Blog

Daily notes on AI, testing, and building software.

June 1, 2026Test Automation
RAG Is Fixing LLM Test Case Generation — Here's How the Research Stacks Up
A new April 2026 arxiv paper demonstrates that pairing LLMs with Retrieval Augmented Generation (RAG) pipelines significantly reduces hallucination in AI-generated test cases, meaning the test suites LLMs write are more…
June 1, 2026AI/LLM Updates
1,000 Subagents in One Session: What Claude Opus 4.8's Dynamic Workflows Mean for QA Teams
Claude Opus 4.8's new Dynamic Workflows feature lets a single orchestrator agent spin up and coordinate up to 1,000 parallel subagents in one session — a capability that transforms how large-scale test execution,…
June 1, 2026Vulnerability Analysis
CVE-2026-20127: Cisco Catalyst SD-WAN Authentication Bypass — What It Is & How to Fix It
CVE-2026-20127 is a maximum-severity (CVSS 10.0) authentication bypass in Cisco Catalyst SD-WAN Controller and Manager that allows an unauthenticated remote attacker to gain high-privileged administrative access —…
June 1, 2026Vulnerability Analysis
CVE-2026-45321: How Attackers Hijacked 42 TanStack npm Packages Using GitHub Actions — And How to Protect Yourself
On May 11, 2026, attackers published 84 malicious versions across 42 @tanstack/ npm packages in a six-minute window by chaining three separate GitHub Actions vulnerabilities: a pullrequesttarget Pwn Request,…
May 31, 2026Vulnerability Analysis
CVE-2026-0257: PAN-OS GlobalProtect Authentication Bypass — What It Is & How to Fix It
CVE-2026-0257 is an authentication bypass vulnerability in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS software that allows unauthenticated remote attackers to forge authentication override cookies…
May 31, 2026Testing Tools
Microsoft RAMPART Brings pytest-Native Safety Testing to AI Agents
AI agents are being deployed into production pipelines at scale, but most teams have no systematic way to test their safety and security properties — Microsoft's RAMPART fills that gap with a framework QA engineers…
May 31, 2026Testing Tools
Microsoft Just Open-Sourced a pytest Framework for Testing AI Agents — Here's What QA Teams Need to Know
Microsoft's newly open-sourced RAMPART framework brings red team-style safety and security testing directly into the pytest workflow, meaning QA engineers can now write standard test files that evaluate agentic AI…
May 31, 2026Vulnerability Analysis
CVE-2025-59528: Flowise CustomMCP Node RCE — CVSS 10.0 Under Active Exploitation
CVE-2025-59528 is a maximum-severity (CVSS 10.0) unauthenticated remote code execution vulnerability in FlowiseAI Flowise, a popular open-source AI agent and chatflow builder. By sending a crafted POST request to the…
May 31, 2026AI/LLM Updates
Claude Opus 4.8's Dynamic Workflows Are About to Change How We Run Test Suites
Claude Opus 4.8 — released May 28, 2026 — ships a new "dynamic workflows" feature that can orchestrate up to 1,000 parallel subagents on a single task, and Anthropic has already demonstrated it completing a 750,000-line…
May 31, 2026AI/LLM Updates
Claude Opus 4.8 Dynamic Workflows Are Rewriting the Rules of Test Automation
Claude Opus 4.8's dynamic workflows can spawn hundreds of parallel sub-agents that execute your existing test suite as the quality bar for massive codebase migrations — turning test automation from a gating step into an…

Latest from the blog