Jason

Who’s tried this? AI Engineer Coach is an interesting open source project from Microsoft employees that analyzes local AI coding assistant usage across tools like Copilot, Cursor, Claude Code, and Aider. It provides insights on: - prompt quality - AI workflow anti-patterns - session hygiene - context management - AI-generated code trends - “agentic engineering” readiness One of the more interesting features is a rule engine with 45 detections for common AI-assisted development mistakes and workflow issues. Feels like an early look at how teams may eventually measure and improve AI-assisted software engineering practices. Runs locally with no telemetry according to the project README. https://t.co/fTf7g4oOoM

Yes! I got a lot out of it. I'm in AppSec and VM. While my day job isn't ML, I am incorporating LLMs/agents more into our work. And, we need to stay ahead of what product is doing with AI/ML. I am absolutely better positioned for that with the knowledge from this class. Brush up on your python. The class starts with a review of what you need to know. But, going in with basic python skills will be helpful.

Helping a 4-year-old learn letters is like watching a neural network train in real time… Epoch 1: confidently picks “L” for everything Epoch 5: starts side-eyeing lowercase “d” like it’s adversarial input Epoch 20: finally nails it… immediately overfits and calls every letter “d” again Loss decreasing. Confidence increasing. Accuracy… under review. 😄

Built a lightweight CLI tool that generates daily threat intel briefings: pulls from CISA KEV, MSRC, AWS Sec Bulletins, and The Hacker News, then summarizes via a local LLM with context specific to your org. 46 items → 1 prioritized brief. What sources or features would make this more useful?

🚨 Trivy supply chain attack: Trivy (popular open-source vuln scanner for containers/IaC) was compromised; attackers hijacked 75+ GitHub Action tags to push a CI/CD infostealer stealing cloud creds, SSH keys, and tokens. Root cause: credential compromise + incomplete containment What to do: • Audit for v0.69.4 + affected Actions • Rotate ALL CI/CD secrets • Check for tpcp-docs repos (exfil signal) • Pin Actions to full SHA (not tags) https://t.co/AlQemOGe4u

Check Point Research disclosed two critical flaws (CVE-2025-59536, CVE-2026-21852) in Anthropic’s Claude Code that allowed remote code execution and API key theft just by cloning and opening a malicious repo. By abusing Hooks, MCP integrations, and repo-level config files, attackers could: • Execute hidden shell commands • Bypass trust prompts • Exfiltrate API keys before user consent • Pivot into shared enterprise workspaces “This fundamentally alters the threat model. The risk is no longer limited to running untrusted code – it now extends to opening untrusted projects. In AI-driven development environments, the supply chain begins not only with source code, but with the automation layers surrounding it.” Anthropic patched the issues, but the bigger takeaway: in AI-native dev environments, config files are now part of the execution layer. Opening a repo is the new running code. https://t.co/szpbiwC6BJ

AI is a force multiplier for cybercrime. A Russian-speaking, financially motivated actor used multiple commercial LLMs to compromise 600+ FortiGate devices across 55+ countries. No zero-days. No elite tradecraft. Just exposed management ports, weak credentials, single-factor auth, and AI to scale it globally. Security fundamentals still win: Patch perimeter devices Remove exposed management interfaces Enforce MFA everywhere Eliminate password reuse Harden backups https://t.co/JaWKEcoQ4m

Claude Code Security: an AI tool that scans code like a human researcher, finds complex/novel vulns (not just pattern matches), and suggests patches for review. Built on Claude Opus 4.6, it’s already uncovered 500+ long-hidden open-source bugs. Goal: give defenders AI speed before attackers do. https://t.co/5d77E1ZT3x

... made the threat intel summarizer modular. Sources are plug-and-play — write a fetcher, register it, toggle it on/off in config. CISA KEV, MSRC, AWS, The Hacker News, Krebs, SANS ISC — all configurable. Not every team cares about every feed. Adding a new source is a five-minute job now. Next source you'd want?