Last February, CVE-2024-26141 punched a nasty hole inRack's Range header parsing. All versions since 1.3.0 are exposed. The bug let attackers blow up memory usage and responses—classic denial-of-service—just by crafting bloated Range headers. The trick? Custom file download handlers. They skip the u.. read more  

A stateful browser agent using self-healing DOM maps is now available. Users describe tasks, Agent4 performs them, creates reusable workflows from interactions, and executes instantly on subsequent requests. Under the hood, it checks for known maps in a vector DB, patches them if needed, and self-he.. read more  

Wiz dug up 550+ leaked secrets buried in 500+ public VSCode extensions—including 130+ live access tokens forVSCode MarketplaceandOpenVSX. That’s a wide-open door to supply chain attacks through auto-updates. Microsoft reacted fast: dumped the breached tokens, rolled outpre-publish secret scanning, a.. read more  

UnpatchedSharePoint flaws(CVE-2025-53770, CVE-2025-49704) cracked open theKansas City National Security Campusin July. IT systems tied to 80% of U.S. non-nuclear weapons parts got compromised. Attackers—likely state-backed, Russian or Chinese—moved fast, hitting the zero-day RCE and spoofing bugs ju.. read more  

Python 3.14 lands with a ~27% speed jump over 3.13, keeping the post-3.11 momentum alive. The big news: the newfree-threading interpreter—no GIL—now hits up to3.1x fasterthan regular CPython in multi-threaded, CPU-heavy benchmarks. That’s up from 2.2x in 3.13. Less shiny: theJIT interpreterstill can.. read more  

OpenAI’sSora 2just dropped intopublic previewvia theAzure AI FoundryAPI. It’s a multimodal video model aimed at serious use—enterprise safety, API-ready, built for scale. Azure didn’t stop there. It bundled inGPT-image-1,Flux 1.1, andKontext Pro, pulling together a full-gen stack under one roof... read more  

Microsoft’s Azure AI Foundry just released a proper workflow for putting LLMs through their paces. Thinkoffline/online tests,human-in-the-loop checks,automated scoring, and evencustom evaluators—all wired into one system. At the heart of it: the newAzure AI Evaluation SDK. You can run it locally whi.. read more  

A fresh approach calledstructured vibe codingblends human-style team habits with AI workflows. Specs, GitHub Issues, and Copilot now pull agents into the loop like actual teammates. Powered byGitHub Copilot Coding AgentsandAzure AI Foundry, devs can run full AI-driven sprints—spec to PR—right inside.. read more  

OpenAI, Broadcom, NVIDIA, and AMD say they’ll deploy10GWof AI compute by end of 2026. That includes custom chips and slews of 1GW data centers. What they didn’t say: where, when, or how. No sites named. No shovels in dirt. OpenAI alone aims for250GW by 2033—a moonshot that needs$400Bin the next 12 m.. read more  

Anthropic releasedClaude Skills—a lean way to snap specialized instructions and scripts into Claude without bloating the prompt. Each “skill” lives in a folder with Markdown and optional code. Frontmatter tags tell Claude when to load what. No need to cram everything into the context window—Claude g.. read more