Okan Okutkan

Anthropic's head of security: "90% of our code is written by Claude. If yours is too and nobody's reviewing it, you're shipping bugs you'll never notice." In 28 minutes he shows the exact security setup Anthropic uses internally to protect their own projects. Watch the full interview, then save the config below 👇

Damn，这个必须卧槽一下了，Karpathy 的 CLAUDE.md 只有 65 行， 居然能把 AI 编程准确率从 65% 拉到 94%， 以22 万星标登顶 GitHub 趋势榜，而且绝大多数开发者还没读过， 里面没有一行奇技淫巧，4 条规则全是同一个方向： → 先想清楚再写代码 陈述假设，不确定就问，杜绝猜测 → 从最简方案入手 只写能解决问题的最少代码，不加任何多余抽象 → 像手术一样精准修改 不碰与需求无关的代码，每行改动都对应明确要求 → 以目标驱动执行 写第一行代码前，把模糊指令转化为可验证的成功标准 65 行，4 条规则，每一条都在对抗开发者“先写再说”的本能， 本质上是把慢下来这件事变成硬规则， 趁别人还没保存，赶紧先存好 👇

🚨 Anthropic just dropped the first Project Glasswing update Claude Mythos found 10,000+ critical vulnerabilities in ONE month: > Cloudflare: 2,000 bugs, 400 high/critical severity > Mozilla: 271 vulnerabilities in Firefox 150 — 10x more vulnerabilities found in Firefox 148 > UK AI Security Institute: first model to solve BOTH their cyber attack simulations end to end > at one partner bank, Mythos prevented a fraudulent $1.5M wire transfer in real time > wolfSSL: found a way to forge certificates on a crypto library used by billions of devices > scanned 1,000+ open source projects > 90.6% true positive rate after human review > maintainers are asking Anthropic to SLOW DOWN because they can’t patch fast enough > Microsoft says patch volume will “continue trending larger for some time” The bottleneck in cybersecurity is no longer finding bugs. It’s fixing them. “Progress on software security used to be limited by how quickly we could find vulnerabilities. Now it’s limited by how quickly we can patch them.”

1/ We are sharing additional details regarding our investigation into unauthorized access to GitHub's internal repositories. Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately.

My students asked me if it was true that the entire Internet was really coded by hand. All those kernels, protocols, router firmware, browsers, databases, etc. Somebody coded these and debugged them by hand?!?!? They used BBEdit?!?!??! The idea that this was even possible seems amazing to them. I can imagine some future Moon Landing like conspiracy theory that says it never happened.

🚨 BREAKING: cPanel and WHM, the control panels behind an estimated 70+ million websites, have a critical security flaw that lets anyone become root admin without a password. CVE-2026-41940 affects every supported version. It’s already being exploited in the wild. watchTowr Labs published the full attack today, after the hosting company KnownHost confirmed the bug was already being used to break into a significant chunk of the internet. If you've never heard of cPanel: it's the dashboard that hosting providers and millions of website owners use to manage their servers, domains, email accounts, databases, and SSL certificates. WHM is the admin version that controls the entire server. If someone gets root access to WHM, they get the keys to the kingdom and to every apartment inside it. How the attack works, in plain English: 🔴 Step 1: The attacker sends a deliberately wrong login. cPanel still creates a temporary "you tried to log in" record on disk and gives the attacker a cookie tied to it. 🔴 Step 2: The attacker tweaks the cookie to disable cPanel's password encryption. Normally cPanel encrypts the password field on disk. With one small change to the cookie, cPanel just stores it as plain text instead. 🔴 Step 3: The attacker sends a fake login attempt where the password field secretly contains hidden line breaks. cPanel does not strip these line breaks out, so they get written straight to the session file. Each line break creates a brand new fake record. The attacker uses this to inject lines that say "this user is root" and "this user already authenticated successfully." 🔴 Step 4: The attacker visits one more random page on the site to nudge cPanel into re-reading the file. cPanel then promotes the injected fake lines into its main session memory. 🔴 Step 5: On the next request, cPanel sees a flag that says "this user already passed the password check." cPanel trusts that flag, skips checking the actual password, and lets the attacker in as root. From start to finish, the attack takes a handful of HTTP requests. If you run cPanel or WHM, the patched versions are: 🔴 cPanel/WHM 110.0.x → 11.110.0.97 🔴 cPanel/WHM 118.0.x → 11.118.0.63 🔴 cPanel/WHM 126.0.x → 11.126.0.54 🔴 cPanel/WHM 132.0.x → 11.132.0.29 🔴 cPanel/WHM 134.0.x → 11.134.0.20 🔴 cPanel/WHM 136.0.x → 11.136.0.5 If your version is older than these, assume someone has already broken in and act accordingly. Patch right now, then rotate every password and key the server touched: root passwords, API tokens, SSL private keys, SSH keys, mail passwords, and database passwords.

