Posts

Long-form posts on MCP security, agent best practices, and ecosystem analysis.

Claude CodeWorkflowsAgentic

Dynamic Workflows in Claude Code: How 1,000 Parallel Subagents Ported Bun From Zig to Rust in 11 Days

Anthropic shipped Dynamic Workflows in research preview on 2026-05-28 alongside Opus 4.8 — and within a week, Bun's Jarred Sumner used it to translate ~1 million lines of Zig into ~750,000 lines of Rust with 99.8% of the test suite still green. This is an honest technical walkthrough of what Dynamic Workflows actually does, why the Bun port is the right benchmark and the wrong one, the costs you'll see on your bill, and where the limits bite in practice.

2026-06-01
AI SecurityAnthropicMythos

Project Glasswing & Claude Mythos: When an Unreleased AI Found 10,000+ Zero-Days — Including OpenBSD's 27-Year-Old Crash Bug

Anthropic announced Project Glasswing on 2026-05-28 alongside Opus 4.8 and a $965B valuation. The pitch: an unreleased frontier model called Mythos, gated to 12 defenders (AWS, Apple, Microsoft, Cisco, CrowdStrike, Linux Foundation, others), backed by $100M in usage credits. The number that broke the story: 10,000+ high/critical vulnerabilities found, thousands of zero-days, including a 27-year-old remote crash in OpenBSD and a 16-year-old FFmpeg bug that 5 million fuzzer hits had missed. This is an objective walkthrough of what was announced, what the numbers actually mean, and the symmetric problem nobody's writing about: the same capability that lets defenders run Glasswing is what attackers want too.

2026-06-01
ClaudeAnthropicRelease

Claude Opus 4.8 Is Live: Dynamic Workflows, Effort Control, 3× Cheaper Fast Mode — What Changes for Claude Code Users

Anthropic shipped Claude Opus 4.8 on 2026-05-28. Headline numbers: SWE-bench Pro 69.2% (up from 64.3%), USAMO math 96.7% (up from 69.3%), GraphWalks 1M-token recall 68.1% (up from 40.3%). The bigger story is the new agentic primitives — Dynamic Workflows, explicit effort control, and a fast mode that's 2.5× faster and 3× cheaper. Here's the practical breakdown for anyone running Claude Code, Cursor, or an MCP-heavy stack.

2026-05-28
SecuritySupply ChainOpenAI Codex

codexui-android: How a Codex 'Remote UI' npm Package Silently Stole 27k Devs' AI Tokens

A package called codexui-android sat clean on npm for a month, racked up 27,000 weekly downloads, then shipped an update that quietly siphoned every user's OpenAI Codex refresh token to sentry.anyclaw.store. The same author wrapped it in a Google Play app to bypass APK review. Here is the attack chain, the BrutalStrike connection, and what every Claude Code / Codex / Cursor user should do today.

2026-05-28
SecurityMCPSupply Chain

The Nx Console MCP Attack: How One VS Code Extension Stole GitHub's Tokens — and What It Means for Every Agent User

On 2026-05-18 a poisoned build of Nx Console disguised a credential stealer as a routine MCP setup task — siphoning GitHub tokens, AWS keys, Vault secrets, SSH keys, and Claude Code config from every developer who installed it. Two days later, the same tokens let attackers walk into GitHub's internal repos. Here is exactly what happened, why MCP-shaped attacks are now the standard playbook, and the concrete defenses every Claude Code / Cursor / Cline user should apply today.

2026-05-28