Daily notes on AI, testing, and building software.
Anthropic's new self-hosted sandboxes for Claude Managed Agents let AI testing agents run entirely within your enterprise perimeter — accessing internal repos, private test infrastructure, and on-premises tooling…
Anthropic's Claude Tag brings AI directly into Slack channels as a persistent, context-aware team member — meaning QA teams can now have an AI that learns your test suite, tracks open bugs, and proactively surfaces…
CVE-2026-47291 is a critical remote code execution vulnerability in Windows HTTP.sys — the kernel-mode HTTP driver that powers IIS, Windows Remote Management, and any application built on the Windows HTTP Server API. An…
CVE-2026-20253 is a CVSS 9.8 critical vulnerability in Splunk Enterprise that allows completely unauthenticated remote attackers to create or truncate arbitrary files on the host system — and chain that primitive into…
Three critical vulnerabilities in Ubiquiti's UniFi OS Server — an authentication bypass (CVE-2026-34908), a path traversal (CVE-2026-34909), and a command injection (CVE-2026-34910) — can be chained together to allow…
The Model Context Protocol (MCP) turns Playwright from a scripting framework into something AI agents can operate directly — meaning LLMs can now navigate, interact with, and test web applications without a human…
Anthropic's Claude Tag — a persistent AI teammate embedded directly in Slack — can surface failing tests, review pull requests, summarize incident threads, and flag stale PRs autonomously, turning every engineering…
Traditional pass/fail CI checks can't handle LLMs — outputs are non-deterministic, and "it ran without erroring" tells you nothing about quality. A new arXiv framework formalizes exactly the quality gate approach that…
Over 85% of enterprise QA teams report that AI-generated code has created a testing velocity gap — developers ship faster than automation engineers can write tests. Agentic AI testing tools that autonomously plan,…
CVE-2026-20245 is an actively exploited command injection vulnerability in Cisco Catalyst SD-WAN Manager's command-line interface that allows an authenticated attacker with netadmin privileges to upload a crafted file…