Chinese Hackers Used Anthropic’s AI To Automate Cyberattacks
China’s state-sponsored hackers used AI technology from Anthropic to automate break-ins of major corporations and foreign governments during a September hacking campaign, the company said Thursday. From a report: The effort focused on dozens of targets and involved a level of automation that Anthropic’s cybersecurity investigators had not previously seen, a … ⌘ Read more
MCP Horror Stories: The WhatsApp Data Exfiltration Attack
This is Part 5 of our MCP Horror Stories series, where we examine real-world security incidents that highlight the critical vulnerabilities threatening AI infrastructure and demonstrate how Docker’s comprehensive AI security platform provides protection against these threats. Model Context Protocol (MCP) promises seamless integration between AI agents and communication platforms like WhatsApp, enabling automated message… ⌘ Read more
Engicam Showcases Computer Vision AI Kit Based on Renesas RZ/V2H Platform
Engicam has showcased the TIA RZ/V2H System-on-Module and its companion AI.DEV RZ/V2H development kit, both built around Renesas’ RZ/V2H processor. The module targets embedded applications in machine vision, autonomous robotics, and industrial automation, offering onboard AI acceleration and GPU capabilities optimized for real-time processing and advanced imaging. The TIA RZ/V2H module integrates … ⌘ Read more
Show HN: Pipeflow-PHP – Automate anything with pipelines even non-devs can edit
Comments ⌘ Read more
Cloudflare Tells US Govt That Foreign Site Blocking Efforts Are Digital Trade Barriers
An anonymous reader quotes a report from TorrentFreak: In a submission for the 2026 National Trade Estimate Report (PDF), Cloudflare warns the U.S. government that site blocking efforts cause widespread disruption to legitimate services. The complaint points to Italy’s automated Piracy Shield system, whi … ⌘ Read more
↳
In-reply-to
»
For the innocent bystanders (because I know that I won’t change @bender’s opinion):
⤋ Read More
@movq@www.uninformativ.de Gemini liked your opinion very much. Here is how it countered:
1. The User Perspective (Untrustworthiness)The criticism of AI as untrustworthy is a problem of misapplication, not capability.
- AI as a Force Multiplier: AI should be treated as a high-speed drafting and brainstorming tool, not an authority. For experts, it offers an immense speed gain, shifting the work from slow manual creation to fast critical editing and verification.
- The Rise of AI Literacy: Users must develop a new skill—AI literacy—to critically evaluate and verify AI’s probabilistic output. This skill, along with improving citation features in AI tools, mitigates the “gaslighting” effect.
The fear of skill loss is based on a misunderstanding of how technology changes the nature of work; it’s skill evolution, not erosion.
- Shifting Focus to High-Level Skills: Just as the calculator shifted focus from manual math to complex problem-solving, AI shifts the focus from writing boilerplate code to architectural design and prompt engineering. It handles repetitive tasks, freeing humans for creative and complex challenges.
- Accessibility and Empowerment: AI serves as a powerful democratizing tool, offering personalized tutoring and automation to people who lack deep expertise. While dependency is a risk, this accessibility empowers a wider segment of the population previously limited by skill barriers.
The legal and technical flaws are issues of governance and ethical practice, not reasons to reject the core technology.
- Need for Better Bot Governance: Destructive scraping is a failure of ethical web behavior and can be solved with better bot identification, rate limits, and protocols (like enhanced
robots.txt). The solution is to demand digital citizenship from AI companies, not to stop AI development.
Ehxb | Path Traversal Vulnerabilities ⌘ Read more
Measuring what matters: How offline evaluation of GitHub MCP Server works
Take a look inside our automated pipeline for rapid, rigorous evaluation for the GitHub MCP Server.
