360SOFTY

Insights

Engineering Insights

Practical writing on software architecture, SaaS products, AI automation, legacy modernisation, and the business of building reliable systems.

RSS

Curated links from external sources — not 360Softy original articles.

External
The Hacker News

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

A security researcher found a flaw in Anthropic's Claude Code GitHub Action that let an attacker take over vulnerable public repositories running it, with nothing more than a single opened GitHub issue. Because Anthropic's own action repo used the same workflow, a working attack could have pushed malicious code into the action itself and onto the projects downstream that pull it. RyotaK of GMO

The Hacker NewsRead original
External
The Hacker News

Agentic AI Is Transforming Defense, But Only Secure IT Infrastructure Will Maximize It

Over the past several weeks, the cybersecurity community has been reminded how quickly frontier and agentic AI in defense networks can challenge our assumptions. When Anthropic's Claude Mythos model was made available to a limited set of organizations as a technical preview, it was reported that an unauthorized group claimed that it had gained access within hours. The incident, if true, was

The Hacker NewsRead original
ExternalCybersecurity
SecurityWeek

Offroad Emerges From Stealth With $7 Million to Tackle Enterprise Identity Risk

As AI agents, machine identities, and third-party applications multiply across enterprises, Offroad is betting autonomous security agents can restore control over an increasingly unmanageable identity landscape. The post Offroad Emerges From Stealth With $7 Million to Tackle Enterprise Identity Risk appeared first on SecurityWeek.

Cybersecurity FundingIdentity & AccessAI
SecurityWeekRead original
ExternalSoftware Engineering
DZone

Beyond Manual Annotation: Engineering Self-Correcting Pseudo-Labeling Pipelines

Manual annotation is a massive bottleneck for multimodal inference systems in high-velocity production environments. If you want to survive catastrophic distribution shifts, you have to automate your labeling pipeline. I want to walk through a pseudo-labeling architecture we built that filters out extreme pipeline noise to hit a 0.93 F1 score using XGBoost. Semi-supervised strategies like pseudo-labeling look great on paper but often fail in practice. They suffer from confirmation bias. The mode

ExternalSoftware Engineering
GitHub Changelog

Copilot Chat brings richer context to pull requests

GitHub Copilot Chat now provides richer context and new capabilities when you’re working with diffs and pull requests on github.com. This feature was previously in public preview and is now… The post Copilot Chat brings richer context to pull requests appeared first on The GitHub Blog.

GitHub ChangelogRead original

Work with 360Softy

Building a SaaS product, AI system, or business platform?

Book a free consultation and we will tell you honestly whether we can help.