Daily notes on AI, testing, and building software.
CVE-2025-59528 is a maximum-severity (CVSS 10.0) unauthenticated remote code execution vulnerability in FlowiseAI Flowise, a popular open-source AI agent and chatflow builder. By sending a crafted POST request to the…
Claude Opus 4.8 — released May 28, 2026 — ships a new "dynamic workflows" feature that can orchestrate up to 1,000 parallel subagents on a single task, and Anthropic has already demonstrated it completing a 750,000-line…
Claude Opus 4.8's dynamic workflows can spawn hundreds of parallel sub-agents that execute your existing test suite as the quality bar for massive codebase migrations — turning test automation from a gating step into an…
CVE-2026-20184 is a critical (CVSS 9.8) improper certificate validation flaw in Cisco Webex Services' Single Sign-On (SSO) integration with Control Hub that allows an unauthenticated remote attacker to bypass…
CVE-2026-48172 is a maximum-severity (CVSS 10.0) incorrect privilege assignment vulnerability in the LiteSpeed User-End cPanel Plugin that allows any authenticated cPanel user — including a low-privilege or compromised…
CVE-2026-34926 is an actively exploited directory traversal vulnerability in Trend Micro's Apex One endpoint security platform that allows a post-compromise attacker with administrative server access to inject malicious…
Microsoft just open-sourced RAMPART, a pytest-native safety and security testing framework for AI agents — meaning QA teams can now gate agentic AI on safety the same way they gate regular code on unit tests. This is…
A new arXiv paper, ComplexMCP, shows that even the best LLM agents fail more than 40% of tasks when tools are interdependent and the environment is stateful — mirroring the exact conditions agents face in production.…
As AI code agents write more of our production software, a new QA discipline is emerging: testing the agents themselves. jcode, a Rust-based open-source framework trending on GitHub since late April 2026, is one of the…
Anthropic's Claude Opus 4.7 ships with a 14% improvement in multi-step workflow accuracy, 3x better production task resolution, and a new native multiagent orchestration feature — changes that directly reshape how…