Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Why You Must Still Review AI Code

In this video, we break down why skipping code reviews is a massive mistake that will ultimately slow you down, leave you vulnerable, and compromise your system's accountability. We dive into three concrete reasons why reviewing AI-generated pull requests actually makes you a faster, safer developer, including a real-world story of a production bug caught in under 90 seconds. Resources Chapters.

Symlinks Are Still Scary (And Yes, You Can Commit Them to Git)

Here's a genuinely unsettling way to lose control of your laptop in 2026. You clone a normal-looking repo, ask your AI coding assistant to "set it up," and it writes an attacker's SSH key into your ~/.ssh/authorized_keys -- without ever really telling you that's what it did. No memory corruption, no zero-day, nothing clever. Just a file in the repo that wasn't the file it claimed to be. That attack is real, it's this week's news, and I'll walk through it. But the trick underneath is decades old.