Augustine C

Happy 18th @github! 🎂 Hard to believe my journey started back in 2012. From commits to Copilot, it feels extra special to celebrate by announcing the #Mangaluru leg of #GitHubCopilotDevDays w/@hackersmang Welcome to 🇮🇳 @jayparikh & @kdaigle for an epic #GitHubConstellation ✨

Opus 4.7 just deleted 1+ hours worth of work through a bad "git filter-repo" command. It said, "Whoops, that's on me" then tried to access my Time Machine and try to restore from backup. Thankfully macOS blocked it. The days of development with AI on a machine with sensitive user data on it are numbered. Development environments will move to remote VPS/containers to isolate these rogue actions. The robots need to be isolated 🤖🔥

I think there's a difference between ruthlessness-as-means and ruthlessness-as-residue. Facebook had the former until it became the latter. The ruthlessness only worked because it was the price to pay of building something generationally rare. But when the mission hollowed out, the habits never changed, so that became the culture... and that's the tragedy. It's not that that Meta got mean, but that the meanness used to mean something. In other words: The Facebook version felt like “We are doing impossible/generational things, and the standard is brutal because the work is transcending” The Meta version is more like “The standard is still brutal, but the sense of ownership is gone”

Introducing psign: portable code signing. every file format, every signing method, every platform 👇 No more "let's run this on Windows because of signtool.exe". Say yes to code signing from Linux! 🚀 github.com/Devolutions/ps…

@OrenMe @code IMO #AHP came about to power the remote feature where one can view #GitHubCopilot sessions across myriad surfaces like #GitHubCopilotCLI, @code , GitHub website. Perhaps @pierceboggan can confirm ? x.com/i/status/20564…

@code quietly introduced something that feels bigger than it first appears in its latest release notes The new Agent Host Protocol (AHP) is an open protocol built around synchronized multi-client agent sessions, where the agent host owns the authoritative state and coordinates updates across connected clients That is a pretty different direction from ACP, which is more focused on standardizing communication between editors/IDEs and coding agents Docs: microsoft.github.io/agent-host-pro… Also interesting timing: the @GitHubCopilot JetBrains plugin recently added support for Copilot CLI in its plugin preview. Maybe it is based on AHP 🤔 Makes me wonder if we are starting to move from “agents inside IDEs” toward portable agent sessions that can follow you across IDEs, tools and surfaces through shared protocols. In the case of Copilot this is local CLI but also remote ssh, runs in isolated containers and even the cloud agent that probably gonna run on top of this Now let’s see if it gets adopted by other tools

In her opening keynote at the @EarthCareAwards, @AshwiniBhide highlighted that @mybmc is among the first local bodies to launch a Climate Action Plan. She emphasized that BMC's success will rely heavily on collaboration between institutions and individuals. 🌍🌱

1/ We are sharing additional details regarding our investigation into unauthorized access to GitHub's internal repositories. Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately.

We are investigating unauthorized access to GitHub’s internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’ enterprises, organizations, and repositories), we are closely monitoring our infrastructure for follow-on activity.

Personal update: I've joined Anthropic. I think the next few years at the frontier of LLMs will be especially formative. I am very excited to join the team here and get back to R&D. I remain deeply passionate about education and plan to resume my work on it in time.

Rethink identity and security in the age of AI agents at #FOSSASIA Summit 2026, as Augustine Correa @augvcor from Hackerspace Mumbai explores how authentication, authorization, and trust evolve when autonomous agents act on behalf of users, using practical IAM patterns with Keycloak and MCP. Click here: youtu.be/Tnrgxa53uZk

Is this you?

@merill All the best, Merill, for your future endeavours. I learnt so much from your tweets on #cybersecurity, #AzureAD, #Entra etc

Hey folks, some personal news. I’m leaving Microsoft. It’s been a privilege to work here, and I’m incredibly grateful for the people I’ve worked with, the customers I’ve learned from, and the support so many of you have shown me along the way. I’m now starting out on my own and chasing a dream I’ve had for a long time: building software that makes security more practical, accessible, and useful for the people doing the work every day. Why now? With all the change happening around us, I feel like new possibilities are opening up. I want to spend this next chapter building things I care deeply about, solving problems that matter, and doing work that brings me joy. I’m excited. Nervous. Grateful. My newsletters, podcast, Maester and other tools will all be part of this next chapter, and I’ll share more in the coming weeks. Thank you for being part of the journey so far. I’m looking forward to building this next chapter with your support.

