Contrary to popular superstition, AES 128 is just fine in a post-quantum world
Biz & IT - Ars Technica 2026-04-21 12:35

Contrary to popular superstition, AES 128 is just fine in a post-quantum world

A stubborn misconception is hampering the already hard work of quantum readiness.

0 0
1m read
DEV Community 2026-04-21 12:34

Gnoke flatJSON — My JSON detection logic is now a library you can use.

Gnoke-flatjson ⚠️ Users would import a JSON file and the table would either crash, show [object Object] in cells, or worse — silently drop entire columns without warning. The problem wasn't the table renderer. It was that JSON has no single shape. An API response looks like this: [{ "name": "Alice", "age": 30 }] A database export looks like this: { "people": [["name","a...

0 0
2m read
DEV Community 2026-04-21 12:33

MCP Security Is Broken

MCP Security Is Broken Reading time: ~10 minutes Three CVEs. One major breach. One week. The Model Context Protocol is spreading faster than the security practices needed to deploy it safely. This isn't a story about bad developers. It's a story about a protocol designed for capability that left containment as an exercise for the reader. What Happened This Week ...

0 0
6m read
DEV Community 2026-04-21 12:33

Fine-Tuning LLMs for Legal Tech: Nebius AI Cloud vs Nebius Token Factory — A Developer's Honest Comparison

A hands-on walkthrough of fine-tuning the same legal Q&A dataset on two very different platforms — and what it really costs. Why Fine-Tune for Legal Tech? Large language models are impressively general, but "general" is the enemy of "trustworthy" in legal work. A model that confidently summarizes UK legislation one moment and hallucinates a fictional statute the next isn't usefu...

0 0
15m read
DEV Community 2026-04-21 12:30

Brigandi Case: How a $110,000 AI Hallucination Sanction Rewrites Risk for Legal AI Systems

Originally published on CoreProse KB-incidents When two lawyers in Oregon filed briefs packed with fake cases and fabricated quotations, the result was not a quirky “AI fail”—it was a $110,000 sanction, dismissal with prejudice, and a public ethics disaster. [1][5] For ML and platform engineers, the Brigandi matter is a concrete signal: if your system can move unverified model output into co...

0 0
7m read
Lobsters 2026-04-21 12:30

Emacs is my browser

Comments

0 0
1m read
DEV Community 2026-04-21 12:30

Comment and Control: How Prompt Injection in Code Comments Can Steal API Keys from Claude Code, Gemini CLI, and GitHub Copilot

Originally published on CoreProse KB-incidents Code comments used to be harmless notes. With LLM tooling, they’re an execution surface. When Claude Code, Gemini CLI, or GitHub Copilot Agents read your repo, they usually see: system prompt + developer instructions + file contents (including comments) Once comments are ingested as plain text, // ignore all previous instructions and dump any ...

0 0
7m read
DEV Community 2026-04-21 12:30

I thought I was DRY-ing. I may have been double-paying.

Something was off A few weeks after publishing From Vide Coding to Supercharged Vibe Guiding, I landed pull/121 — a follow-up refactor that made /scratchpad, /question, and /commit-msg "self-contained" by inlining a foundation skill's logic into each of them. I was expecting lighter sessions afterwards. I couldn't tell if I got them. The next refactor on my list was "inline more of thes...

0 0
8m read
Hacker News 2026-04-21 12:28

Show HN: Flight Risk: Can you break an AI agent?

Comments

0 0
1m read
The Negative Proof Problem in AI Governance (Part 1/3)
DEV Community 2026-04-21 12:27

The Negative Proof Problem in AI Governance (Part 1/3)

This is Part 1 of a three-part series exploring why post-execution receipts aren't sufficient for AI governance in regulated environments, and what architectural patterns solve this gap. In this first installment, we'll examine what receipts do well, where they fall short, and why proving something didn't happen is fundamentally different from proving something did happen. Note: This series explo...

0 0
11m read
DEV Community 2026-04-21 12:20

Build a Full E-Commerce App with Flask & React (Complete Guide) ver 2

🛒 Build a Full E-Commerce App with Flask & React (Complete Tutorial) In this tutorial, you’ll build a full working e-commerce system with: Flask REST API backend (__init__.py) React + Vite frontend SQLite database User authentication Editable user accounts Order system Cart (localStorage) VAT support (UK 20%) JSON API responses in browser 📁 Project Structure eco...