The post Measuring what matters: How offline evaluation of GitHub MCP Server works appeared first on The GitHub Blog. ⌘ Read more
Property-Based Testing in Practice
Property-based testing (PBT) is a testing methodology where users
write executable formal specifications of software components and
an automated harness checks these specifications against many
automatically generated inputs. From its roots in the QuickCheck
library in Haskell, PBT has made significant inroads in mainstream
languages and industrial practice at companies such as Amazon,
Volvo, and Stripe. As PBT extends its reach, it is important to understand
how developers are usin … ⌘ Read more
Getting Started with Offload: Automating Everyday Workflows with Docker
Every developer eventually hits a wall with their local machine. Maybe it’s training an AI model that drains your CPU, compiling a massive codebase that makes your fan sound like a jet engine, or simply trying to run GPU workloads on a laptop that doesn’t have one. The result is the same: slow builds, limited… ⌘ Read more
ASUS Adds Amston Lake Atom x7000RE Based Models to Its Windows 11 IoT Lineup
ASUS has expanded its industrial motherboard lineup with new Amston Lake models built on Intel’s Atom x7000RE processors. Designed for Windows 11 IoT environments, these compact boards combine low power operation with support for high resolution video, extended temperature tolerance, and flexible connectivity for automation and embedded computing. All four processors are built on the […] ⌘ Read more
Astra SL2600 processors from Synaptics combine Arm cores and RISC-V Coral NPU
Synaptics has unveiled the Astra SL2600, a family of multimodal processors designed for edge computing across consumer, enterprise, and industrial IoT applications. The lineup debuts with the SL2610 product line, targeting low-power and high-performance designs used in smart home, automation, robotics, and retail systems. The Astra SL2600 family is built around the new Synaptics Torq […] ⌘ Read more
Automating stateful apps with Kubernetes Operators
Member post originally published on the Middleware blog by Keval Bhogayata, covering Automating Stateful Apps with Kubernetes Operators. If you’ve ever had issues with scaling databases or automating upgrades in Kubernetes, Operators can help by saving… ⌘ Read more
Push the Button: Using LuaJIT + FFI + CoreBluetooth with an async design to automate a trivial task
Comments ⌘ Read more
DL40N Fanless 1.3L Mini PC with Intel Twin Lake Processors
The DL40N is a fanless 1.3-liter mini PC powered by Intel Twin Lake processors and up to 16GB DDR5 memory. It supports triple 4K display output, dual 2.5G Ethernet, and multiple USB and COM ports for reliable 24/7 operation in applications such as factory automation, digital signage, kiosks, and more. Built on Intel’s Twin Lake […] ⌘ Read more
@prologic@twtxt.net Where do I stand on “Chat Control”? How long of a response/rant do you want? 😅 It’s a disaster. As I understand it, they want to spy on me directly on my devices before encryption even happens – jfc, no, fuck off. And since there are so many devices, they want to automate the scanning, which is the worst idea you could possibly have.
How GitHub Copilot enabled accessibility governance process improvements in record time
See how we turned weekly accessibility grade signals into an automated, accountable remediation workflow—powered by GitHub Copilot and cross‑functional collaboration.
The post [How GitHub Copilot enabled accessibility governance process improvements in record time](https://github.blog/ai-and-ml/github-copilot/how-we-automated-accessibility-compliance-in-five-h … ⌘ Read more
Managing Kubernetes Workloads Using the App of Apps Pattern in ArgoCD-2
Managing a cloud native infrastructure at scale is no longer just about deploying single applications – it’s about organizing environments, defining clear boundaries and keeping everything version-controlled, consistent, automated and easily managed within a simple and… ⌘ Read more
My Recon Automation Found an Email Confirmation Bypass
How a simple parameter led to a complete authentication bypass
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/my-recon-automation-found-an-email-confirmation-byp … ⌘ Read more
↳
In-reply-to
»
20 years ago, normal people avoided technology and techies would jump on the newest gadgets as soon as they could
⤋ Read More
@movq@www.uninformativ.de Not sure, if this observation is correct. I know so many techies who also use every latest shit and automate their homes which is scary as hell to me.
A step-by-step guide to modernizing Java projects with GitHub Copilot agent mode
Learn how to use GitHub Copilot agent mode to modernize legacy Java projects with guided upgrades, automated fixes, and cloud-ready migrations.
The post A step-by-step guide to modernizing Java projects with GitHub Copilot agent mode … ⌘ Read more
XMPP Interop Testing: MOAR TESTS!
Ever heard of XMPP Interop Testing? It’s this cool project that helps make sure different XMPP servers can all work
together smoothly. Our XMPP Interop Testing project provides a suite of automated tests that can be integrated into
CI/CD pipelines to verify the compliance and interoperability of XMPP server implementations.
Late last year, we reported that we had secured funding graciously provided by NLnet that allowed
us to massively build out t … ⌘ Read more
EdgeLogix-1145 Brings Industrial Control and Edge Computing with Raspberry Pi CM5
The EdgeLogix-1145 is a rugged industrial controller that integrates edge computing, PLC functionality, and IIoT gateway capabilities. Designed around the Raspberry Pi CM5, it offers a compact, fanless platform designed for automation tasks in harsh environments such as factories, energy systems, and smart infrastructure. The system is built on the Broadcom BCM2712 SoC, a quad-core … ⌘ Read more
This might be the end
Webhook Vulnerabilities: Hidden Vulnerabilities in Automation Pipelines
How misconfigured webhooks in CI/CD, Slack, and third-party integrations can expose secrets, trigger SSRF, and lead to critical…
[Conti … ⌘ Read more
Learning YARA: A Beginner SOC Analyst’s Notes
Learn how to build a YARA-powered malware detection and automation system using n8n, GPT, and hybrid analysis tools. This hands-on guide…
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/learnin … ⌘ Read more
Touchscreen Smart Box Based on ESP32-P4 with Wi-Fi 6 or Ethernet
The ESP32-P4 Smart 86 Box is a compact development board with a 4-inch capacitive touchscreen, designed for HMI, smart control panels, and edge processing. Its 86 mm form factor allows it to be easily installed in wall-mounted enclosures for use in embedded automation and smart terminal applications. As the name implies, this board is built […] ⌘ Read more
MYIR Launches Sub-$100 i.MX 91 Board for Embedded and Industrial Use
MYIR has introduced the MYC-LMX91, a compact SoM powered by NXP’s energy-efficient i.MX 91 processor. Designed for smart devices, the module targets applications such as industrial gateways, EV chargers, smart home systems, medical platforms, and building automation. The MYC-LMX91 is built around the 1.4 GHz Arm Cortex-A55-based i.MX 91 (MIMX9131CVVXJAA) and comes equipped with 1GB […] ⌘ Read more
From Zero to $1000/Month | Bug Bounty Automation Blueprint
Proven Tactics, Tools, and Code to Automate Your Way to Consistent Bounties
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/from-zero-to-1000-month-bug-boun … ⌘ Read more
AAEON EPIC-RPS7 Targets Compact Industrial Control with 14th Gen Intel Core Support
AAEON has introduced the EPIC-RPS7, a 4″ industrial SBC aimed at cost-sensitive applications like industrial control, PLC automation, and remote monitoring. It supports 12th to 14th Gen Intel Core processors (up to 65W TDP), bringing high performance to space-limited deployments. The EPIC-RPS7 supports up to 64GB of DDR5 memory across two SODIMM slots and is […] ⌘ Read more
Mastering SQL Injection Recon: Step-by-Step Guide for Bug Bounty Hunters
A practical guide to uncovering SQL injection flaws using automation, payloads and deep reconnaissance techniques.