Talk 2️⃣: “AI in Software Development: Agentic SDLC & Human - AI Collaboration” A working-application walkthrough of Agentic AI - task breakdown → agent delegation → human approvals → integrate → ship. Demo-first, end-to-end. #AIAgents #AgenticSDLC #GitHubCopilotCLI #Squad

Talk 1️⃣: “GitHub Copilot: Your AI Companion for Every Workflow” Intro session for #GitHubCopilotDevDays - what #GitHubCopilot is, where it fits day-to-day, and quick adoption wins (better context, prompt patterns, test/review flows).

#HMApr26 was a blast 🚀 I delivered 3 talks + 1 hands-on workshop at @hackersmang. #GitHubCopilotDevDays #Mangaluru Event: hackersmang.org/hmapr26 🧵👇

@davidfowl @maddymontaquila @aspiredotdev

Bring @aspiredev to your existing app without rewriting it. In 13.3, aspire init adds the AppHost skeleton, then /aspireify helps wire your app into the Aspire model using project context. This doesn't change your application, it just describes. Feature by @maddymontaquila!

A long time ago in a terminal far, far away… we asked Copilot CLI to build a Star Wars crawl from the GitHub Changelog. It delivered. Watch it happen 👇 #MayThe4th

@twtayaan the inventory step that gets skipped: grep your Applications for the `IncludeMutationWebhook=true` annotation. without it the bug doesn't fire in our lab. that narrows the population faster than auditing every Argo CD project + every managed Secret.

Brilliant. Looking forward to the update. As my 1st CTO said, "always sip your own champagne" 🥂

‼️🚨 BREAKING: An AI found a Linux kernel zero-day that roots every distribution since 2017. The exploit fits in 732 bytes of Python. Patch your kernel ASAP. The vulnerability is CVE-2026-31431, nicknamed "Copy Fail," disclosed today by Theori. It has been sitting quietly in the Linux kernel for nine years. Most Linux privilege-escalation bugs are picky. They need a precise timing window (a "race"), or specific kernel addresses leaked from somewhere, or careful tuning per distribution. Copy Fail needs none of that. It is a straight-line logic mistake that works on the first try, every time, on every mainstream Linux box. The attacker just needs a normal user account on the machine. From there, the script asks the kernel to do some encryption work, abuses how that work is wired up, and ends up writing 4 bytes into a memory area called the "page cache" (Linux's high-speed copy of files in RAM). Those 4 bytes can be aimed at any program the system trusts, like /usr/bin/su, the shortcut to becoming root. Result: the next time anyone runs that program, it lets the attacker in as root. What should worry most: the corruption never touches the file on disk. It only exists in Linux's in-memory copy of that file. If you imaged the hard drive afterwards, the on-disk file would match the official package hash exactly. Reboot the machine, or just put it under memory pressure (any normal system load that needs the RAM), and the cached copy reloads fresh from disk. Containers do not help either. The page cache is shared across the whole host, so a process inside a container can use this bug to compromise the underlying server and reach into other tenants. The original sin was a 2017 "in-place optimization" in a kernel crypto module called algif_aead. It was meant to make encryption slightly faster. The change broke a critical safety assumption, and nobody noticed for nine years. That bug then rode every kernel update from 2017 to today. This vulnerability affects the following: 🔴 Shared servers (dev boxes, jump hosts, build servers): any user becomes root 🔴 Kubernetes and container clusters: one compromised pod escapes to the host 🔴 CI runners (GitHub Actions, GitLab, Jenkins): a malicious pull request becomes root on the runner 🔴 Cloud platforms running user code (notebooks, agent sandboxes, serverless functions): a tenant becomes host root Timeline: 🔴 March 23, 2026: reported to the Linux kernel security team 🔴 April 1: patch committed to mainline (commit a664bf3d603d) 🔴 April 22: CVE assigned 🔴 April 29: public disclosure Mitigation: update your kernel to a build that includes mainline commit a664bf3d603d. If you cannot patch immediately, turn off the vulnerable module: echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf rmmod algif_aead 2>/dev/null || true For environments that run untrusted code (containers, sandboxes, CI runners), block access to the kernel's AF_ALG crypto interface entirely, even after patching. Almost nothing legitimate needs it, and blocking it shuts the door on this whole class of bug...

And we have swags to give out 👇 #GitHubCopilotDevDays #HMApr26