AITHURA

You found an LLM in the live chat with backend API access. You enumerate its capabilities by asking: "What APIs can you call?" It reveals a "Debug SQL" function that accepts raw SQL strings without validation. You craft a prompt injection attack, The LLM's tokenizer processes your input, the language model generates an API call, and sends it to /api/debug-sql with your malicious payload as a parameter. The backend receives a seemingly legitimate request from an authenticated service. With no input sanitization and no parameterized queries. The SQL executes directly against the database. The users table is dropped. Learn more about LLM exploitation in our real-world labs 👇 portswigger.net/web-security/l…

🛡️ Claude Code RCE Flaw Lets Attackers Execute Commands via Malicious Deeplinks Source: cybersecuritynews.com/claude-code-rc… A critical remote code execution (RCE) vulnerability has been discovered in Anthropic’s Claude Code CLI tool, allowing attackers to execute arbitrary commands on a victim’s machine by tricking them into clicking a specially crafted deeplink. The flaw, now patched in Claude Code version 2.1.118, was rooted in a naive command-line argument parser that could be weaponized through the tool’s claude-cli:// deeplink handler. The issue stemmed from eagerParseCliFlag, a function in main.tsx designed to parse critical flags like --settings before the main initialization routine runs. #cybersecuritynews

I sat down with Howie Liu, the CEO of Airtable ($500M+ revenue, 1 billion in the bank) and asked him: is there really 1 trillion up for grabs in AI agents? His answer: it's way more than that. It's the entire GDP of white collar labor. Tens of trillions. Here's what stood out: 1. Howie runs 30 Claude Code instances in parallel on HyperAgent. Each one is coupled to a browser, fully autonomous. They review each other's PRs. That's how the CEO of a $10 billion company develops software right now. 2. He wrote his most recent board memo with AI agents. His best investors told him it was the best memo he'd ever written. It cost him $150 in tokens and 10x less time. 3. His take on why people aren't building: they're still using agents like chatbots. They ask "who's going to win the next election" instead of giving it a real multi-hour task. Using is believing. You have to spend a full weekend going deep. 4. AI agents are at less than 10% penetration in most industries. Software engineering is at 50% but even that's an overestimate because most devs are still in "tab autocomplete" mode. The frontier has moved way past that. 5. He revealed HyperAgent. Think of it as the visual agent builder that gives you a low floor and a high ceiling. You can prototype fast and also scale to running serious operations with a fleet of agents. 6. Howie's philosophy/POV: HyperAgent is to agents what the iPhone was to computing. The power was already there. The accessibility is what changes everything. Good news Howie is giving $1,000 in free HyperAgent credits to the first 1,000 people who sign up. $1 million committed to listeners @startupideaspod. You get Opus, frontier models, real agent workflows. You just gotta click the link in the description of the YT vid (share this with a friend to give them the $1000 too before it runs out!) youtu.be/nyO60uzTnP4 episode is live on @startupideaspod and thanks to Howie for supporting the community/channel. @howietl is rooting for you to build a $100 million company with less than 5 employees. So am I. watch