Feed aggregator

Article URL: https://github.com/maathimself/mailflow

Comments URL: https://news.ycombinator.com/item?id=48465234

Points: 1

# Comments: 0

Article URL: https://www.apurvamehta.com/blog/our-first-customers-were-the-exception

Comments URL: https://news.ycombinator.com/item?id=48465225

Points: 1

# Comments: 0

Article URL: https://gothic.thqnordic.com

Comments URL: https://news.ycombinator.com/item?id=48465206

Points: 1

# Comments: 0

Article URL: https://atlasphere.io/

Comments URL: https://news.ycombinator.com/item?id=48465201

Points: 1

# Comments: 0

Article URL: https://workos.com/auth-md

Comments URL: https://news.ycombinator.com/item?id=48465194

Points: 1

# Comments: 0

Commentary: Apple says its new Siri AI can handle all the details: personalized invitations, creative menus, scheduling and more. Don't expect it to bring a dessert.

Though WWDC didn't spotlight CarPlay this week, iOS 27 delivers a solid update: EV range integration, video apps and a new Audio MiniPlayer.

AI systems are now part of everyday work. Investigators need a consistent way to reconstruct what happened within them. 

Security teams are already investigating activity involving Microsoft 365 Copilot and Azure AI services—from prompt injection attempts to unexpected data access. Those signals are observable. Without structure, they do not form a coherent account of what occurred. 

AI interactions generate telemetry across Microsoft Purview, Defender, and Sentinel. That telemetry captures who initiated an interaction, when it occurred, and which resources were involved. It provides the foundation for reconstructing AI activity in enterprise environments.  It’s turning those signals into an investigation. 

To help address that challenge, we’ve published a new investigator playbook for Microsoft 365 Copilot and Azure AI services. The playbook provides a structured approach for investigating AI-related activity using the telemetry already available across Microsoft security products. 

The methodology follows a scope–context–signal sequence. Investigations begin by identifying who interacted with AI systems, when the activity occurred, and which services were involved. From there, investigators expand into resource context: what the system accessed, what data may have been exposed, and how that activity aligns with expected behavior. Detection signals, including prompt injection attempts, anomalous usage patterns, or credential exposure alerts, are then evaluated within that broader chain of activity. 

AI telemetry is constructed metadata-first, providing identity, time, and resource context across interactions. That structure is what moves investigations from isolated signals to a coherent account of what occurred. When analyzed together, those elements allow investigators to establish what happened, understand the impact, and determine whether activity reflects normal usage, policy violations, or indicators of compromise. 

The playbook operationalizes this approach across Microsoft 365 Copilot and Azure AI services. It brings together the required configuration, queries, and detection patterns into a single working model — covering schema references, KQL queries, and detection logic — enabling investigators to follow AI activity across tools with fewer ad hoc pivots. It also extends that model to agent-based systems, where the investigative picture expands: which agents are deployed, how they are configured, what data they are authorized to access, and whether that authorization was used as expected. 

The outcome is practical. Response teams can move from isolated signals to a reconstructed account of observed activity: scoping AI usage, understanding what data was accessed during interactions, and assessing whether observed behavior is consistent with normal usage, policy violations, or indicators of active threat conditions across Microsoft security services.  

As AI becomes part of everyday business workflows, response teams need the same investigative rigor they apply to endpoints, identities, and cloud infrastructure. The ability to determine what happened, what data was involved, and whether activity was authorized is quickly becoming a core incident response capability. 

The playbook gives you the tools to answer it. Download it here: https://aka.ms/AIIRplaybook 

The post Reconstructing AI activity in investigations  appeared first on Microsoft Security Blog.

The AI giant also announced that Project Glasswing partners are being given access to the upgraded Mythos 5.

The post Anthropic Launches Claude Fable 5: Mythos-Class AI With Cybersecurity Guardrails  appeared first on SecurityWeek.

Anthropic is releasing Claude Mythos 5 to trusted organizations and Claude Fable 5 to the public, a version it says can’t be used for cyberattacks.

Commentary: Siri AI and Apple Intelligence updates are less about "catching up" with competitors and more about a broader mobile evolution.

A total of 18 vulnerabilities have been patched in the latest OpenSSL releases, including many that were potentially discovered by AI.

The post OpenSSL Patches High-Severity Vulnerability Found With AI appeared first on SecurityWeek.

Article URL: https://www.bleepingcomputer.com/news/security/french-govt-messaging-service-breached-in-account-hijacking-attack/

Comments URL: https://news.ycombinator.com/item?id=48463580

Points: 1

# Comments: 0

Sora, Donald and Goofy are coming back for a new adventure.

I'm a senior engineer at [Big Company], and AI tools are ever-present. There's no mandate that you need to use them, but they are so readily available that most people do anyways.

There's a lot of society level concerns with AI, but on a personal level, I'm starting to slowly feel less skilled than I used to be. I can certainly do more, but I understand less. The "Prompt-Then-Review" loop of coding harnesses (Claude Code, Codex, Pi, OpenCode, Amp, etc.) just simply do not encourage mastery in the same way as shaping the code yourself. Sure, you can argue you're "thinking at a higher abstraction". But what happens when that abstraction fails? as abstractions often do.

It's not a fast process this skill erasure. I'm not magically losing my ability to code overnight. However, it feels like rust. Slowly eroding the pillars until they give.

This tool (currently) needs a skilled hand to guide correctly. However using the tool feels like it degrades the skilled hand. This negative feedback loop I find truly concerning from both the ability to make a living in software and the ramifications on software quality writ large.

So, I ask HN. How is the community protecting their skills? especially when actively using AI.

Comments URL: https://news.ycombinator.com/item?id=48463576

Points: 1

# Comments: 0

Article URL: https://www.youtube.com/watch?v=pJIiAnS8N7E

Comments URL: https://news.ycombinator.com/item?id=48463570

Points: 1

# Comments: 0

Article URL: https://archive.jlongster.com/How-I-Became-Better-Programmer

Comments URL: https://news.ycombinator.com/item?id=48463544

Points: 2

# Comments: 0

Article URL: https://sumble.com/guides/account-scoring-1

Comments URL: https://news.ycombinator.com/item?id=48463524

Points: 2

# Comments: 0

Article URL: https://www.praf.me/it-used-to-be-hard

Comments URL: https://news.ycombinator.com/item?id=48463519

Points: 3

# Comments: 0