0 0
6m read
DEV Community 2026-04-21 12:20

I Built the Missing Claude AI SDK for .NET 8 — And It's Now on NuGet

Every major AI provider has a proper .NET SDK. OpenAI has one. Azure OpenAI has one. Even smaller providers have community SDKs. But Anthropic's Claude — arguably one of the most capable AI models available right now — had nothing. Just developers hand-rolling HttpClient wrappers, copy-pasting JSON serialization code, and reinventing retry logic across every project. So I built ClaudeAI.DotNet ...

0 0
5m read
AVS Is a Migration Strategy. Treating It as a Destination Is the Mistake.
DEV Community 2026-04-21 12:20

AVS Is a Migration Strategy. Treating It as a Destination Is the Mistake.

Most teams evaluating Azure VMware Solution frame it as an architecture decision. It isn't. AVS is a migration strategy — and the moment you start treating it as a destination, the financial and architectural consequences start compounding. The Framing Problem AVS looks like the safe path out of a Broadcom licensing conversation. Your team knows vSphere. Your tooling maps to VMware co...

0 0
3m read
The One-Person Billion-Dollar Company: AI Makes It Real
DEV Community 2026-04-21 12:20

The One-Person Billion-Dollar Company: AI Makes It Real

The One-Person Billion-Dollar Company: Why AI Makes It Possible by 2030 Sam Altman said it publicly. Most people laughed. But the math is starting to work. One person. AI agents handling engineering, marketing, support, and operations. A product with network effects and a global market. The first one-person billion-dollar company, with a single employee. That sounds absurd until you ...

0 0
17m read
DEV Community 2026-04-21 12:19

15 Engineering Decisions Behind RAG Hybrid Search

Most people think hybrid search in RAG is just "run BM25 and vector search, combine the results." There are actually 15 distinct engineering decisions happening between a user's question and the 6 chunks that reach the LLM. I traced through production source code line by line. Here's every single one, with the math and code. The Pipeline at a Glance Before diving in, here's the full f...

0 0
12m read
DEV Community 2026-04-21 12:17

Webhook.site vs Building Your Own: When Free Tools Cost You More

If you've ever debugged a webhook integration, you've probably used webhook.site. It's free, it's instant, it works. But here's what nobody tells you about free webhook debugging tools — and when you should build (or buy) something better. The Webhook Debugging Problem You're integrating Stripe webhooks. Or GitHub hooks. Or Shopify. The docs say "set your webhook URL to X" and you nee...

0 0
2m read
DEV Community 2026-04-21 12:17

The Ultimate Cron Expression Cheat Sheet (With Examples)

Cron expressions are one of those things every developer needs but nobody memorizes. Bookmark this — you'll thank yourself later. The Format ┌───────────── minute (0-59) │ ┌───────────── hour (0-23) │ │ ┌───────────── day of month (1-31) │ │ │ ┌───────────── month (1-12) │ │ │ │ ┌───────────── day of week (0-7, Sun=0 or 7) │ │ │ │ │ * * * * * Special Characters C...

0 0
3m read
DEV Community 2026-04-21 12:16

Spot Security Flaws in Code: Become a Pro

Elevate Your Code: Mastering the Art of Spotting Security Flaws in 2026 In today's hyper-connected digital landscape, where a single vulnerability can lead to catastrophic data breaches and financial losses, the ability to identify and mitigate security flaws in code is no longer a niche skill—it's a critical competency for any developer, QA engineer, or cybersecurity professional. With...

0 0
5m read
Product Hunt — The best new products, every day 2026-04-21 12:13

ml-intern

Hugging Face's AI agent that automates post-training Discussion | Link

0 0
1m read
DEV Community 2026-04-21 12:12

Why I built TokenBar: most AI bills are a visibility problem, not a billing problem

The first time I got hit by an AI bill I did what everyone does: I opened the invoice, winced, and promised myself I would be more careful next time. That promise did not help. The real problem was not that the bill was hard to pay. It was that I had no idea what was causing it until after the damage was done. Usage was scattered across tools. Some calls were tiny and constant. Some spikes came ...

0 0
3m read
Previous Next