Blog Archive
AI Can Already Exploit Your Smart Contract for $1.22. That Number Is Falling.
Anthropic's red team priced agentic exploitation at retail: $1.22 to scan, $1,738 per vulnerability identified, $109 net profit. AI agents went from 2% to 55.8% exploit success in 12 months. Two live zero-days found Best@1. The audit window is closing.
Read Post
Claude Wrote a Browser Exploit. Anthropic Published the Transcript.
Opus 4.6 wrote a working exploit for Firefox CVE-2026-2796 from scratch - addrof, fakeobj, a WasmGC pivot, fake ArrayBuffer, full RCE. Two successes in 350 attempts. Every other model: zero. The success rate isn't the story; the threshold being crossed is.
Read Post
Cloudflare Shipped Enterprise MCP Governance. The Protocol Doesn't Have It Yet.
Cloudflare runs MCP for 200+ employees in production: server portals, Code Mode (99.9% token reduction), shadow MCP detection, and AI Gateway. Every one of those features is listed as an open gap in the official 2026 MCP roadmap. The vendor layer is ahead of the spec.
Read Post
GitHub User #1299 Just Left. The Reliability Numbers Explain Why.
Mitchell Hashimoto kept a journal for a month. An X on almost every page. Below 90% uptime in 2025, 40% peak request failures, 95% of Actions workflows failing - Ghostty is leaving GitHub, and the data points one direction.
Read Post
Microsoft's AI Framework Has Been Broken Three Times in a Row. That's Not Bad Luck.
Two confirmed critical RCEs in Semantic Kernel, then a six-bypass full-chain disclosure weeks after the patch. The same structural mistake keeps shipping in agent frameworks. Here's the chain - and what to actually do about it.
Read Post
You Gave Your Agent 50 Tools. That's Why It Keeps Failing.
Tool definitions consume 72% of the context window before any work begins. Per-tool accuracy collapses from 96% in isolation to under 15% with a large toolset. Retrieval-scoped tools triple selection accuracy on the same model. The fix isn't a better model - it's a smaller context.
Read Post
Your CI Pipeline Is the Attack Surface. GitHub's Defaults Made It That Way.
tj-actions hit 23,000 repos. nx exfiltrated 5,000. elementary-data went from a comment by a two-day-old account to a malicious PyPI wheel in ten minutes. Different payloads, same five GitHub Actions defaults. Here's the chain - annotated.
Read Post
An Open-Source Tool Scanned 14 MCP Servers. 100% Had Critical Findings.
MCPwn hit every server it scanned. OX Security disclosed a systemic STDIO flaw across 200,000 instances. Anthropic declined to patch. Here's what the receipts actually say.
Read Post
Newsletter
Get new posts in your inbox
A short note when a new essay goes live. No spam, no noisy sequence.