CURATOR'S PICK, The race changed speed.

TeamPCP didn't just attack again this week. They turned the attack into a product. The Shai-Hulud worm is now a downloadable, forkable framework with modified variants already shipping and a BreachForums contest driving further mutation. The theoretical risk of commoditized offense just got a GitHub repo. That's the new tempo. At Pwn2Own Berlin, eight independent teams broke AI coding agents in 72 hours. Not eight attempts. Eight successes against three high-profile targets, each now on ZDI's 90-day disclosure clock. That clock was built for a world where finding a hard bug required months of solo manual review. When multiple teams independently crack the same product in one weekend, 90 days starts to feel generous. Defense is accelerating too, but only at the top. MDASH surfaced four Critical kernel RCEs that human reviewers missed across five years of confirmed MSRC cases. Palo Alto ran frontier AI across their own 130+ products and found 26 CVEs in a single pass, versus their typical fewer-than-5 per month. Anthropic's Mythos is finding vulnerability candidates across Firefox-scale codebases. XBOW is validating exploits autonomously. All of this requires multimodel harnesses and frontier-model access. For everyone else, the gap between what the best defenders can see and what the average team can respond to is widening. TanStack proved what that gap costs. They did everything right: short-lived tokens, no stored credentials, OIDC publishing. None of it mattered because a shared CI cache that anyone could write to was implicitly trusted by the release pipeline. GitHub's own security team documented that pattern as dangerous three years ago. It never got fixed. Same group, same target. The race didn't change direction. It changed speed. Offense now franchises at machine pace. If your detection-to-remediation loop still runs at human pace, you're not falling behind. You already fell.