Blog

Daily notes on AI, testing, and building software.

April 20, 2026Testing Tools
OpenAI Codex Now Integrates with CircleCI and CodeRabbit: What It Means for AI-Assisted Testing in CI/CD
OpenAI's expanded Codex plugin ecosystem — now including CircleCI, CodeRabbit, GitLab Issues, and Atlassian Rovo — transforms Codex from a code generation tool into a full CI/CD-aware testing collaborator capable of…
April 20, 2026Test Automation
GPT-5.3-Codex Is Not a Coding Assistant — It's a QA Engineer That Never Sleeps
OpenAI's GPT-5.3-Codex marks the shift from AI that helps you write tests to AI that runs, debugs, and iterates on them autonomously for hours at a time — and it did all of this while helping build itself. For QA teams,…
April 20, 2026AI/LLM Updates
Google's Auto-Diagnose Shows LLMs Can Debug Your Tests Better Than You Think
Google just open-sourced research on an LLM-powered tool that correctly diagnoses the root cause of integration test failures 90% of the time — at massive scale. If this approach becomes standard, it could eliminate one…
April 20, 2026AI/LLM Updates
Google Just Open-Sourced the Test Failure Triage You Always Wanted: Meet Auto-Diagnose
Google's newly published Auto-Diagnose system achieves 90% root-cause accuracy on integration test failures using LLMs — tackling one of the most time-consuming, cognitively draining parts of QA. If your team spends…
April 20, 2026Vulnerability Analysis
CVE-2026-35616: Fortinet FortiClient EMS Pre-Auth API Bypass — What It Is & How to Fix It
CVE-2026-35616 is a critical pre-authentication API access bypass vulnerability in Fortinet FortiClient Endpoint Management Server (EMS), scored CVSS 9.1. An unauthenticated attacker with network access to the EMS…
April 20, 2026Vulnerability Analysis
CVE-2026-34197: Apache ActiveMQ Jolokia RCE — What It Is & How to Fix It
CVE-2026-34197 is a remote code execution vulnerability in Apache ActiveMQ Classic that exploits the broker's built-in Jolokia HTTP-to-JMX bridge, allowing an attacker to force the broker to fetch and execute a remote…
April 20, 2026Vulnerability Analysis
CVE-2026-33824 (BlueHammer): Windows IKE Zero-Click RCE & How to Fix It
CVE-2026-33824, nicknamed BlueHammer, is a zero-click, unauthenticated remote code execution vulnerability in the Windows Internet Key Exchange (IKE) service extension (IKEEXT.dll) with a maximum-severity CVSS score of…
April 20, 2026Vulnerability Analysis
CVE-2026-33017: Langflow Unauthenticated RCE — What It Is & How to Fix It
CVE-2026-33017 is a critical unauthenticated remote code execution (RCE) vulnerability in Langflow, the popular open-source framework used for building AI agent and RAG pipelines. The flaw allows a remote,…
April 20, 2026Vulnerability Analysis | Mitigation Guide | Security Testing
CVE-2026-21643: Critical Pre-Auth SQL Injection in Fortinet FortiClient EMS & How to Fix It
CVE-2026-21643 is a critical, pre-authentication SQL injection vulnerability in Fortinet FortiClient Endpoint Management Server (EMS) version 7.4.4, carrying a CVSS v3.1 score of 9.8. The flaw allows an unauthenticated…
April 20, 2026Vulnerability Analysis
CVE-2026-20079: Cisco Firewall Management Center Auth Bypass & RCE — What It Is & How to Fix It
CVE-2026-20079 is a maximum-severity (CVSS 10.0) authentication bypass vulnerability in the web interface of Cisco Secure Firewall Management Center (FMC) that allows a completely unauthenticated remote attacker to…

Latest from the blog