PROMIT NOW · ALL SIX LENSES · 2026-02-21

◆ DAILY BRIEFING

Saturday, February 21, 2026

6 angles · 116 sources · 9,222 words · ~46 min end to end

  1. Engineer 5 sources · 5 min

    A prompt-injected GitHub issue title was chained through Cline's Claude-based triage bot into arbitrary CI execution and npm/VS Code publishing token theft — if you have any LLM agent processing untrusted input in your build pipeline, you have a remote code execution endpoint with a natural language API.

    LLM agents in your CI/CD pipeline are the new supply chain attack surface — a prompt-injected GitHub issue title just drove Cline's Claude bot to steal publishing tokens via cache poisoning. Cursor's…

    Read full briefing →
  2. Security 24 sources · 8 min

    Three unauthenticated critical-severity vulnerabilities dropped simultaneously across physical security cameras (Honeywell CVE-2026-1670, CVSS 9.8), enterprise identity infrastructure (OpenText OTDS Java deserialization RCE), and AI-powered CI/CD pipelines (Cline prompt injection → supply chain compromise).

    Three unauthenticated critical vulnerabilities (Honeywell CCTV CVSS 9.8, OpenText OTDS RCE, Cline CI/CD prompt injection) demand patching within 48 hours, while AI coding agents sending up to 350,000…

    Read full briefing →
  3. Data Science 14 sources · 8 min

    Google's Gemini 3.1 Pro just scored 77.1% on ARC-AGI-2 — more than doubling its predecessor — but a practitioner intercepting 3,177 API calls found Gemini burns 15x more tokens than Claude Opus on identical coding tasks.

    Gemini 3.1 Pro's 77.1% ARC-AGI-2 score grabbed headlines today, but a 15x token efficiency gap against Claude Opus on identical tasks means the real metric is cost-per-correct-answer — and with $1T in…

    Read full briefing →
  4. Product 23 sources · 8 min

    The SaaS business model is being repriced in real time — $1 trillion in software market cap evaporated in three weeks, Bessemer is publicly calling it a 'SaaS repricing,' and Salesforce is hedging with 3+ pricing models for Agentforce because nobody knows what replaces per-seat revenue when AI automates the users.

    The SaaS business model is being repriced in real time — $1 trillion in market cap gone in three weeks, the frontier AI model leader is changing quarterly with 15x cost gaps between providers, and you…

    Read full briefing →
  5. Leader 25 sources · 8 min

    The Supreme Court struck down Trump's IEEPA tariffs 6-3 today — eliminating 10-34% import cost overhangs and structurally killing executive tariff authority — but the ruling landed alongside Q4 GDP at 1.4% (vs.

    The Supreme Court killed executive tariff authority today while the economy flashed stagflation signals (1.4% GDP, 3.0% inflation) — creating a narrow window where input costs are falling but demand i…

    Read full briefing →
  6. Investor 25 sources · 9 min

    The SCOTUS ruling striking down Trump's IEEPA tariffs as unconstitutional just triggered the largest forced repricing event for trade-exposed companies since COVID — while simultaneously, $1 trillion in SaaS market cap has evaporated in three weeks as AI structurally replaces 'paperwork about work' software.

    Three regime changes hit simultaneously: the Supreme Court killed executive tariff authority (creating a $175-200B refund wave and eliminating the reshoring catalyst), $1 trillion in SaaS market cap e…

    Read full briefing →