disnetdev.

collection

Security?

Cards
9
Access
closed
Updated
Mar 31, 2026
  1. 01

    Claude Mythos Preview

    Earlier today we announced Claude Mythos Preview, a new general-purpose language model. This model performs strongly across the board, but it is strikingly capable at computer security tasks. In response, we have launched Project Glasswing, an effort to use Mythos Preview to help secure the world’s most critical software, and to prepare the industry for the practices we all will need to adopt to keep ahead of cyberattackers.

    red.anthropic.com · Apr 7, 2026

  2. 02

    Project Glasswing: Securing critical software for the AI era

    A new initiative to secure the world’s most critical software and give defenders a durable advantage in the coming AI-driven era of cybersecurity.

    AnthropicAI · Apr 7, 2026

  3. 03

    https://words.filippo.io/crqc-timeline/

    words.filippo.io · Apr 6, 2026

  4. 04

    https://simonwillison.net/2026/Apr/3/daniel-stenberg/#atom-everything

    simonwillison.net · Apr 4, 2026

  5. 05

    Weird Machines HQ

    The expression "weird machines" was first used in the RSS 2009 talk. It referred to state-of-the-art exploitation as finding and programming an execution model (a machine, such as a virtual automaton) within the target via crafted inputs. It was soon extended to other methods of reliably or probabilistically influencing the target's state. A compressed version of that original talk was given at the Chaos Computing Congress 27c3 [slides], [video].

    www.cs.dartmouth.edu · Apr 4, 2026

  6. 06

    https://sockpuppet.org/blog/2026/03/30/vulnerability-research-is-cooked/

    sockpuppet.org · Apr 4, 2026

  7. 07

    Post Mortem: axios npm supply chain compromise · Issue #10636 · axios/axios

    Post Mortem: axios npm supply chain compromise Date: March 31, 2026 Author: Jason Saayman Status: Remediation in progress On March 31, 2026, two malicious versions of axios (1.14.1 and 0.30.4) were...

    GitHub · axios · Apr 3, 2026

  8. 08

    A GitHub Issue Title Compromised 4,000 Developer Machines

    A prompt injection in a GitHub issue triggered a chain reaction that ended with 4,000 developers getting OpenClaw installed without consent. The attack composes well-understood vulnerabilities into something new: one AI tool bootstrapping another.

    GrithAI · grith team · Mar 31, 2026

  9. 09

    Nicholas Carlini - Black-hat LLMs | [un]prompted 2026

    Nicholas Carlini, Research Scientist, Anthropic, speaks at [un]prompted 2026 on: Black-hat LLMs. Large language models are now capable of automating attacks that were previously only possible by human adversaries. In this talk, I discuss several ways that adversaries could mis-use current models in order to cause harm both at a larger scale and at a lower cost than they do currently. For example, we find that recent state-of-the-art models can now find 0-day vulnerabilities in large software projects that have been extensively tested by humans for decades. These new capabilities will alter the threat landscape and require we rethink security in the coming years.

    YouTube · unprompted · Mar 29, 2026

$ disnetdev — a language workshop, since 2011
rss studio