Want AI Agents That Don't Spill Secrets? Don't Give Them Secrets
The golden rule of AI agent security is simple, but routinely ignored: if you don't want your AI agent to reveal a secret, don't give it access to that secret.
Source: Intel has promised to deliver SpaceX and Apple a toolkit this fall to test its 14A node before they make final commitments to produce chips with Intel
Asian AI startups launch Mythos-like models as Anthropic's export ban drags on | TechCrunch
New models are launching in Asia that promise Mythos-like capabilities without fear of an export ban. U.S. AI labs may never recover this enormous market.
How I hunt for vulnerabilities with AI | ClickHouse
I'm an experienced software engineer, but I'm not a seasoned bug bounty hunter. I used GitHub Copilot in combination with Claude Opus and Gemini models to search for vulnerabilities in the ClickHouse codebase, generate hypotheses, and speed up validation.
I don't wonder how this happens after two decades of experience in infra roles. I've seen things! | Nearly a million passports just exposed on the public internet—and anyone could access them with a simple URL
Nearly one million passports and driver's licenses from multiple countries were left unprotected online with zero password protection. Here's what happened.
The revised targeting principles, approved without public disclosure in April, envision “systems where AI initiates actions with human monitoring,” instead of “‘human in the loop’ systems, in which a human initiates actions.”
https://www.bloomberg.com/news/articles/2026-06-25/pentagon-sees-broader-role-for-ai-in-setting-military-targets
Introduction The setup Laying the foundation The foundation: schemas and user roles for modularity Domains Accounts, managed and external Transfers, constrained by a state machine and temporal periods Transfer state history Account auditing Transactions, the immutable events On maintaining business rules via meaningful constraints The transfer state machine Transactions must fall within the transfer period Pending transactions require a pending transfer No future transactions when closing a transfer On capacity planning Working set estimation On write throughput Enabling HOT Updates for Transfers Making sure there are no Unused indexes OLTP Listing The history of a transfer OLAP Balance ledger Incremental maintenance via triggers On serializable isolation On decoupling Benchmarking the startup scenario Seed data Write script: full transfer lifecycle Read script: activity stream and balance Running the benchmark Results Conclusion Appendix A: Full code suite. Introduction There is a deep cultural reflex in modern engineering: whenever a problem appears, reach for a packaged solution instead of thinking from first principles. The result is architectural cargo culting and lots of missed opportunities. Some intentionally absurd-but-familiar examples:
The memory shortage shaking Apple and Microsoft is 'existential crisis' for smaller players
While Apple and Microsoft raise prices on key devices to help cover the soaring costs of memory, smaller consumer electronics companies are in dire straits.
Dissecting and Exploiting Linux LPE Variant: DirtyClone (CVE-2026-43503) - JFrog Security Research
During an audit of recent Linux kernel patches, the JFrog Security Research team identified that despite fixes addressing the DirtyFrag vulnerability family, a residual issue remained unaddressed.
I've been following WisdPi's development of various 5 Gbps and 10 Gbps Ethernet adapters for the past couple years.
They use newer Realtek Ethernet chips, which sometimes have performance quirks—most frequently encountered under Linux.
In today's video, I tested the new WisdPi 10G Ethernet Expansion Card for Framework computers. It fits in any available Framework Expansion slot—even on the Framework Desktop.
But Expansion Cards use USB-C for their connection to the mainboard—and therein lies the rub...
An open letter from the technology industry, and the launch of Akrites - a coordinated effort to remediate vulnerabilities in the open source software the world runs on.
Om Malik passed away on June 24, 2026, at Stanford Hospital after a long health journey with his heart. He was surrounded by family and friends. We invite you to share your remembrances of Om in th…
How Do You Know When an AI Agent Has Gone Rogue? | Built In
Discover why traditional guardrails fail to stop AI agent breaches. This deep dive analyzes the 5 stages of agent failure — from prompt injection to memory poisoning — and why execution must remain deterministic.
Critical libssh2 Vulnerability Allows Attackers to Execute Remote Code Via Malicious SSH packets
A critical security vulnerability has been identified in the widely used libssh2 library, allowing remote attackers to execute arbitrary code through specially crafted SSH packets.