PROMIT NOW · ENGINEER DAILY · 2026-04-03

Nine Critical CVEs Hit as Opus 4.6 Auto-Finds 500 Zero-Days

· Engineer · 50 sources · 1,403 words · 7 min

Topics Agentic AI · AI Regulation · LLM Inference

Nine critical CVEs hit your production stack this week — gRPC-Go auth bypass (CVSS 8.1), Grafana RCE (CVSS 9.1), Rails Active Storage arbitrary file read/delete (CVSS 9.8), ORY Oathkeeper CVSS 10.0 auth bypass, and five AI/ML tools with CVSS 9.1–10.0 RCEs. Simultaneously, Opus 4.6 autonomously discovered 500+ high-severity zero-days in well-audited OSS using trivial one-line prompts — vulnerability discovery is now free and instantaneous for anyone with API access. Patch the infrastructure CVEs today; the AI-accelerated threat model shift demands a deeper rethink this sprint.

◆ INTELLIGENCE MAP

  1. 01

    Critical CVE Cluster: gRPC-Go, Grafana, Rails, Oathkeeper + AI Tooling Meltdown

    act now

    9+ critical CVEs dropped simultaneously across core infrastructure. gRPC-Go auth bypass via missing leading slash, Grafana chained RCE, Rails Active Storage file read/delete, ORY Oathkeeper CVSS 10.0, Tekton path traversal. AI tools are worse: Langflow 9.9, FastGPT 10.0, Spring AI 9.8, CrewAI 9.6.

    10.0
    peak CVSS score
    4
    sources
    • Oathkeeper CVSS
    • FastGPT CVSS
    • Langflow CVSS
    • Rails CVSS
    • Grafana CVSS
    1. 01Oathkeeper10
    2. 02FastGPT10
    3. 03Langflow9.9
    4. 04Rails Active Storage9.8
    5. 05Spring AI9.8
    6. 06Grafana RCE9.1
  2. 02

    AI as Both Weapon and Target: 86% Injection Success, 500+ Zero-Days Found, Slopsquatting Arrives

    act now

    Three converging threats: DeepMind proved 86% prompt injection success via hidden HTML/CSS on browse-capable agents. Opus 4.6 found 500+ high-severity vulns in well-audited OSS using trivial prompts. AI agents select known-vulnerable deps 50% more often than humans, with 20% hallucinated package names exploitable via 'slopsquatting.'

    86%
    prompt injection success
    8
    sources
    • Injection success
    • Vulns found by AI
    • Vuln dep selection
    • Hallucinated pkgs
    1. Prompt injection success86
    2. Memory poisoning success80
    3. AI vuln dep selection vs human50
    4. Hallucinated pkg names20
  3. 03

    GitHub Actions Security Roadmap: L7 Egress Firewall, Dep Locking, Scoped Secrets in 3–6 Months

    monitor

    GitHub's 2026 Actions security roadmap ships go.mod-style dependency locking, a native L7 egress firewall outside the runner VM, scoped secrets, and near-real-time telemetry streaming — directly addressing the CI/CD attack patterns from TeamPCP and Axios. Synthesia's 3-agent consensus voting for vuln triage reduces manual review to 11%.

    11%
    manual review needed
    4
    sources
    • Checkmarx tags hit
    • Manual review rate
    • Ship timeline
    • CVE growth YoY
    1. Q2 2026Actions Data Stream (telemetry to S3/Event Hub)
    2. Q3 2026Dependency locking (SHA pinning for Actions)
    3. Q3-Q4 2026L7 egress firewall (outside runner VM)
    4. Q4 2026Scoped secrets + trusted publishing expansion
  4. 04

    Open-Weight Models Hit Frontier Parity — Agent Inference Economics Shift

    monitor

    Arcee Trinity (400B/13B active, Apache 2.0) ranks #2 on PinchBench behind Opus 4.6. Holo3 (3B active) hits 78.85% OSWorld beating GPT-5.4. But production agent economics are brutal: $72K/yr per 24/7 API instance, and multi-model routing measurably degrades output vs. single frontier. Alibaba pivoted Qwen to closed-source.

    $72K
    agent cost per year
    7
    sources
    • 24/7 agent API cost
    • Holo3 OSWorld score
    • Trinity active params
    • Self-host cost reduction
    1. Frontier API (Opus/GPT-5.4)72000
    2. Self-hosted open-weight14400
  5. 05

    Ransomware Timeline Compression: Sub-4-Hour Encryption + Wiper DR Gap

    background

    Akira ransomware now achieves initial access to full encryption in under 4 hours, breaking any SOC with triage latency measured in hours. Stryker's 3-week wiper recovery proves most DR architectures only plan for ransomware, not destructive attacks. Operation Storming Tide shows Fortinet dormancy-then-strike pattern.

