I’ve spent the last decade in QA management, and if there’s one debate that consistently heats up when discussing strategy, it’s the selector approach. Specifically: Do we stick to the DOM or do we trust the “eyes” of the machine? For years, element-based automation was the undisputed king. It’s what we all learned: find the … continue reading
AI is transforming software development at an unprecedented pace. Some claim that AI is making developers faster, automating coding, and even replacing unit testing. In reality, these claims oversimplify the challenges of building reliable software. AI does not eliminate test-driven development (TDD); it exposes whether developers truly understand it. If anything, AI raises the bar … continue reading
FOURTH OF FOUR PARTS Throughout this series, we’ve explored how prompt injections exploit the fundamental architecture of LLMs. We’ve seen direct attacks that manipulate user input, indirect attacks that poison data pipelines, and multi-modal attacks that hide instructions in images and documents. Now we address the critical question: how do we defend against threats that … continue reading
Kubernetes is evolving fast, and one of the biggest changes in recent years has been the move from annotations to Custom Resource Definitions (CRDs) for configuration and extensibility. This shift is especially visible in ingress configuration, where CRDs are taking over to provide better structure, validation, and scalability. The Kubernetes Gateway API, built entirely on … continue reading
THIRD OF FOUR PARTS Part 1 and Part 2 covered how LLMs process input and how attackers exploit direct access to the prompt. But what if the attacker never touches the prompt directly? Indirect prompt injection represents a more insidious threat: malicious instructions embedded in content the LLM retrieves and processes, allowing attackers to compromise … continue reading
In the fast-moving world of financial technology, developers are caught in a relentless, high-stakes tug-of-war. On one side, the product and growth teams are demanding a frictionless, sub-second user onboarding experience. They know that every additional form field or loading spinner increases the abandonment rate. On the other side, the SecOps and compliance teams are … continue reading
SECOND OF FOUR PARTS In Part 1, we established why LLMs are vulnerable: the attention mechanism treats all input tokens equally, with no architectural separation between trusted instructions and untrusted user data. Now we explore how attackers exploit this through direct prompt injection techniques where the attacker directly manipulates their input to override the model’s intended … continue reading
Let’s be candid: B2B CRM data is a disaster. It doesn’t matter if you are running a lean instance of Pipedrive or a monolithic deployment of Salesforce; the moment you let human beings manually enter data into your system, you are building a data swamp. Sales reps are incentivized to close deals, not to be … continue reading
FIRST OF FOUR PARTS Before we can understand how attackers exploit large language models, we need to understand how these models work. This first article in our four-part series on prompt injections establishes the foundation: what happens between typing your question and receiving an answer, and why that process creates security vulnerabilities that didn’t exist … continue reading
OpenAI today released the Codex app for Windows, powered by OpenAI’s frontier coding models, and it’s now the only coding agent with a first-class Windows experience. According to a 2025 survey from Stack Overflow, nearly 50% of developers use Windows for professional use and more than 55% use it for personal use. The Codex Windows … continue reading
If bad data in e-commerce costs money, bad data in healthcare tech costs lives. As the industry races to comply with federal interoperability mandates (like the ONC’s Cures Act rules) and adopts FHIR (Fast Healthcare Interoperability Resources) standards, developers are battling a massive architectural headache: the “duplicate patient” crisis. When hospital networks merge, or when … continue reading
Here’s a quick library to write your GPU-based operators and execute them in your Nvidia, AMD, Intel or whatever, along with my new VisualDML tool to design your operators visually. This is a follow up into my older DirectML article. The DMLLib source is available here. VisualDML source and download is available here. Windows Store download here. … continue reading
