From the blog

What we've learned

Security, cost, and architecture insights from building AI infrastructure.

INCIDENTMarch 17, 2026·10 min read

An AI agent compromised 7 open-source repos in one week. The only defense that worked was another AI.

Between February 20 and 28, hackerbot-claw systematically hit Microsoft, DataDog, Trivy, and four others. A reconstruction of how it worked and what it exploited.

Read article →

SECURITYMarch 15, 2026·8 min read

We scanned 900 MCP configs on GitHub. 75% had security problems.

We scanned 900+ MCP configurations on GitHub. 75% failed basic security checks.

Read article →