DevOps

ClawJacked, Axios, and the Autonomous Agent Problem

ClawJacked, Axios, and the Autonomous Agent Problem

TLDR; In a single 72-hour stretch of March 2026, we watched three independent attack surfaces on autonomous agents fail at once: OpenClaw’s localhost gateway (ClawJacked), the Axios npm package (a cross-platform RAT), and Anthropic’s own Claude Code source map leak — all converging on March 31. I’m not a security expert. I’m a DevOps practitioner who ran the homework before running the software, and this post is that homework. Part 1 is the problem. Part 2 will be what I’d want to be true before I run a personal assistant in a form of agent.

Read More
Andrej Karpathy Just Made RAG Obsolete — And All You Need Is Three Folders

Andrej Karpathy Just Made RAG Obsolete — And All You Need Is Three Folders

**TL;DR **Andrej Karpathy just published a gist called LLM Wiki that replaces complex RAG pipelines with three plain-text folders: raw, wiki, and output. A coding agent reads your raw material, builds a compounding wiki, and your LLM context window becomes genuinely smarter over time — no vector database, no embeddings infrastructure, no DevOps expertise required. I’ve been doing a version of this for four years on my wiki. Now that Karpathy has a name for it, maybe everyone else will catch up.

Read More
The View from Outside the Glass: Why Growing Organizations Need the Outsider's Mirror

The View from Outside the Glass: Why Growing Organizations Need the Outsider's Mirror

TL;DR, Growing engineering organizations get trapped in the “inner loop” — high-velocity execution that slowly drifts from strategic intent. An external consultant’s value isn’t superior knowledge; it’s lower latency to the truth. This post explores why speaking up is an act of service, not arrogance, and how the “outsider’s mirror” helps teams move from reactive execution to intentional alignment.

Read More
The $1,892 Agent: MiniMax M2.5 and the Dawn of Always-On Intelligence

The $1,892 Agent: MiniMax M2.5 and the Dawn of Always-On Intelligence

TL;DR

MiniMax M2.5 is a 230B-parameter model that activates only 4% of its weights per token — yet scores 80% on SWE-bench Verified, putting it neck-to-neck with Anthropic Opus 4.6 at roughly 3% of the cost. At ~$1,892/year for a continuously running agent, the “always-on agent” is no longer a thought experiment. The cost of intelligence is approaching the cost of electricity, and Jevons’ Paradox says: demand is about to explode.

Read More
Free & Secure Local Development: Bitwarden Secrets Manager with K3d + Walkthrough

Free & Secure Local Development: Bitwarden Secrets Manager with K3d + Walkthrough

Originally posted on the Israeli Tech Radar on medium.

Free & Secure Local Development: Bitwarden Secrets Manager with K3d + Walkthrough

We all deal with secrets, and managing them effectively is crucial for security, especially when working with local development environments. I’ve personally relied on Bitwarden’s free tier for secure password management for years. I moved from a bunch of tools which I needed to be synchronized and kept in sync with my local machine, not because others are bad, but because Bitwarden has a CLI, Desktop, Chrome extension & web which seemly integrated with my workflows.

Read More
Infrastructure as Code: Navigating Declarative and Imperative Approaches

Infrastructure as Code: Navigating Declarative and Imperative Approaches

Originally posted on the Israeli Tech Radar on medium.

I read somewhere in my late night browsing that 71% of infrastructure as code is done using Terraform. That’s a huge number, right?, and although I may not be accurate the truth isn’t that far from it. It’s almost become the default choice. And what if I told you that the default isn’t always the best for everyone?

Read More