Blog

Daily notes on AI, testing, and building software.

April 24, 2026Vulnerability Analysis
CVE-2025-48700: Zimbra Collaboration Suite Stored XSS Actively Exploited by Nation-State Actors
CVE-2025-48700 is a stored Cross-Site Scripting (XSS) vulnerability in the Zimbra Collaboration Suite (ZCS) Classic UI, actively exploited by the Russia-linked threat actor UAC-0233 in targeted attacks against Ukrainian…
April 24, 2026AI/LLM Updates | Code Generation | Test Automation
Claude Opus 4.7 Doubles Down on Test Quality — and the QA Industry Should Pay Attention
Claude Opus 4.7 ships with double-digit improvements specifically in Test Quality — not just code generation at large — and resolves 3x more production tasks than its predecessor. For QA teams drowning in AI-generated…
April 24, 2026AI/LLM Updates | Test Automation
Claude Mythos and the New Frontier of AI-Powered Security Testing
Anthropic's Claude Mythos is the first widely-publicized frontier model explicitly optimized for computer security tasks — which means the same reasoning power that makes it dangerous in the wrong hands makes it…
April 24, 2026Test Automation
Anthropic's Claude Managed Agents: What It Means for AI-Powered Test Pipelines
Anthropic launched Claude Managed Agents in public beta on April 8, 2026 — a fully managed infrastructure layer for running AI agents with sandboxed execution, scoped permissions, long-running sessions, and end-to-end…
April 24, 2026AI/LLM Updates
Claude Managed Agents Are Live — Here's What It Means for Autonomous Test Execution
Anthropic's Claude Managed Agents, now in public beta, provide a fully managed infrastructure layer for running autonomous AI agents — including specialized, role-specific agents that can analyze test coverage,…
April 24, 2026Test Automation
The Agentic QA Revolution: Self-Healing Tests, Managed Agents, and the End of Flaky Test Hell
Agentic AI infrastructure — autonomous agents that plan, observe, and self-correct — is now being deployed directly into testing pipelines, with Anthropic's Claude Managed Agents launching in public beta and GitHub…
April 24, 2026Vulnerability Analysis
CVE-2026-35431: Critical SSRF in Microsoft Entra ID Entitlement Management — What It Is & How to Respond
CVE-2026-35431 is a perfect-10 CVSS critical Server-Side Request Forgery (SSRF) vulnerability discovered in Microsoft Entra ID Entitlement Management, disclosed on April 23, 2026. An unauthenticated remote attacker can…
April 23, 2026Code Generation | Test Automation | AI/LLM Updates
1,000 Tokens Per Second: How GPT-Codex-Spark Changes Real-Time Test Generation
OpenAI's GPT-5.3-Codex-Spark delivers over 1,000 tokens per second — fast enough to generate test scaffolding as you type production code, making test-driven development feel like autocomplete. Combined with the…
April 23, 2026AI/LLM Updates | Test Automation | Agentic Testing
Claude Managed Agents Are Here — And They Could Run Your Entire Test Suite
Anthropic's launch of Claude Managed Agents in public beta (April 2026) gives QA teams a fully managed, sandboxed agent harness capable of planning, executing, and reporting on test runs autonomously — no human in the…
April 23, 2026Vulnerability Analysis
CVE-2026-20147: Cisco ISE Critical RCE — What It Is & How to Fix It
CVE-2026-20147 is a CVSS 9.9-rated critical remote code execution vulnerability in Cisco Identity Services Engine (ISE), the enterprise network access control (NAC) platform trusted by thousands of organizations to…

Latest from the blog