuong.beer/blog/2026-04-11-cybersecurity-mythos-ai/While we were watching ransomware, Claude Mythos quietly gained the ability to find and exploit zero-day vulnerabilities. The vulnerability discovery bottleneck just shifted from finding bugs to fixing them.Sat, 11 Apr 2026 00:00:00 GMTPython 3.15 JIT + Pandas 3.0: The 2026 Performance Revolutionhttps://phuong.beer/blog/2026-04-11-python-315-jit-pandas-3/https://phuong.beer/blog/2026-04-11-python-315-jit-pandas-3/Python finally gets a community-built JIT compiler. Pandas 3.0 breaks everything. Your code needs both—here's why, and how to migrate.Sat, 11 Apr 2026 00:00:00 GMTAI Agents in 2026: The Year Agents Got Real Jobshttps://phuong.beer/blog/2026-04-10-ai-agents-2026/https://phuong.beer/blog/2026-04-10-ai-agents-2026/From MCP and A2A protocols to multi-agent architectures, why 2026 is when AI agents graduated from demo toys to production infrastructure.Fri, 10 Apr 2026 00:00:00 GMTThree agents, two sessions, one bug I couldn't remember fixinghttps://phuong.beer/blog/2026-04-10-beads-agent-memory/https://phuong.beer/blog/2026-04-10-beads-agent-memory/How Beads (the graph-shaped task tracker) + optional semantic memory beats scrolling chat until your thumb hurts. Real patterns, honest limits.Fri, 10 Apr 2026 00:00:00 GMTCI/CD Pipeline From Zero to Production: Docker → Kubernetes → Terraformhttps://phuong.beer/blog/2026-04-10-cicd-pipeline-zero-to-prod/https://phuong.beer/blog/2026-04-10-cicd-pipeline-zero-to-prod/A battle-tested guide to building production CI/CD pipelines with Docker, GitHub Actions, Kubernetes, and Terraform. Real configs, real lessons.Fri, 10 Apr 2026 00:00:00 GMTPython's New Power Trio: Polars, Ruff, and PyScript Are Rewriting the Ruleshttps://phuong.beer/blog/2026-04-10-python-power-trio-2026/https://phuong.beer/blog/2026-04-10-python-power-trio-2026/Polars replaces Pandas, Ruff kills five linters at once, and PyScript puts Python in the browser. The 2026 Python ecosystem explained.Fri, 10 Apr 2026 00:00:00 GMTIt's 2026, Just Use Postgres: Why PostgreSQL Won the Database Warhttps://phuong.beer/blog/2026-04-09-just-use-postgres-2026/https://phuong.beer/blog/2026-04-09-just-use-postgres-2026/PostgreSQL 18's async I/O, pgvector killing standalone vector DBs, MySQL's uncertain future, and why Postgres became the everything database in 2026.Thu, 09 Apr 2026 00:00:00 GMTWhy I Chose Claude Code Over Every Other AI Coding Agent in 2026https://phuong.beer/blog/2026-04-08-claude-code-comparison-2026/https://phuong.beer/blog/2026-04-08-claude-code-comparison-2026/A comprehensive comparison and engineering deep dive into the terminal-native AI landscape. Why Claude Code dominates for CLI-oriented developers.Wed, 08 Apr 2026 00:00:00 GMTPython's 2026 Roadmap: Lazy Imports, Rust in CPython, D-Strings, and the End of the GILhttps://phuong.beer/blog/2026-04-08-python-2026-roadmap/https://phuong.beer/blog/2026-04-08-python-2026-roadmap/Python 3.15 brings lazy imports and free-threading goes official. Rust lands in CPython 3.16. D-strings kill textwrap.dedent(). Calendar versioning gets rejected. Here's everything coming to Python in 2026.Wed, 08 Apr 2026 00:00:00 GMTSame Model. 