🛡️ Security & Privacy

• SVG Clickjacking 2.0 vulnerability discovered - Novel attack technique using SVG filters enables complex interactive clickjacking attacks with data exfiltration capabilities. More
• Apple sends threat notifications to 84 countries - Tech giant warns users in 84 nations about state-sponsored cyberattacks targeting iPhones across over 150 countries total. More
• Filevine API exposed 100k+ confidential legal files - Security researcher uncovered unauthenticated access to billion-dollar legal AI platform, exposing sensitive attorney-client documents. More
• React2Shell CVE-2025-55182: Critical RCE vulnerability - Unauthenticated remote code execution flaw discovered in React Server Components affects default Next.js configurations with near-100% exploitation reliability. More
• Cloudflare DDoS report reveals Q3 2025 trends - Analysis shows evolving distributed denial-of-service attack patterns and mitigation strategies across global internet infrastructure. More
• India mandates government app preloaded on phones - New cybersecurity regulations require mobile devices sold in India to include pre-installed government surveillance and safety application. More
• Microsoft Teams WiFi network vulnerability exposed - Security flaw allows attackers to compromise corporate networks through Teams application's WiFi handling on enterprise systems. More
• Modern cars collect extensive personal data - Investigation reveals automotive manufacturers harvest and monetize driver location, behavior, and biometric data without clear consent. More

🛸 Tech

• MIT engineers create bumblebee-inspired microrobot - Researchers develop aerial robot mimicking insect flight mechanics with potential applications in confined space navigation and surveillance. More
• Simular launches Mac OS AI agent with funding - Startup raises $21.5M from Felicis to develop autonomous AI assistant for macOS with Windows version coming soon. More
• Bun runtime joins Anthropic partnership - Fast JavaScript runtime announces collaboration with AI research company to optimize performance for LLM-powered applications. More
• Android 16 adds AI notification features - Google previews next OS version with intelligent notification summaries, enhanced customization options, and productivity improvements. More
• Developer proposes better JSON alternative format - Blog post argues for improved data serialization format addressing JSON limitations for modern application development needs. LIttle hint: Protobuf. And it works for IPC too. More
• Apple considers Intel for M-series chips - Report suggests Cupertino may source components from competitor for future Mac processors amid supply chain diversification strategy. More
• Building Linux PC with Linus Torvalds More
• Hardening C++ standard library boosts security, cuts bugs, offers strong ROI—recommend immediate adoption. More
• Airbus issues A320 precautionary fleet action - Aircraft manufacturer announces safety inspection requirements for A320 family following identified potential technical issues. More
• Linux kernel sandboxing with Landlock - Technical blog explains using Linux Security Module for application sandboxing without requiring root privileges or complex configurations. More
• Linux 6.18 kernel released with updates - Latest stable kernel version ships with hardware support improvements, performance optimizations, and security enhancements. More

🤖 AI

• Mistral releases Mistral 3 model family - French AI startup launches 10 open-weight models including flagship Large 3 with 675B parameters and compact Ministral series. More
• OpenAI declares code red over ChatGPT issues - Company faces internal crisis as flagship AI chatbot experiences reliability problems and performance degradation affecting millions. More
• IEEE report warns of AI agent safety risks - Technical analysis identifies critical vulnerabilities in autonomous AI systems that could enable malicious actions or unintended harm. More
• Claude 4.5 Opus soul document leaked - Internal Anthropic documentation reveals philosophical foundations and ethical constraints designed into latest Claude language model version. More
• IBM CEO questions big tech AI capex spending - Executive challenges massive data center investments by tech giants, suggesting diminishing returns on AI infrastructure expenditures. More
• Pragmatic Engineer publishes AI evals guide - Comprehensive methodology for evaluating AI system performance, accuracy, and reliability in production enterprise environments. More
• DeepSeek releases updated API documentation - Chinese AI company publishes enhanced developer resources for integrating advanced language models into applications and services. More
• NVIDIA announces open-source digital AI tools - Chipmaker unveils physical AI simulation frameworks and robotics models at NeurIPS conference for research community. More
• Small language models vs LLMs analysis - Technical comparison evaluates when specialized compact models outperform general-purpose large language models for specific tasks. More
• Runway releases Gen-4.5 video generation - AI video synthesis platform debuts improved model with enhanced quality, coherence, and temporal consistency for content creators. More
• OpenAGI emerges claiming superiority over OpenAI - Stealth startup unveils AI agent framework asserting better performance than GPT-4 on complex reasoning and planning tasks. More
• Guide to writing effective Claude prompts - HumanLayer publishes best practices for constructing high-quality prompts that elicit optimal responses from Claude AI assistant. More
• 2026 job market predictions for AI professionals - Newsletter analyzes emerging career opportunities and skill requirements as artificial intelligence reshapes employment landscape. More
• Matt Welsh AI agents interconnected blog post - Computer scientist explores distributed AI systems architecture enabling autonomous agents to coordinate complex multi-step workflows. More

🛠️ Tools

• Tunnl.gg: Instant localhost-to-internet tunnels - SSH-based reverse tunneling service exposes local development servers publicly without installation or complex configuration. More
• Ghostty: Fast cross-platform terminal emulator - Mitchell Hashimoto releases GPU-accelerated terminal with native UI, featuring excellent performance and platform-specific optimizations. More
• Slop Evader browser extension released - Tool helps users avoid AI-generated content by detecting and filtering low-quality synthetic text across websites. More
• CachyOS Linux distribution updated - Arch-based distro optimized for modern hardware releases new version with performance improvements and latest package versions. More
• WinApps runs Windows apps on Linux - Open-source project enables seamless execution of Windows applications in Linux environments using virtualization and integration layer. More

📼 Misc

• MTXT: Human-writable music text format - New specification enables musical notation as readable text files with support for timing, expression, and MIDI conversion. More
• Deconstructing Brian Eno's Music for Airports - Technical analysis explores compositional techniques and generative systems behind ambient music masterpiece from 1978. More

📩 Please feel free to share this article with colleagues and friends who will find it valuable.

Thanks for reading!

Have a great day!
Bogdan