‼️🚨 BREAKING: An AI found a Linux kernel zero-day that roots every distribution since 2017. The exploit fits in 732 bytes of Python. Patch your kernel ASAP. The vulnerability is CVE-2026-31431, nicknamed "Copy Fail," disclosed today by Theori. It has been sitting quietly in the Linux kernel for nine years. Most Linux privilege-escalation bugs are picky. They need a precise timing window (a "race"), or specific kernel addresses leaked from somewhere, or careful tuning per distribution. Copy Fail needs none of that. It is a straight-line logic mistake that works on the first try, every time, on every mainstream Linux box. The attacker just needs a normal user account on the machine. From there, the script asks the kernel to do some encryption work, abuses how that work is wired up, and ends up writing 4 bytes into a memory area called the "page cache" (Linux's high-speed copy of files in RAM). Those 4 bytes can be aimed at any program the system trusts, like /usr/bin/su, the shortcut to becoming root. Result: the next time anyone runs that program, it lets the attacker in as root. What should worry most: the corruption never touches the file on disk. It only exists in Linux's in-memory copy of that file. If you imaged the hard drive afterwards, the on-disk file would match the official package hash exactly. Reboot the machine, or just put it under memory pressure (any normal system load that needs the RAM), and the cached copy reloads fresh from disk. Containers do not help either. The page cache is shared across the whole host, so a process inside a container can use this bug to compromise the underlying server and reach into other tenants. The original sin was a 2017 "in-place optimization" in a kernel crypto module called algif_aead. It was meant to make encryption slightly faster. The change broke a critical safety assumption, and nobody noticed for nine years. That bug then rode every kernel update from 2017 to today. This vulnerability affects the following: 🔴 Shared servers (dev boxes, jump hosts, build servers): any user becomes root 🔴 Kubernetes and container clusters: one compromised pod escapes to the host 🔴 CI runners (GitHub Actions, GitLab, Jenkins): a malicious pull request becomes root on the runner 🔴 Cloud platforms running user code (notebooks, agent sandboxes, serverless functions): a tenant becomes host root Timeline: 🔴 March 23, 2026: reported to the Linux kernel security team 🔴 April 1: patch committed to mainline (commit a664bf3d603d) 🔴 April 22: CVE assigned 🔴 April 29: public disclosure Mitigation: update your kernel to a build that includes mainline commit a664bf3d603d. If you cannot patch immediately, turn off the vulnerable module: echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf rmmod algif_aead 2>/dev/null || true For environments that run untrusted code (containers, sandboxes, CI runners), block access to the kernel's AF_ALG crypto interface entirely, even after patching. Almost nothing legitimate needs it, and blocking it shuts the door on this whole class of bug...

Nobody in production actually uses Kubernetes the way you learned it on KodeKloud and Udemy. Those platforms taught you the right commands. They just showed you the wrong use case. Everyone learns Kubernetes by deploying a 3-tier app. So everyone thinks that is the use case. It is not. Almost no real company runs a 3-tier app on Kubernetes. Kubernetes was built for running containers at scale. And the story of what people actually run on it has evolved every few years. It started with microservices. Netflix broke its monolith into hundreds of services. Each service needed to scale independently. Each needed its own deployment, its own resources, its own failure boundary. Kubernetes handled all of it. Traffic spikes, crash recoveries, and internal communication. Every company adopted the microservices model, and Kubernetes became the default. Then companies started running databases on it. Uber runs Cassandra on Kubernetes. Discord runs its entire data infrastructure on it. Stateful workloads on Kubernetes used to be controversial. Now it is normal. Then came CI/CD runners. GitHub, GitLab, and almost every large engineering org run their pipeline runners on Kubernetes. Every build gets a fresh pod. Runs. Dies. Clean slate every time. No shared state, no leftover secrets, no flaky environments. Then ML workloads showed up. OpenAI trains models by spinning up thousands of GPU pods in parallel. One training job requests 8 GPUs, runs for hours, and releases everything back to the pool. Next job picks it up immediately. No idle machines. No wasted compute. The scheduler handles the queue. You cannot do this cleanly without something like Kubernetes. Then platform teams started building internal developer platforms on it. Spotify built Backstage on top of Kubernetes and open-sourced it. Now everyone has started running their own IDP with Backstage on Kubernetes. And now it is AI agent fleets. Think about a company selling AI agents as a product. A thousand customers sign up in a week. Each customer's agents need isolated compute, memory, and API access. You cannot manually provision that. You need something that spins up on demand, isolates workloads, and scales down when idle. Kubernetes does exactly this. Companies like Scale AI and Harvey are already running agent infrastructure this way. Each era had a new problem. Kubernetes already had the answer. If your workload does not involve scale, isolation, or dynamic compute, you probably do not need Kubernetes. And that is fine. But if it does, there is nothing else like it.

