This is the issue with AI in criminal hands. Speed to market.

https://thehackernews.com/2026/04/litellm-cve-2026-42208-sql-injection.html?m=1

"Thank you very much, everyone. I won't see you next time."

• Jerome Powell, definitely

Tara penned a decent thought piece on the forest view of AI enabled attackers. Couple new (to me) angles.

https://www.darkreading.com/cyber-risk/industrialized-exploitation-agentic-offensive-security-existential-threat

#agenticai #appsec

Any appsec people looking for a BIG job? Fidelity Investments is looking for an appsec lead. If anyone is interested, I can shoot you their email.

#getfedihired

From your friend and mine, Github:

"GitHub Copilot isn't the same product it was a year ago. It has evolved from an in-editor assistant into an agentic platform capable of running long, multi-step coding sessions, using the latest models, and iterating across entire repositories. Agentic usage is becoming the default, and it brings significantly higher compute and inference demands.

To keep up with the way you use Copilot, we're transitioning to usage-based billing, and we want to give you enough time to prepare. If you're also an admin on a Copilot Business or Enterprise plan, you'll receive a separate email covering what's changing for your organization."