Bogdan Deac

Hi there! Last week, the security and agentic AI communities were overtaken by OpenClaw (Clawdbot/Moltbot). It dominated discussions everywhere. Deployments surged from roughly 1,000 to over 21,000 in one week. GitHub stars skyrocketed from 9,000 to 60,000+ in days, later surpassing 140,000—including a

Hi there! I've been thinking about prompt injection lately, and it's honestly terrifying how vulnerable LLM applications are. The core problem is simple: these models can't reliably tell the difference between your instructions and user data. It's like having a computer that

Hi there! Some thoughts CES 2026 marked a turning point: AI is moving from screens into the physical world through robotics. While this represents humanity's most advanced creation capacity to date, the race toward deployment reveals critical gaps in planning, infrastructure, and safety. The Infrastructure Challenge The push

🛡️ Security & Privacy * Shai-Hulud 3.0 NPM supply chain attack discovered: New malware variant automatically spreads to steal developer credentials and cloud keys, currently limited in testing phase. More * Malicious Chrome extensions harvest 900K users' AI chats: Two extensions masquerading as AI assistants steal ChatGPT and DeepSeek conversations, including

🛡️ Security & Privacy * Pixelation Fails to Hide Sensitive Text - Blurring text through mosaics can be reversed via dictionary attacks matching all possible combinations against pixelation patterns. More * MongoBleed Exploited in Wild - Critical CVE-2025-14847 vulnerability in MongoDB allows unauthenticated attackers to extract sensitive data through zlib decompression flaws affecting

🛡️ Security & Privacy * Trigger.dev hit by Shai-Hulud supply chain worm; complete incident analysis reveals npm malware campaign - Trigger.dev shares detailed post-mortem after engineer's machine compromised via malicious npm package, leading to GitHub repo vandalism and credential theft across 17 hours. More * Urban VPN exposed: 8

🛡️ Security & Privacy * Dutch AI Glasses Demo Sparks Privacy Alarm - Tech journalist demonstrates AI-powered smart glasses instantly identifying strangers and retrieving personal data, igniting fierce privacy debate across Europe. More * 30+ Critical Flaws Found in AI Coding Tools - Researchers uncover "IDEsaster" vulnerabilities affecting Cursor, GitHub Copilot,

🛡️ Security & Privacy * SVG Clickjacking 2.0 vulnerability discovered - Novel attack technique using SVG filters enables complex interactive clickjacking attacks with data exfiltration capabilities. More * Apple sends threat notifications to 84 countries - Tech giant warns users in 84 nations about state-sponsored cyberattacks targeting iPhones across over 150 countries

🛡️ Security & Privacy * Gmail trains AI on emails by default - Google auto-opted users into allowing Gmail access to private messages and attachments for AI training unless manually disabled in two separate settings locations. More * Browser fingerprinting privacy nightmare - Sophisticated tracking methods combine browser data points like fonts, canvas

🛡️ Security & Privacy * Anthropic reports AI espionage - First documented large-scale cyberattack using Claude Code with 80-90% AI autonomy targeting tech companies and government agencies. More. However, the security community challenges Anthropic's claims of thwarting Chinese AI-driven cyberattack, citing lack of evidence and technical details. More * EU'

Hi there! I've recently started learning about AI and LLMs, and I'm slowly working through some of the key content in this space. It's a lot to take in, but I'm finding it pretty interesting so far. I came across Andrej Karpathy&

Hi there! I switched from zsh to fish and it’s faster. Moreover, it works great with the default configuration which makes me happy. I have enough things to tweak. Just give it a try. 🛡️ Security & Privacy * Next.js released version 15.2.3 (and backported patches for v12-14)

Hi there! I'm always on the hunt for great resources to fuel my learning journey, and books have always been my go-to for structured knowledge. Last week, I stumbled upon something exciting I just had to share - Humble! This fantastic platform offers ebooks and other digital goodies

Last week, two objects arrived at my doorstep: a TIMEMORE Chestnut C3 ESP Pro manual coffee grinder and a Bellroy Folio Mini wallet. Both are true masterpieces of craftsmanship. What struck me was the impeccable attention to detail—the way form, feel, and function harmonize so perfectly in these tangible

Last week I listened to Matteo Franceschetti from Eight Sleep and now I'm questioning my long-standing belief that caffeine drives my programming performance. It helps for sure, but what if strategic rest could debug my productivity further. We will see 😄. 🛡️ Security & Privacy * Apple has removed its optional

Hi there! I hope you're all having a fantastic week. Here are my top highlights from the past few days: * Zed Editor: I recently made the switch from Neovim to Zed, and I'm thoroughly enjoying it! Zed's speed and ease of configuration have won

Hi there! Last week, I started investigating a strange issue regarding Mendeley citations inserted in a Word document. For some reason, the citations break when the document is opened on another computer, which is the last thing you want to happen before a submission deadline. Nevertheless, I managed to compile

Hi there! I’m a bit behind on this newsletter issue, but it’s a busy time for me! I hope you find it both useful and interesting. Here are my highlights from last week. 🛡️ Security & Privacy * Reverse engineering the inactivity reboot security feature in iOS 18 available here.

Hi there! We're packed with significant developments across security, AI, and innovation. Apple and Google are stepping up their security game with new features for iOS and Android, while the AI landscape continues to evolve with OpenAI's upcoming autonomous agent. In hardware news, LG's

Hi there! Last week, I did quite a bit of driving and caught up on some great podcasts. I wanted to share my top three takeaways from Nir Eyal's "How to Stay Focused and Beat Distraction": * Only 10% of distractions come from outside sources (like notifications)