I was chatting with my buddy at Google, who's been a tech director there for about 20 years, about their AI adoption. Craziest convo I've had all year. The TL;DR is that Google engineering appears to have the same AI adoption footprint as John Deere, the tractor company. Most of the industry has the same internal adoption curve: 20% agentic power users, 20% outright refusers, 60% still using Cursor or equivalent chat tool. It turns out Google has this curve too. But why is Google so... average? How is it that a handful of companies are taking off like a spaceship, and the rest, including Google, are mired in inaction? My buddy's observation was key here: There has been an industry-wide hiring freeze for 18+ months, during which time nobody has been moving jobs. So there are no clued-in people coming in from the outside to tell Google how far behind they are, how utterly mediocre they have become as an eng org. He says the problem is that they can't use Claude Code because it's the enemy, and Gemini has never been good enough to capture people's workflows like Claude has, so basically agentic coding just never really took off inside Google. They're all just plodding along, completely oblivious to what's happening out there right now. Not only is Google not able to do anything about it, they don't seem to be aware of the problem at all. I'm having major flashbacks to fifty years ago as a kid at the La Brea Tar Pits, asking, "why can't they just climb out?" My Google friend and I had this conversation over a month ago. I didn't share it because I wanted to look around a bit, and see if it's really as bad as all that. I've been talking to people from dozens of companies since then. And yeah. It's as bad as all that. Google is about average. Some companies at the bottom have near-zero AI adoption and can't even get budget for AI. They may have moats and high walls, but the horde is coming for them all the same. And then there are a few companies I've met recently who are *amazingly* leaned in to AI adoption. One category-leader company just cancelled IntelliJ for a thousand engineers. That's an incredibly bold move, one of many they're making towards agentic adoption. In my opinion, that company is setting themselves up for a _huge_ W. As for the rest, well, it's the Great Siloing. Everyone's flying blind. With nobody moving companies, no company knows where they stand on the AI adoption curve. Nobody knows how they're doing compared to everyone else. Half of them just check a box: "We enabled {Copilot/Cursor} for everyone!" Cue smug celebrations. They think this is like getting SOC2 compliance, just a thing they turn on and now it's "solved." And they don't realize that they've done effectively nothing at all. All because of a hiring freeze.

🚨 Microsoft yine iş başında. Sessiz sedasız bir Python aracı, GitHub'ın trend listesinin zirvesine tırmandı. 100.000'den fazla yıldız. Adı MarkItDown. Ne yapıyor? Herhangi bir dosyayı Markdown'a dönüştürüyor. PDF, Word, PPT, Excel, resimler... Sadece içine atın ve temiz bir Markdown elde edin. Basit görünüyor, değil mi? Ama ne kadar büyük bir sorunu çözdüğünü biliyor musunuz? RAG sistemleri için en büyük baş ağrısı: verileri yapay zekaya nasıl besleyeceğinizdir. PDF'ler karmakarışık, Word belgeleri gizli stillerle dolu, PPT'ler tamamen metinsiz resimlerden oluşuyor... Artık tek bir kod satırı işi hallediyor. Daha da etkileyici olanı, bunun resmi bir Microsoft ürünü olması, tamamen ücretsiz, açık kaynaklı ve ticari olarak kullanılabilir olması. Denemeye çalıştım; 200 sayfalık bir PDF, 3 saniyede dönüştürüldü, ve biçimlendirmesi inanılmaz derecede temizdi. İşte büyük bir şirketin gücü: Bir şey yaptıklarında, sektör standardını belirliyorlar. https://t.co/JBJyTHX5ZL

I’m seeing some hot takes that AI assisted coding means that you don’t have to be technical anymore. That’s only gonna last you until the first database migration, or the first security issue, or the first cloud migration, or the first scale out, or the first major regression, or the first refactor that ends in slop. I am finding that I’m learning more and I have to be as technical or more technical than ever before to get the kinds of high-quality output that I expect of any code, regardless of whether it comes from my fingertips or someone else’s - including an AI. Whether your source comes from open source libraries, your own hands, or an AI via your clever prompt, there is exactly one responsible person for the output. That is you. I never want to be accused of gatekeeping AI assisted programming, as non-technical people can get a lot of interesting work done. Until they hit a wall, and it’s gonna surprise them how quickly they either need to get technical, or get a technical person to help untangle the mess they’ve made. The art and science of programming is taking intent and turning it into shipping products. I will never blame an AI - nor should you - for bad output. Own the code that you ship.