Join us
Updates and recent posts about Winston AI..
TheModel Context Protocol (MCP) 2025-11-25spec tightens up remote agent auth. It leans intoOAuth 2.1 Authorization Code grants, PKCE required, step-up auth backed. No token passthrough allowed. What’s new: experimental extensions forclient credentialsandclient ID metadata. These smooth out agent reg.. read more
Palantir's AIP Agentic Runtime isn't just another agent platform, it's a control plane with teeth. Think tight policy enforcement, ephemeral autoscaling with Kubernetes (Rubix), and memory stitched in from the jump viaOntology. Tool usage? Traced and locked down with provenance-based security. Every.. read more
A dev ditched their $100/month VPS for a clean, automated CoreOS setup. No SSH. No clicking around. JustIgnition,Podman Quadlets, andTerraformdoing the heavy lifting. It boots from YAML, spins up containers with systemd, and keeps itself fresh withPodman auto-updates, zero-touch, straight from the r.. read more
A fresh take onAWS Lambdaand serverless: thinknanoservices- tiny, isolated functions instead of chunky microservices. No shared state or shared runtime but clean separation, lean logic, and fewer ways to screw up scaling. Where microservices can spiral into spaghetti, nanoservices stay crisp. Each f.. read more
AI assistants with shell, network, or filesystem "skills" don't just help, they expose. These hooks can run commands before any human checks the model’s output. That means a bigger attack surface. More room for lateral movement. Easier persistence. In setups where tools like Claude Code run often, i.. read more
Moltbot, the self-hosted AI agent with native hooks for Slack, Telegram, and WhatsApp, exploded from 50-ish to over 3,000 GitHub forks a day after going viral on Jan 24, 2026. It's built around a file-backed workspace and automates everything from code deploys to cloud orchestration. Cool? Definitel.. read more
Wiz Research dropped details onCodeBreach, a serious flaw that cracked open AWS SDK GitHub repos, yes, including the popular JavaScript one. The root problem? Leakyregex filtersin CodeBuild pipelines. They missed anchors, so attackers slipped in rogue pull requests, dodged build rules, and stole hig.. read more
OpenClaw, an open-source AI assistant platform, has been launched, evolving from Clawdbot and Moltbot. It features new plugins, enhanced security, and support for new models, while addressing a major security vulnerability. The platform emphasizes community involvement and invites contributions for its development.