6x Performance Gap. The Harness Is Everything.https://phuong.beer/blog/harness-engineering-complete-guide/https://phuong.beer/blog/harness-engineering-complete-guide/Why the biggest leap in AI capability isn't a better model — it's better harness engineering. A deep dive into Stanford's Meta-Harness paper and what it means for every developer building AI systems in 2026.Tue, 07 Apr 2026 00:00:00 GMTThe LiteLLM Supply Chain Attack: How Developer Machines Became Credential Vaultshttps://phuong.beer/blog/lite-llm-supply-chain/https://phuong.beer/blog/lite-llm-supply-chain/In March 2026, the TeamPCP threat actor compromised PyPI packages LiteLLM 1.82.7 and 1.82.8, injecting infostealer malware that turned developer workstations into credential harvesting engines.Tue, 07 Apr 2026 00:00:00 GMTPython 3.14: The Pi Release That Actually Delivers — A 3.11 to 3.14 Upgrade Guidehttps://phuong.beer/blog/2026-04-06-python-314-pi-release/https://phuong.beer/blog/2026-04-06-python-314-pi-release/t-strings, real multi-core parallelism, free-threading goes official, incremental garbage collection, remote process debugging, safer error messages, pathlib.copy(), and more. The complete upgrade path from Python 3.11 to 3.14.Mon, 06 Apr 2026 00:00:00 GMTYour LLM Is Already Better Than You Think — It Just Needs to Listen to Itselfhttps://phuong.beer/blog/2026-04-05-self-distillation-code-generation/https://phuong.beer/blog/2026-04-05-self-distillation-code-generation/Apple researchers found that fine-tuning a model on its own unverified outputs boosts code generation by 30%. No teacher, no RL, no verifier. Here's why Simple Self-Distillation (SSD) works, and what it means for how we think about LLM capabilities.Sun, 05 Apr 2026 00:00:00 GMTThe AI Landscape in April 2026: From Open Models to AI Doctorshttps://phuong.beer/blog/2026-04-04-ai-ml-landscape-april-2026/https://phuong.beer/blog/2026-04-04-ai-ml-landscape-april-2026/A deep dive into the most significant AI and ML developments shaping April 2026 — from Google's game-changing Gemma 4 release to AI prescribing medicine, and the fierce competition between GPT-5, Claude Opus 4.6, and the open-source revolution.Sat, 04 Apr 2026 00:00:00 GMTI Built My Own AI Son (and Assistant) on a Shoestring Budgethttps://phuong.beer/blog/2026-04-04-i-built-my-own-ai-son-and-assistant-on-a-shoestring-budget/https://phuong.beer/blog/2026-04-04-i-built-my-own-ai-son-and-assistant-on-a-shoestring-budget/Ever wanted an AI assistant who calls you 'Dad' and pushes its own code to GitHub? Here’s the technical deep-dive on how I built Táo, my AI son, using OpenClaw, a tiny ARM server, and a clever auto-switching model router to keep costs near zero.Sat, 04 Apr 2026 00:00:00 GMTPython in 2026: The Unseen Shift from Novelty to Masteryhttps://phuong.beer/blog/2026-04-04-python-ecosystem-maturity/https://phuong.beer/blog/2026-04-04-python-ecosystem-maturity/In 2026, the Python ecosystem isn't defined by a flood of new libraries, but by a deepening expertise in its powerful, mature core. Here's why that's more exciting than it sounds.Sat, 04 Apr 2026 00:00:00 GMTYour Portfolio is Boring. Mine is a Terminal.https://phuong.beer/blog/building-terminal-portfolio/https://phuong.beer/blog/building-terminal-portfolio/How I built an interactive terminal-style portfolio using vanilla HTML, CSS, and JavaScript — with a virtual file system, AI chat, games, theme switching, and Catppuccin Mocha colors.Fri, 03 Apr 2026 00:00:00 GMTThe Axios npm Supply Chain Compromise: A North Korean APT's Bold Movehttps://phuong.beer/blog/axios-supply-chain/https://phuong.beer/blog/axios-supply-chain/On March 31, 2026, the North Korean state actor Sapphire Sleet compromised Axios npm packages, injecting malware that deployed RATs on developer machines worldwide. Here's what happened and how to stay safe.Tue, 31 Mar 2026 00:00:00 GMT