Experimental News Clipping Site

Tag: development practices

  • Simon Willison’s Weblog: WWDC: Apple supercharges its tools and technologies for developers

    by

    Kurt Seifried
    in

    Source URL: https://simonwillison.net/2025/Jun/9/apple-wwdc/#atom-everything Source: Simon Willison’s Weblog Title: WWDC: Apple supercharges its tools and technologies for developers Feedly Summary: WWDC: Apple supercharges its tools and technologies for developers Here’s the Apple press release for today’s WWDC announcements. Two things that stood out to me: Foundation Models Framework With the Foundation Models framework, developers will be…

  • CSA: Case Study: Inadequate Configuration & Change Control

    by

    Kurt Seifried
    in

    Source URL: https://cloudsecurityalliance.org/articles/the-2024-football-australia-data-breach-a-case-of-misconfiguration-and-inadequate-change-control Source: CSA Title: Case Study: Inadequate Configuration & Change Control Feedly Summary: AI Summary and Description: Yes Summary: The text provides an in-depth analysis of a significant security breach involving Football Australia, highlighting key vulnerabilities related to misconfigurations and insecure software development practices in cloud computing contexts. It reveals critical lessons about…

  • Simon Willison’s Weblog: Comma v0.1 1T and 2T – 7B LLMs trained on openly licensed text

    by

    Kurt Seifried
    in

    Source URL: https://simonwillison.net/2025/Jun/7/comma/#atom-everything Source: Simon Willison’s Weblog Title: Comma v0.1 1T and 2T – 7B LLMs trained on openly licensed text Feedly Summary: It’s been a long time coming, but we finally have some promising LLMs to try out which are trained entirely on openly licensed text! EleutherAI released the Pile four and a half…

  • ISC2 Think Tank: Certified Secure Software Lifecycle Professional (CSSLP) Info Session

    by

    Kurt Seifried
    in

    Source URL: https://www.isc2.org/professional-development/webinars/thinktank?commid=642637 Source: ISC2 Think Tank Title: Certified Secure Software Lifecycle Professional (CSSLP) Info Session Feedly Summary: Join us for a deep dive into Certified Secure Software Lifecycle Professional (CSSLP), the software security credential from ISC2, creator of the CISSP. As organizations continue to pursue digital transformation initiatives, the threat landscape is always expanding.…

  • Simon Willison’s Weblog: Devstral

    by

    Kurt Seifried
    in

    Source URL: https://simonwillison.net/2025/May/21/devstral/#atom-everything Source: Simon Willison’s Weblog Title: Devstral Feedly Summary: Devstral New Apache 2.0 licensed LLM release from Mistral, this time specifically trained for code. Devstral achieves a score of 46.8% on SWE-Bench Verified, outperforming prior open-source SoTA models by more than 6% points. When evaluated under the same test scaffold (OpenHands, provided by…

  • Cloud Blog: AI deployment made easy: Deploy your app to Cloud Run from AI Studio or MCP-compatible AI agents

    by

    Kurt Seifried
    in

    Source URL: https://cloud.google.com/blog/products/ai-machine-learning/ai-studio-to-cloud-run-and-cloud-run-mcp-server/ Source: Cloud Blog Title: AI deployment made easy: Deploy your app to Cloud Run from AI Studio or MCP-compatible AI agents Feedly Summary: Cloud Run has become a go-to app hosting solution for its remarkable simplicity, flexibility, and scalability. But the age of AI-assisted development is here, and going from idea to…

  • The Register: Freshly discovered bug in OpenPGP.js undermines whole point of encrypted comms

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/05/20/openpgp_js_flaw/ Source: The Register Title: Freshly discovered bug in OpenPGP.js undermines whole point of encrypted comms Feedly Summary: Update before that proof-of-concept comes to bite Security researchers are sounding the alarm over a fresh flaw in the JavaScript implementation of OpenPGP (OpenPGP.js) that allows both signed and encrypted messages to be spoofed.… AI…

  • OpenAI : Introducing Codex

    by

    Kurt Seifried
    in

    Source URL: https://openai.com/index/introducing-codex Source: OpenAI Title: Introducing Codex Feedly Summary: Introducing Codex: a cloud-based software engineering agent that can work on many tasks in parallel, powered by codex-1. With Codex, developers can simultaneously deploy multiple agents to independently handle coding tasks such as writing features, answering questions about your codebase, fixing bugs, and proposing pull…

  • Scott Logic: An SBOM primer with some practical insights

    by

    Kurt Seifried
    in

    Source URL: https://blog.scottlogic.com/2025/05/16/sbom-primer-practical-insights.html Source: Scott Logic Title: An SBOM primer with some practical insights Feedly Summary: We’ve been generating Software Bills of Materials (SBOMs) on client projects for several years now, and we’d like to share insights into the positive impact they’ve had on security, resilience and engineering quality, along with some considerations to bear…