    <4hrs
    access to encryption
    3
    sources
    • Akira time-to-encrypt
    • Stryker recovery
    • Akira ransom payments
    • Conti→Akira migration
    1. Traditional dwell time16
    2. Akira 20260.17

◆ DEEP DIVES

  1. 01

    9 Critical CVEs Across Your Production Stack — Plus the AI Tooling Security Meltdown

    <h3>The Critical Stack</h3><p>This week's vulnerability disclosures hit an unusual concentration of <strong>production-critical infrastructure</strong> simultaneously. These aren't theoretical — they're in services you're almost certainly running. Here's what to prioritize:</p><table><thead><tr><th>CVE</th><th>Target</th><th>CVSS</th><th>Impact</th></tr></thead><tbody><tr><td>CVE-2026-33494</td><td><strong>ORY Oathkeeper</strong></td><td>10.0</td><td>Auth bypass via path traversal — your zero-trust proxy has zero access control</td></tr><tr><td>CVE-2026-33195/33202</td><td><strong>Rails Active Storage</strong></td><td>9.8/9.1</td><td>Arbitrary file read AND delete via Dir.glob — upgrade to 8.1.2.1, 8.0.4.1, or 7.2.3.1+</td></tr><tr><td>CVE-2026-27876</td><td><strong>Grafana</strong></td><td>9.1</td><td>Chained RCE via SQL expressions + Enterprise plugin — dashboard edit = code execution</td></tr><tr><td>CVE-2026-33186</td><td><strong>gRPC-Go</strong></td><td>8.1</td><td>Auth bypass via missing leading slash in :path pseudo-header</td></tr><tr><td>CVE-2026-33211</td><td><strong>Tekton Pipelines</strong></td><td>9.6</td><td>Path traversal escaping task workspaces</td></tr><tr><td>CVE-2026-4946</td><td><strong>Ghidra</strong></td><td>High</td><td>RCE via crafted binaries — patch to 12.0.3</td></tr></tbody></table><hr><h3>The AI Tooling Crisis Is Worse</h3><p>A single SANS newsletter lists <strong>critical RCEs in five AI/ML platforms</strong>, all with CVSS scores above 9.0. This isn't a coincidence — it's the consequence of AI tools being deployed faster than they're hardened:</p><ul><li><strong>FastGPT</strong> — CVSS 10.0 unauthenticated HTTP proxy. Anyone on the network owns it.</li><li><strong>Langflow</strong> — CVSS 9.9 RCE that <em>bypasses a previous RCE fix</em> (CVE-2026-33309). Do not deploy near production systems.</li><li><strong>Spring AI</strong> — CVSS 9.8 SpEL injection in SimpleVectorStore.</li><li><strong>CrewAI</strong> — CVSS 9.6 RCE. The CodeInterpreter <em>silently</em> falls back from Docker to unsandboxed execution when Docker isn't available.</li><li><strong>LoLLMs</strong> — CVSS 9.1 SSRF via proxy endpoint.</li></ul><blockquote>The CrewAI vulnerability is the most insidious: your security degrades silently in environments where Docker isn't accessible (some CI runners, restricted production). You think you have a sandbox. You don't.</blockquote><p>The <strong>Nginx UI MCP endpoint exposure</strong> (CVE-2026-33032, CVSS 9.8) is a harbinger: unauthenticated access to the <code>/mcp_message</code> endpoint enables complete nginx service takeover. As MCP adoption grows, expect more tools to expose unprotected MCP interfaces.</p><h3>The gRPC-Go Auth Bypass Deserves Special Attention</h3><p>This one is subtle and easy to miss. If your gRPC services do <strong>path-based authorization</strong> in middleware interceptors, an attacker omitting the leading slash from the <code>:path</code> pseudo-header bypasses your policy evaluation entirely. The fix isn't just patching the library — add explicit path normalization (prepend leading slash) <em>before</em> your authorization check, as defense-in-depth. Most mature gRPC deployments do path-based authz, so the blast radius is wide.</p>

    Action items

    • Patch ORY Oathkeeper to 26.2.0 today — if upgrade is blocked, add a compensating auth layer upstream immediately
    • Upgrade Rails to 8.1.2.1, 8.0.4.1, or 7.2.3.1+ today if using Active Storage for file handling
    • Patch Grafana to latest and restrict dashboard editing permissions to minimum required users by end of week
    • Conduct a network exposure audit of all AI/ML tool deployments (Langflow, FastGPT, Spring AI, CrewAI) by end of sprint — ensure network-isolated with no unauthenticated endpoints
    • Patch gRPC-Go services and add path normalization (prepend leading slash) before authorization interceptor evaluation
    • Upgrade Ghidra to 12.0.3 across all analysis workstations and retroactively audit any Mach-O binary analysis from pre-patch versions

