Groundy — independent coverage of developer tools, infrastructure, and platforms
security
Vercel BotID's Telemetry Is a Threat Intelligence Feed Most Teams Discard
Vercel BotID emits session telemetry, verdicts, JA4 digests, paths, and verified-bot labels, rich enough to repurpose as a threat feed and flag what the WAF lets through.
policyWhen Vibe-Coded Software Is Safety-Critical, Who Verifies It?
A June 2026 preprint argues vibe-coded code cannot certify under aviation or automotive safety standards, shifting the audit object from prompt to verification artifact.
security
Extracting Unseen Training Data From an LLM by Poisoning Its Loss Landscape
Loss landscape poisoning reshapes a model's loss function so that ordinary training forces it to memorize a record the attacker never possessed, lifting extraction to 100%.
agentsDo Retrieval Metrics Predict Tool-Use Agent Success? A Paper Says No
A June 2026 arXiv paper shows recall@k misleads when evaluating RAG-backed agents: on tau-bench, 7% rank-1 recall still produced near-gold policy classification.
infraVercel's In-Function Concurrency: What It Does to Cold Starts and Billing
Vercel's in-function concurrency lets one warm instance serve many requests. Cold starts and idle-I/O bills drop, but CPU-bound handlers contend and shared state can race.
policyCan You Trust an AI Robustness Certificate? A Paper Says Verify It
A June 2026 preprint sharpens how neural-network robustness certificates are computed, but verifiers that issue them can return wrong verdicts and miss planted backdoors.
agentsCan You Pinpoint Which Step Broke a Long-Horizon AI Agent?
SAFARI probes long agent runs to localize the failing step, beating prior methods by 20% and shifting triage cost from engineer hours to inference spend.
industryVercel's Series D Thesis Hardened Into a Whole-Stack Lock-In
Vercel's 2021 Series D stated a whole-lifecycle platform thesis. Later rounds financed acquisitions that moved lock-in past hosting into analytics, CI, runtime, and agents.
featured
- models GLM-5.2 vs Kimi K2.7 Code: Two Open-Weight Bets on Agentic Coding
- devtools Cursor Goes to SpaceX, Windsurf to Cognition: What Changes for Dev Teams
- policy US Export Order Forces Anthropic to Disable Fable 5 and Mythos 5 Worldwide
- infra MiniMax M3 Ships 1M Context and Desktop Control as Open Weights
- agents When AI Agents Delegate Work, Your Observability Stack Goes Blind
most popular
- devtools GitHub Copilot vs Cursor vs Claude Code: The 2026 AI Coding Showdown
- models AI Code Generation Benchmarks 2026: Which Model Actually Writes Better Code?
- models GLM-5.2 Benchmarks: What 62.1% SWE-bench Pro and 99.2% AIME Actually Mean
- infra Running GLM-5.2 at Home: SGLang, vLLM, Transformers, and KTransformers Setup Guide
- models Chinese AI Models Compared: DeepSeek, Qwen, Kimi, Doubao, and Ernie
- industry Cursor's Meteoric Rise: Inside the AI Editor Hitting $300M ARR
- industry Fable 5 Credit Cliff: What the June 23 Billing Shift Means for Teams
- devtools Running GLM-5.2 in Cursor, Cline, and Roo Code: Migration Checklist and Gotchas
- devtools Claude Code Plugins: Anthropic's Official Plugin Ecosystem Explained
- infra MLX vs llama.cpp on Apple Silicon: Which Runtime to Use for Local LLM Inference
top
feed
- jun 23 security Vercel BotID's Telemetry Is a Threat Intelligence Feed Most Teams Discard
- jun 23 policy When Vibe-Coded Software Is Safety-Critical, Who Verifies It?
- jun 23 security Extracting Unseen Training Data From an LLM by Poisoning Its Loss Landscape
- jun 23 agents Do Retrieval Metrics Predict Tool-Use Agent Success? A Paper Says No
- jun 23 infra Vercel's In-Function Concurrency: What It Does to Cold Starts and Billing
- jun 23 policy Can You Trust an AI Robustness Certificate? A Paper Says Verify It
- jun 23 agents Can You Pinpoint Which Step Broke a Long-Horizon AI Agent?
