Daily notes on AI, testing, and building software.
Google just proved that LLMs can autonomously diagnose the root cause of integration test failures with 90% accuracy — at the scale of tens of thousands of tests. This is a direct signal to QA teams: AI isn't just…
CVE-2026-42271 is a command injection vulnerability in BerriAI LiteLLM's Model Context Protocol (MCP) preview endpoints that allows authenticated attackers to execute arbitrary OS commands on the host server. When…
The testing industry just crossed a tipping point: over three-quarters of QA teams have shifted to AI-first quality engineering, moving from writing test scripts to writing goals that AI agents execute against. If…
CVE-2026-50751 is a critical authentication bypass (CVSS 9.3) in Check Point's Remote Access VPN, Mobile Access, and Spark Firewall products, rooted in deprecated IKEv1 key exchange code. An unauthenticated attacker can…
Enterprise QA was built for deterministic software — the same input always produces the same output. LLM-powered applications break that contract entirely, and the industry's response in 2026 is a new category of…
Anthropic just revealed that Claude now writes more than 80% of its own code — up from less than 10% just over a year ago. For QA teams, this isn't just an AI curiosity: it signals a world where the majority of…
Microsoft's open-source RAMPART framework makes safety and security testing of agentic AI a first-class citizen in CI/CD — not a post-hoc audit. For QA engineers, this means prompt injection attacks, unsafe tool use,…
LLM-powered applications are non-deterministic and evolve with every model update — making traditional pass/fail test gates inadequate for release decisions. A new research-backed framework proposes replacing them with…
CVE-2026-45659 is a high-severity remote code execution (RCE) vulnerability in Microsoft SharePoint Server caused by unsafe deserialization of attacker-controlled data. An authenticated attacker holding only Site Member…
Microsoft's open-source RAMPART framework lets QA teams write safety and security tests for AI agents using standard pytest syntax — and gate those tests in CI/CD just like any other integration test. This closes the…