Docker200IN STACK · 12d ago
Why MicroVMs: The Architecture Behind Docker Sandboxes
Last week, we launched Docker Sandboxes with a bold goal: to deliver the strongest agent isolation in the market. This post unpacks that claim, how microVMs enable it, and some of the architectural choices we made in this approach. The Problem With Every Other Approach Every sandboxing model asks you to give something up. We...
Simon Willison50 · 12d ago
Qwen3.6-35B-A3B on my laptop drew me a better pelican than Claude Opus 4.7
For anyone who has been (inadvisably) taking my pelican riding a bicycle benchmark seriously as a robust way to test models, here are pelicans from this morning's two big model releases - Qwen3.6-35B-A3B from Alibaba and Claude Opus 4.7 from Anthropic . Here's the Qwen 3.6 pelican, generated using this 20.9GB Qwen3.6-35B-A3B-UD-Q4_K_S.gguf quantized model by Unsloth, running on my MacBook Pro M5 via LM Studio (and the llm-lmstudio plugin) - transcript here : And here's one I got from Anthropi...
Simon Willison45 · 12d ago
llm-anthropic 0.25
Release: llm-anthropic 0.25 New model: claude-opus-4.7 , which supports thinking_effort : xhigh . #66 New thinking_display and thinking_adaptive boolean options. thinking_display summarized output is currently only available in JSON output or JSON logs. Increased default max_tokens to the maximum allowed for each model. No longer uses obsolete structured-outputs-2025-11-13 beta header for older models. Tags: llm , anthropic , claude
The Hacker News25 · 12d ago
Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic
Cybersecurity researchers have warned of an active malicious campaign that's targeting the workforce in the Czech Republic with a previously undocumented botnet dubbed PowMix since at least December 2025. "PowMix employs randomized command-and-control (C2) beaconing intervals, rather than persistent connection to the C2 server, to evade the network signature detections," Cisco Talos
The Register – Security17 · 12d ago
Anthropic won't own MCP 'design flaw' putting 200K servers at risk, researchers say
Bug or feature? A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into Anthropic's official Model Context Protocol (MCP) puts as many as 200,000 servers at risk of complete takeover, according to security researchers.…
Sophos News17 · 13d ago
QEMU abused to evade detection and enable ransomware delivery
The use of hidden virtual machines (VMs) enables long-term access, credential harvesting, data exfiltration, and PayoutsKing ransomware deployment Categories: Threat Research Tags: virtual machine, QEMU, PayoutsKing, GOLD ENCOUNTER, CitrixBleed2
IEEE Spectrum15 · 12d ago
IEEE Entrepreneurship Connects Hardware Startups With Investors
Roughly 90 percent of hard tech startups fail due to funding constraints, longer R&D timelines for developing hardware, and the complexity of manufacturing their products, according to a number of studies. Generally, these startups require up to 50 percent more investor financing than software ones, according to a Medium article . Typically, they need at least US $30 million, according to a Lucid article . That’s double the funding needed by software companies on average. To help them connect...
The Hacker News13 · 13d ago
Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks
A "novel" social engineering campaign has been observed abusing Obsidian, a cross-platform note-taking application, as an initial access vector to distribute a previously undocumented Windows remote access trojan called PHANTOMPULSE in attacks targeting individuals in the financial and cryptocurrency sectors. Dubbed REF6598 by Elastic Security Labs, the activity has been found to leverage
The Hacker News13 · 13d ago
UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign
The Computer Emergencies Response Team of Ukraine (CERT-UA) has disclosed details of a new campaign that has targeted governments and municipal healthcare institutions, mainly clinics and emergency hospitals, to deliver malware capable of stealing sensitive data from Chromium-based web browsers and WhatsApp. The activity, which was observed between March and April
The Register (Security)12 · 12d ago
North Korea targets macOS users in latest heist
Social engineering: 'low-cost, hard to patch, and scales well' North Korean criminals set on stealing Apple users' credentials and cryptocurrency are using a combination of social engineering and a fake Zoom software update to trick people into manually running malware on their own computers, according to Microsoft.…
CISA Alerts12 · 13d ago
Anviz Multiple Products
View CSAF Summary Successful exploitation of these vulnerabilities could allow attackers to conduct reconnaissance, capture or decrypt sensitive data, alter device configurations, gain unauthorized administrative or root‑level access, execute arbitrary code, compromise credentials or communications, and ultimately obtain full control over affected devices. The following versions of Anviz Multiple Products are affected: CX2 Lite Firmware vers:all/* (CVE-2026-32648, CVE-2026-40461, CVE-2026-356...
The Register (Security)12 · 13d ago
Microsoft announces product it doesn't want anyone to buy
Just migrate already, would you? But if you can't, Redmond will take your cash Microsoft will keep delivering security updates for old versions of Exchange Server and Skype for Business Server, after admitting that some customers aren't ready to make the move to newer products.…
Proofpoint Threat Insight11 · 12d ago
Beyond the breach: inside a cargo theft actor’s post-compromise playbook
Key findings Proofpoint monitored a cargo theft actor’s post‑compromise activity for more than a month in a decoy environment operated by Deception.pro. The attacker abused multiple remote access tools to establish persistence, including the use of a previously unknown third‑party signing‑as‑a‑service capability. Proofpoint also observed extensive reconnaissance to identify financial access, payment platforms, and cryptocurrency assets to enable freight fraud and broader financial theft. R...
miguelgrinberg.com11 · 13d ago
SQLAlchemy 2 In Practice - Chapter 5 - Advanced Many-To-Many Relationships
This is the fifth chapter of my SQLAlchemy 2 in Practice book. If you'd like to support my work, I encourage you to buy this book, either directly from my store or on Amazon . Thank you! You have now learned the design blocks used in relational databases. Sometimes, however, these building blocks have to be "tweaked" a bit to achieve a desired goal. This chapter is dedicated to exploring a very useful variation on the many-to-many relationship.