Blog
Thoughts on code, AI tools, best practices, and building for the web.
All articles
AI Crawlers May Soon Need to Pay Website Owners
Cloudflare is building tools that let website owners allow, block, or charge AI crawlers and agents using x402 stablecoin payments.
The Claude Fable 5 Jailbreak Claims, Explained
breakdown of the Claude Fable 5 jailbreak claims: what red-teamer Pliny the Liberator reported, the tactics used, and Anthropic's rebuttal.
Claude Code Hidden Prompt Markers: Why Developers Are Angry
Claude Code allegedly used prompt steganography to mark some requests. Here is what happened, why developers are angry, and what it means for AI trust…
How a Poisoned VS Code Extension Breached GitHub — And What Every Developer Should Do Right Now
A poisoned Nx Console VS Code extension led to GitHub's internal breach. Learn how the attack happened and the steps every developer should take to st…
NGINX Rift (CVE-2026-42945): What It Is and How to Fix It
CVE-2026-42945 is a critical heap buffer overflow in NGINX's rewrite module. Learn what it is, if you're affected, and exactly how to fix it step by s…
CallPhantom: 28 Fake Apps on Google Play Scammed 7.3 Million Users — India Was the Primary Target
ESET uncovered 28 fraudulent Android apps on Google Play promising call history lookups. 7.3M downloads, 53.7% from India, UPI payments exploited. Her…
Fake OpenAI Privacy Filter Hits #1 on Hugging Face — Supply Chain Attack Breakdown
Malicious Hugging Face repo typosquatted OpenAI's Privacy Filter, hit 244K downloads in 18 hours, and deployed a Rust infostealer stealing credentials…
Bleeding Llama (CVE-2026-7482): Critical Ollama Vulnerability Leaks Your Entire Server Memory
Critical Ollama vulnerability CVE-2026-7482 (CVSS 9.1) lets attackers steal API keys, prompts, and secrets from 300K+ servers using 3 unauthenticated…