Posts from @weiyilai..
AI is now a core execution layer in software delivery. In 2025, attackers exploited automation, trusted pipelines, and AI-generated code instead of vulnerabilities. This report explains why traditional AppSec signals failed and what must change in 2026.
From the Release Hub and backlog management to automated release notes, Jira has plenty of tools to help you plan your next release. In this blog post, we explain how to use these tools effectively for different release types. You will also get practical tips for extending the native Jira release planning capabilities with additional apps. Let’s dive in!
A recent change to 1.1.1.1 accidentally altered the order of CNAME records in DNS responses, breaking resolution for some clients. This post explores the technical root cause, examines the source code of affected resolvers, and dives into the inherent ambiguities of the DNS RFCs... read more
Out of 238 student open source contributions over seven years, 237 landed onGitHub- even though they were told to look elsewhere. One short-lived GitHub IP block brought everything to a standstill. No commits. No reviews. Just silence. Turns out, a single platform holds the keys to a whole ecosystem.. read more
An engineer cracked open YouTube’s “most replayed” heatmap. Turns out it runs onsampled view frequency arrays, client-sidenormalization, andSVG renderingstitched together withCubic Bézier splinesfor that smooth, snappy curve. Behind the scenes, playback gets logged with adifference array + prefix su.. read more
Go gets big props for its built-in concurrency model withgoroutinesandchannels, which make lightweight, scalable parallelism easy and ergonomic. The author criticizes Go's type system for lacking things likeenums, closed type sets, and tuples, making certain patterns awkward compared with Rust's ric.. read more
A new workflow dropsClaude Codeinto aBubblewrap-based sandbox, cutting Anthropic's client-side code out of the trust loop. Compared to spinning up Docker or juggling user accounts, Bubblewrap locks things down tighter - with less setup and cleaner OS-level walls around files, network access, and sec.. read more
📍 Dallas, Texas | 🗓 January 22, 2026 Securing the Future starts here. We’re excited to be part of FutureCon Dallas, a high-impact event bringing together CISOs, C-suite leaders, and senior security professionals to tackle today’s most pressing cyber threats. 🔹 Why attend? Gain actionable insights in..
Kubernetes v1.35 lands with acredential plugin allowlist, now in beta, no feature gate needed. It lets you lock down whichexecplugins your kubeconfigs can run. Tighter leash, lower risk. Especially when the credential pipeline gets sketchy... read more
A sharp look at how execution environments evolved - from bare metal to VMs, containers, sandboxes, and language-level runtimes. The focus: isolation. Hardware, kernel, processes, runtimes - each adds a boundary. Modern stacks mix and match layers to dial in the right amount. VMs, containers, venvs... read more
