RSS Bilingual Reader

While the world's been watching physical supply chains, a different kind of supply chain attack has been escalating in the open source ecosystem. The issue Over the past week a group of bad actors have been compromising various open source projects, pushing malicious versions of libraries which inject a trojan that collects sensitive data from systems that install the malicious version. Ironically, the first attack started with Trivy , an open source package for finding security vulnerabilities....

I don't think people have fully internalised how good agents are at reverse engineering code. I had one take a Windows app rated "garbage" for Wine compatibility and get it working on Linux: decompiling DLLs, writing code caves, patching assembly. Equally, they're superb at the kind of sysadmin tasks that make desktop Linux painful. I've been increasingly unhappy running Windows on my main workstation (I still love Apple hardware for laptops, though). While Windows Subsystem for Linux ...

Last Friday Anthropic released a new (production at least - has been in beta for a while) 1M context window variant of Opus 4.6 and Sonnet 4.6. This is actually a big breakthrough from my initial experiments. If you struggle to visualise what a token is - a good rule of thumb I use is that a standard A4/letter-sized page tends to contain around 500-1000 tokens of English [1] . So, 1 million tokens is roughly 1,000-2,000 pages - or about 4-5 novels worth of text. AI is improving on so many dimens...

I've always been really impressed with how well the Gemini models do OCR of difficult PDFs - not nicely formatted PDFs, but badly scanned images in a PDF file. Increasingly though, Google has increased the price of their 'Flash' models. While they are far more capable than existing ones, it's overkill for document OCRing. I've always been interested in replicating this capability with open weights models - it's not ideal sending sensitive documents to Google for OCR, and even if not, if you're d...

My LinkedIn and Twitter feeds are full of screenshots from the recent Forbes article on Cursor claiming that Anthropic's $200/month Claude Code Max plan can consume $5,000 in compute. The relevant quote: Today, that subsidization appears to be even more aggressive, with that $200 plan able to consume about $5,000 in compute, according to a different person who has seen analyses on the company's compute spend patterns. This is being shared as proof that Anthropic is haemorrhaging money on inferen...

In January I wrote about the coming AI compute crunch . Two months later, I think "coming" was the wrong word. We're starting to see serious signs that some providers are really struggling to meet demand. I still think this is a seriously underpriced risk which has major implications for how much adoption AI can have over the next year or two. Supply is struggling to keep up with demand Anthropic's uptime last week was not good, to say the least. Down to the "one 9" at one po...

On-device AI agents sound great in theory. The maths on KV cache scaling, RAM budgets, and inference speed says otherwise.

Why I replaced SaaS code review tools with OpenCode running in CI/CD pipelines - cheaper, more secure, and works with any Git provider

I benchmarked 19 web frameworks on how efficiently an AI coding agent can build and extend the same app. Minimal frameworks cost up to 2.9x fewer tokens than full-featured ones.

Anthropic's red team found 500+ critical vulnerabilities with Claude. But they focused on maintained software. The scarier problem is the long tail that nobody will ever patch.

I cloned Linear's UI and core functionality using Claude Code in about 20 prompts. Here's what that means for SaaS companies.

A simple trick to keep your CLAUDE.md and AGENTS.md files updated using the agent's own chat logs - turning a tedious chore into a 30 second job.

A step-by-step guide to extracting your brand design system and generating on-brand PDF reports and slide decks using coding agents.

Anthropic's 'legal tool' that triggered a $285bn selloff is 156KB of markdown. The panic reveals a hard truth about the future of software.

A bifurcation is happening in AI adoption - power users shipping products in days versus everyone else generating meeting agendas. Enterprise tool choices are accelerating the divide.

I used to be a TDD sceptic - too much time writing tests for features that might get deleted. Then coding agents completely changed the economics of software testing.

Permission systems, Docker sandboxing, and log file secrets - why current approaches to securing coding agents fall short and what we might need instead.

Why DRAM shortages, not capital, will define AI infrastructure growth through 2027

Comparing token efficiency across 19 popular programming languages using RosettaCode data - from Clojure to C, there's a 2.6x difference.

Using Claude Code to port 120k lines of Pascal and 68k assembly to modern C# - and what this means for cross-platform development