[Continue reading … ⌘ Read more
“AI” automated PR reviews mostly useless junk
The team that makes Cockpit, the popular server dashboard software, decided to see if they could improve their PR review processes by adding “AI” into the mix. They decided to test both sourcey.ai and GitHub Copilot PR reviews, and their conclusions are damning. About half of the AI reviews were noise, a quarter bikeshedding. The rest consisted of about 50% useful little hints and 50% outright wrong comments. Last week we reviewed all our exp … ⌘ Read more
️Recon Automation Like a Pro: My 5-Stage System to Catch More Bugs
✅Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/%EF%B8%8Frecon-automation-like-a-pro-my-5-sta … ⌘ Read more
A Must-Have Tool for Bug Hunters: Find Open Redirect Vulnerabilities on Linux
Automate open redirection detection, save hours of manual testing, and level up your bug bounty recon game.
[Continue … ⌘ Read more
Announcing the Automated Governance Maturity Model
We are entering an era where Governance is increasingly important; with AI systems generating code and becoming a critical part of application’s runtime infrastructure, we can produce outputs at an increasingly rapid pace. Organizations and individuals… ⌘ Read more
Automating Information Gathering for Ethical Hackers — AutoRecon Tutorial
Here’s how Autorecon automates the recon phase and gives you faster, cleaner results in your penetration tests.
[Continue reading o … ⌘ Read more
Someone has started to run git pull on one of my repos – once every two minutes. This is a very pointless endeavour. I push new code a couple of times per month.
So far, this isn’t causing any issues. I think this is just a regular human being who misconfigured some automation. And I hope this doesn’t mean that the “AI” bots have finally discovered my page …
Just like we don’t write emails by hand anymore (See: #a3adoka), we don’t manually write Twts or update our twtxt.txt feeds. Instead, we use modern Twtxt clients that conform to the specifications at Twtxt.dev for a seamless, automated experience. #Twtxt #Twt #UserExperience
Nobody writes emails by hand using RFC 5322 anymore, nor do we manually send them through telnet and SMTP commands. The days of crafting emails in raw format and dialing into servers are long gone. Modern email clients and services handle it all seamlessly in the background, making email easier than ever to send and receive—without needing to understand the protocols or formats behind it! #Email #SMTP #RFC #Automation
↳
In-reply-to
»
Can you beat me at the circle game? 😂 https://neal.fun/perfect-circle/
⤋ Read More
Can you automate the drawing with a script? On X11, you can:
#!/bin/sh
# Position the pointer at the center of the dot, then run this script.
sleep 1
start=$(xdotool getmouselocation --shell)
eval $start
r=400
steps=100
down=0
for step in $(seq $((steps + 1)) )
do
# pi = 4 * atan(1)
new_x=$(printf '%s + %s * c(%s / %s * 2 * (4 * a(1)))\n' $X $r $step $steps | bc -l)
new_y=$(printf '%s + %s * s(%s / %s * 2 * (4 * a(1)))\n' $Y $r $step $steps | bc -l)
xte "mousemove ${new_x%%.*} ${new_y%%.*}"
if ! (( down ))
then
xte 'mousedown 1'
down=1
fi
done
xte 'mouseup 1'
xte "mousemove $X $Y"
Interestingly, you can abuse the scoring system (not manually, only with a script). Since the mouse jumps to the locations along the circle, you can just use very few steps and still get a great score because every step you make is very accurate – but the result looks funny:
🥴
GitLab CI for Python Developers: A Complete Guide
Automating Testing, Linting, and Deployment for Python projects using GitLab CI/CD
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/gitlab-ci-for-python-developers-a-complete-guide-83794cb91 … ⌘ Read more
Btw @andros@twtxt.andros.dev ; The automated feed you put together for Hacker News… Does it at any point rewrite parts of the feed as it goes along? 🤔 I’ve had to unfollow it because I’ve found in practise it makes a twt, then seems to modify that same twt (observed by content manually) at least twice. This ends up becoming effectively an “Edit” and essentially duplicate (looking) posts 😢