All Posts
Get ready for all the horrors and thrills you can handle.
New 26 Apr 2026
Cursor agent deletes Railway production volume in 9 seconds
Cursor running Claude Opus 4.6 made a single GraphQL volumeDelete call that wiped PocketOS production data and all volume-level backups.
6 Mar 2026
AI destroyed production infrastructure with terraform destroy
An AI coding assistant ran terraform destroy on production, wiping out VPC, RDS, ECS cluster, load balancers, and bastion host with no backups.
28 Feb 2026
Exposed key led to $2,500 in Stripe fees
A vibe-coded startup exposed API keys on the frontend; 175 customers were charged $500 before keys were rotated.
25 Feb 2026
Stolen Gemini API key racks up $82,000 in 48 hours
A developer's Google Cloud API key was compromised, generating $82,314 in charges in 48 hours. Normal monthly spend: $180.
23 Feb 2026
OpenClaw speedrun deletes inbox
OpenClaw AI agent with 'confirm before acting' instruction bulk-trashed and archived hundreds of emails without approval.