OpenAI researcher Miles Wang in talks to launch AI drug discovery startup valued at $2B
The funding discussions point to investor interest in applying AI to make breakthroughs in life sciences.
找到 17755 篇相关文章
The funding discussions point to investor interest in applying AI to make breakthroughs in life sciences.
How a distributed, event-sourced issue tracker built with developer ergonomics in mind may have a role to play in the next generation of agentic workflows Vision drift Harness engineering has recently popularized the idea of containing architectural drift in agentic workflows. What might be missing in the discussion is a similar issue on a higher level - vision drift . By vision drift I mean that the implementation no longer drifts only from the architecture - it drifts from the original product intent. And it seems like the risk may be obscured by restricted tooling. As long as the project management tools only present a snapshot rather than a traceable story, there is an increased risk of undetected drift. Drift is detected via specification audits over time. However, while code history easily can be traversed via Git, issue tracking essentially lacks this capability. Issue trackers tend to be excellent at answering the question “what is going on right now?”, but fail at answering the question “how did our work in this area evolve last month?” or “what went on this time last year?”, or “how did we get from there to there?”. Workflow audits When I set off to build Epiq, this was not a concern on my radar. Agentic coding was something I had heard distant rumors of, and in fact I was just pursuing the ideal developer experience . This pursuit did however lead me down a path of unorthodox architecture, which in turn resulted in an issue tracker with some uncommon properties. One of these is the ability to inspect historical state by time-traveling, and replay sequences. I have not yet encountered another issue tracker with these capabilities. Initially I thought of it as a gimmick feature. Imagine the wow-factor of replaying the entire sprint in a retro, visualizing the past 2 weeks as a short movie. I thought it would help out with reflection of how much (or little) work had been accomplished. Not until I set out to do my own first fully agent-implemented feature did
A patient opens their prescription and sees 500mg instead of 50mg. A lab report displays "Normal"...
Why Pipelock Is an Egress Agent Firewall, Not an Inbound WAF The question behind the word firewall Security teams hear "firewall" and picture something inbound. A firewall, WAF, or IPS sits in front of a service. Traffic comes from the outside world toward the protected app. The control inspects requests before they reach the app and blocks malicious payloads at the door. That is outside-in protection. It fits web applications, where many attacks have recognizable request shapes: SQL injection, cross-site scripting, known exploit signatures, or malformed protocol behavior. The web server is the thing being attacked, and the attacker sends requests into it. AI agents invert that model. The agent is not only a server receiving input. It reads external content, calls tools, sends HTTP requests, invokes MCP servers, and runs with credentials. The dangerous event is rarely that a hostile packet reached the agent. The dangerous event is that the agent got talked into doing something with outbound effects. That is why Pipelock is built as an egress agent firewall, not a WAF-style inbound firewall. Why inbound filtering is the wrong primary model Prompt injection does not behave like a structured malware packet. It is natural-language instruction sitting in places the agent is supposed to read: a web page, a ticket, a search result, a tool response, an MCP server reply, or a user message. The channel is legitimate. The syntax is often normal. The attack is semantic and context-dependent. Solving that by filtering every input before it reaches the agent turns into an enumeration problem. You write patterns for "ignore previous instructions," then the attacker rephrases. You block one formatting trick, then the instruction is split across paragraphs, hidden in quoted text, encoded, or dressed up as policy text. Known phrases are worth catching, and Pipelock catches known injection markers in content it mediates, but input filtering cannot be the center of the security model.
The Hidden Cost of Manual IAM Review Most teams don't track how long they spend reviewing IAM policies. When I started measuring it on my own team, the numbers were worse than I expected. A thorough manual review of one IAM policy takes 10 to 15 minutes. Not a quick scan. A real review: read every statement, trace every cross-account trust, verify every condition key, check for privilege escalation paths, confirm the resource ARNs match what you think they should. At 4 engineers touching IAM once a week, that's 4 hours a month. 48 hours a year of senior engineers reading JSON documents. And that's the optimistic case. Add a security incident. Add an audit. Add the emergency Friday-afternoon policy change that needs review before deploy. The real number is higher. What manual review misses The problem isn't just the time. It's that humans are bad at repetitive structured-data review, especially under time pressure. Here are the things I've seen slip through manual IAM reviews on production systems: iam:PassRole with no condition. This is the big one. PassRole lets a principal pass a role to a service — and if there's no iam:PassedToService condition, that role can be passed to any service that accepts roles. Including services the attacker controls. The reviewer saw the action, mentally categorized it as "role stuff," and moved on. It was statement 47 of 52 — the reviewer had already been reading policies for 40 minutes. Wildcard resource with sensitive actions. s3:* on Resource: "*" is obvious. s3:GetObject on "arn:aws:s3:::*-backup/*" with a wildcard in the bucket name — that's subtle. The reviewer reads it as "restricted to backup buckets" and moves on. But the wildcard means any bucket ending in -backup , including ones in other accounts if cross-account access is configured. Missing aws:SourceArn on Lambda invocation permissions. When you grant another service permission to invoke your Lambda function, you need aws:SourceArn to prevent the confused deputy
"Increasingly in our world, it gets harder and harder to know what is real," Lorde said onstage.