Change Healthcare's Citrix portal had no MFA. Equifax had a free patch three days before they were breached. Companies don't fix vulnerabilities because the expected-value math, run honestly, genuinely points at inaction, and every breach press release that reads the same is what that math actually produces.
Deep coverage of programming, software delivery, cybersecurity, and engineering leadership.
NewDaron Acemoglu's new MIT paper proves there's an optimal AI accuracy, and it's not 100%. The knowledge-collapse equilibrium hinges on one parameter: how elastic human effort is. A separate MIT EEG study and three behavioral RCTs say it's elastic enough to worry about.
NewIn September 2025, Garry Tan called Delve a top YC startup. Six months later, YC quietly asked them to leave. The Delve scandal isn't really about Delve. It's about what happens when YC's trust network, the thing that's actually the product, gets stress-tested.
Most pnpm vs npm comparisons lead with install times. They're missing the point. npm's flat node_modules silently lets your code import packages you never declared, and the bug only surfaces in production. pnpm refuses to lie to you.
GPT-5.5 landed a week after Claude Opus 4.7, both claiming top of leaderboard. The category scores tell a cleaner story. The two models split coding work down the middle, and the split holds across independent harnesses. Pick by task, not by top-line score.
Apple named John Ternus CEO on April 20, 2026. The press called it smooth succession. The sharper read is that Apple already conceded its AI strategy in January with a $1 billion a year Gemini deal, and Ternus is the CEO you pick to ship that concession cleanly.
UT Austin just pledged $750 million for what it's calling the first 'AI-native' hospital, opening 2030. The press release says almost nothing about what that means. Trade-press coverage the same day named five specific systems. Whether the bet is real turns on the gap between them.
Ship quality software with pragmatic engineering playbooks.
Walk through every OWASP API Security Top 10 vulnerability with real attack examples and code-level mitigations you can ship this week.
A production guide to building high-performance Python backends with FastAPI, async SQLAlchemy, Pydantic v2, and modern deployment patterns.
From discriminated unions and branded types to variadic tuples and module augmentation: the TypeScript patterns that catch real bugs.
Stay ahead of cyber threats with battle-tested security guidance.
Walk through every OWASP API Security Top 10 vulnerability with real attack examples and code-level mitigations you can ship this week.
A practical guide to shifting security left: SAST, DAST, container scanning, secrets detection, IaC analysis, and GitHub Actions hardening.
A professional guide to open-source intelligence gathering: passive recon, threat actor profiling, and integrating OSINT into your security program.
Build high-performing teams and navigate the future of work.
AI coding tools haven't eliminated engineering headcount, but they've changed what good looks like. Here's how to hire, retain, and level engineers in a world where the tools do more.
Explore all tech articles by topic.