- jun 23 industry Vercel's Series D Thesis Hardened Into a Whole-Stack Lock-In
- jun 23 devtools make-look-scanned Simulates Scans in an Offline WASM File, Exposing PDF Provenance as a Pixel Check
- jun 23 infra Poisoning a RAG Retriever: How Conflict-Aware Edits Inject False Knowledge
- jun 23 models Can AI Write CAD Programs? CADBench Measures the Gap
- jun 23 infra Vercel Raised Its CDN Origin Timeout to Two Minutes: What Breaks First
- jun 23 infra Gradio-Lite Runs Model Inference in the Browser via Pyodide, No Server
- jun 23 devtools Vercel's Billing Usage API: Wiring Cost Data Into CI Cost Gates
- jun 23 infra Cloudflare AI Gateway Adds Spend Limits to Cap the Runaway Inference Bill
- jun 23 infra Vercel Now Honors stale-if-error: Serving Stale Cache When the Origin Dies
- jun 23 models ByteDance's Doubao 2.1 Pro vs GPT-5.5: Reading Self-Reported Benchmarks
- jun 22 policy Can a Benchmark Catch When AI Discharge Summaries Drop Care Steps?
- jun 22 devtools Vercel CLI Now Scopes Commands to the Local Directory: Audit Your CI Scripts
- jun 22 security React Router CVE-2025-31137: Vercel's Edge Fix Is Not the Patch
- jun 22 infra Vercel's Manual CDN Purge API: Cache Control Without a Redeploy
- jun 22 industry Samsung Picks OpenAI's Codex for Its Engineers, Pressuring GitHub Copilot
- jun 22 devtools Vercel Sandbox Snapshot Retention: What Custom Windows Change for Agent Runtimes
- jun 22 industry Potion.so Sold After 4,000 Vercel Deploys: The Micro-SaaS Exit Playbook
- jun 22 policy Do LLM Personality Tests Measure Anything? A New Paper Says No
- jun 22 security Reported React Server Components Leak Is Unconfirmed: Audit the Payload
- jun 22 devtools Generating Vercel Firewall Rules From Natural Language: What to Audit
- jun 22 devtools GLM-5.2 Coding Plan vs Claude Opus 4.8: Picking a Model for Coding Agents
- jun 22 security Vercel's Secure AI Agent Guidance Pushes Defense Into the Sandbox
- jun 22 security Nx Supply-Chain Attack Used Developers' Own AI CLIs to Hunt Secrets
- jun 22 industry Vercel Folds Backends, Agent Tooling, and Operations Into Its Deploy Platform
- jun 22 infra Cloudflare Now Routes Public Traffic to Private Apps via DNS, No VPN
- jun 22 oss OpenAI's Patch the Planet Is Security Capacity for Nine Projects, Not Sustainability Funding
- jun 22 oss MiniMax M3 Claims GPT-5.5-Beating Code With 1M Context and Open Weights
- jun 22 industry George Hotz Says Only AGI Doom Justifies Today's AI Valuations
- jun 22 infra GitHub's AI Capacity Crunch Pushes Microsoft to Rent AWS Compute
- jun 22 policy Community LoRA Mining Raises a Consent Gap for Style Generation
- jun 21 culture Why Audio Deepfake Detectors Keep Losing the Voice-Cloning Arms Race
- jun 20 security Mixed Compliance Data Makes Safety Fine-Tuning a Curation Problem
- jun 20 policy When an LLM Narrates a Solver, the Explanation Drifts From the Math
- jun 20 infra Cloudflare's Temporary Accounts Give AI Agents Disposable Credentials
- jun 20 policy Grading DiffusionGemma: How an Open-Weight Diffusion Model Scores on Transparency
- jun 20 policy Who Owns Editorial Authority When LLMs Mediate Knowledge?
- jun 20 oss Lithuania's Open-Source Drone-Detection Network Signals an Air-Defense Shift
- jun 20 culture Why AI Misreads Nigerian English: A Register Gap in Public Discourse
- jun 20 agents Deep-Research Benchmarks Hide How Agents Fail at Open-Web Source Grounding
- jun 20 policy Vector Database Access Control Is Missing, and RAG Pipelines Pay for It
- jun 20 agents DSPy Ships Autonomous Prompt Optimization, but Judge Drift Is the Failure Mode
- jun 20 culture What YouTube's Coding Tutorials Teach About Who Belongs in Software
- jun 20 industry Finance Agent Benchmarks Expose Where Lending Automation Breaks