News and Tech Update

Terminal-based coding assistants for AI-curious developers are hot these days, and the most popular choice appears to be Claude Code . But Anthropic’s commercial offering has a new open source rival: MiMo Code , released under an MIT license by Chinese smartphone giant Xiaomi.  Unlike Claude Code, MiMo Code is not restricted to a specific LLM provider. It was also optimized for “long-horizon automated programming tasks,” according to the introductory blog entry . The software aims to “maintain decision quality and state continuity over dozens or even hundreds of execution steps.” The AI community has taken notice of this release. Since its v0.1 release last week, MiMo Code has garnered 9,000 stars on GitHub , and has been forked 783 times.  And unlike Claude Code, which costs $20 a month to start, MiMo is free, and may not even require connecting to a cloud provider, if the user installs a model on their own machine. Tackling Long Horizon Memory Retention  Large Language Models (...

AI coding agents can create a new code execution risk when they treat externally influenced error data as trusted guidance and have access to command line tools, according to new research from Tenet Security. The security company demonstrated an indirect prompt injection technique it calls “Agentjacking” in a recent report . In its proof of concept, an attacker planted malicious instructions inside a fake Sentry error report, causing an AI coding agent to execute an attacker-supplied command during a routine debugging task. The attack began with a Sentry Data Source Name (DSN), a credential commonly embedded in a website’s frontend JavaScript. Sentry treats DSNs as public and write-only because they allow applications to submit events without granting access to the project or its existing data. But an attacker who obtains the DSN can use it to send a false error event to the project’s ingest endpoint and control fields, including the error message, stack trace, tags, context and brea...

New Relic has made available an open source extension to its observability platform for coding tools at no additional cost. Nic Benders, chief technical strategist for New Relic, said the New Relic AI Coding Observability capability will make it simpler for DevOps teams to centrally monitor usage of a diverse range of artificial intelligence (AI) coding tools, including the cost of the tokens consumed, using the same platform they already have to observe IT operations. Regardless of the type of AI coding tool employed, New Relic AI Coding Observability normalizes the data collected, he added. That capability makes it possible for organizations to employ multiple AI coding tools as they best see fit, or swap one out for another as additional advances are made, noted Benders. The arrival of New Relic AI Coding Observability coincides with the sharing of a survey of 200 technology decision makers in the U.S. that finds a full 94% rate code generated by AI as being of a higher qualit...

DevOps has always carried a larger purpose than installing tools, automating pipelines, or improving deployment frequency. Those things matter. I have spent much of my career helping organizations make those things work. Yet the deeper purpose of DevOps is to improve the flow of value through a complex socio-technical system. The system includes tools, platforms, pipelines, environments, tests, controls and production operations. It also includes people, leadership behavior, decision rights, accountability, learning, fear, confidence and trust.   The technical side is easier to see. A failed build is visible. A broken deployment is visible. A production incident is visible. The human side usually fails more quietly. People stop speaking up. Teams wait for permission. Architects argue in private. Security arrives late. Operations becomes defensive. Leaders ask for more status. Engineers learn which truths are safe to tell and which truths create trouble. The organization continues to r...

Moonshot AI shipped Kimi K2.7-Code on June 12, 2026 — the fifth major release in the Kimi series in under a year, and arguably the most developer-friendly yet. The model is open-source, available on Hugging Face under a Modified MIT license, and accessible via the Kimi API and the company’s Kimi Code CLI. The headline claim: a 21.8% improvement on Moonshot’s own Kimi Code Bench v2 over its predecessor, K2.6. But the story that matters more for DevOps teams is efficiency, not just capability. Fewer Tokens, Less Waste Moonshot says K2.7-Code cuts reasoning token usage by 30% compared to K2.6. In practical terms, that means developers consume fewer compute resources while getting better results. For teams running coding agents at scale, that’s a meaningful cost reduction — not just a benchmark number. The model uses a Mixture-of-Experts (MoE) architecture with 1 trillion total parameters but only 32 billion active per token, paired with a 256K-token context window. Th...

GitHub has quietly removed one of the more annoying friction points in agentic automation — and the security implications are worth paying attention to. GitHub Agentic Workflows can now use GitHub Actions’ built-in GITHUB_TOKEN instead of a personal access token (PAT). That means developers no longer need to create, store, or rotate a PAT to run agentic workflows, eliminating both the operational hassle and the security risks that come with managing long-lived tokens at scale. It’s a small config change. The security payoff is not small. Why PATs Were a Problem Personal access tokens have always carried risk. They’re long-lived, often broadly scoped, and easy to forget about. In an agentic context — where workflows run autonomously, touching repositories, triggering CI/CD pipelines, and interacting with sensitive resources — a leaked or misconfigured PAT can create serious exposure. A recent arXiv paper flagged “agentic workflow injection” as an emerg...