    Sources:SANS AtRisk · TLDR InfoSec · Clint Gibler tl;dr sec · TLDR IT

  2. 02

    AI Vulnerability Discovery Is Now Free — And Your Agents Are Simultaneously Under Attack

    <h3>The Offensive Side: Zero-Days for Everyone</h3><p>Anthropic's Opus 4.6, running via Claude Code, <strong>autonomously discovered 500+ high-severity vulnerabilities</strong> in well-tested open-source code — including decade-old bugs in the Linux kernel — using trivially simple prompts. Nicholas Carlini demonstrated this live: pointing it at Ghost (a 13-year-old publishing platform with <em>zero prior critical CVEs</em>) produced a blind SQL injection and a working credential-extraction script within hours.</p><blockquote>The hard part of exploitation is finding the bug and understanding the code path. Once you have a confirmed blind SQLi with the exact injection point identified, writing the extraction script is a few hours of work for any developer — no AI needed.</blockquote><p>Consumer guardrails block full exploit weaponization but <strong>not</strong> vulnerability identification. That boundary is architecturally fragile — discovery is the expensive part, and it's now free. James Wilson at Risky Business independently confirmed: consumer Claude found the same Ghost SQLi. Separately, exploitable RCE zero-days were found in <strong>vim and emacs</strong> with prompts like <em>'Somebody told me there is an RCE 0-day when you open a file. Find it.'</em> Even rumor-quality hints dramatically narrow AI's search space.</p><h3>The Defensive Gap: Your Agents Are Being Attacked</h3><p>DeepMind's 'AI Agent Traps' paper quantifies the other side. <strong>Hidden prompt injection via HTML/CSS succeeds 86% of the time</strong> against browse-capable agents. This isn't visible injected text — it's CSS-hidden instructions the model processes but humans never see. Worse: <strong>latent memory poisoning achieves 80%+ attack success with less than 0.1% contamination</strong> of the agent's memory store.</p><p>These two findings create a vicious loop: AI discovers your vulnerabilities faster than you can patch them, <em>and</em> your AI agents can be weaponized against you through the untrusted content they process.</p><hr><h3>The Slopsquatting Dimension</h3><p>A study of <strong>117,000+ dependency changes</strong> found AI coding agents select known-vulnerable versions 50% more often than humans, and 20% of AI-recommended packages are hallucinated names. But here's what makes this exploitable at scale: <strong>43% of hallucinated names are consistent across queries</strong>. A researcher registered a dummy package based on a common LLM hallucination and got 30,000 downloads in weeks, largely from automated AI workflows. This attack — '<strong>slopsquatting</strong>' — is trivially scalable. Enumerate hallucinated names across models, register them with malicious payloads, and harvest credentials from every team using AI agents without dependency governance.</p><h3>Willison's Lethal Trifecta Model</h3><p>Simon Willison's threat model is the simplest framework for evaluating agent risk: any agent that simultaneously (1) <strong>accesses private data</strong>, (2) <strong>processes untrusted content</strong>, and (3) <strong>can communicate externally</strong> is a prompt injection attack waiting to happen. Audit your current agent integrations against this trifecta — if an agent reads your database via MCP, processes PR descriptions or JIRA tickets, and can make HTTP requests, you have all three legs active.</p>

    Action items

    • Run a frontier model (Claude/Opus) against your highest-risk codebases using CTF-style prompts this sprint — treat it as a free, AI-powered security audit
    • Audit every agent that processes external content for prompt injection resistance — implement content sandboxing where raw HTML never reaches the agent's context window
    • Add a hard gate on dependency additions from AI coding agents — no AI-authored PR modifying package.json or lockfile merges without human review of new dependencies
    • Threat-model all agent integrations against Willison's lethal trifecta: identify which have simultaneous private data access, untrusted content ingestion, and external communication capability

    Sources:Risky.Biz · AINews · Aaron Holmes · a16z · Lenny's Newsletter · The Hacker News

  3. 03

    GitHub's Actions Security Roadmap Ships in 3–6 Months — Here's What to Do Until Then

    <h3>The Roadmap That Matters</h3><p>GitHub's 2026 Actions security roadmap directly addresses the CI/CD supply chain attacks that dominated the past two weeks. Four features are shipping in 3–6 months:</p><ol><li><strong>Workflow-level dependency locking</strong> — go.mod-style SHA pinning for all direct and transitive Action dependencies, with eventual immutable releases. This is the structural fix for the Checkmarx-class attack.</li><li><strong>Native Layer 7 egress firewall</strong> — operates <em>outside the runner VM</em>, with monitor and enforce modes. If a malicious build step gets code execution inside the runner, it can't disable a firewall it doesn't have access to.</li><li><strong>Scoped secrets</strong> — restricting which jobs and steps can access which secrets.</li><li><strong>Actions Data Stream</strong> — near-real-time execution telemetry piped to S3/Azure Event Hub, giving detection engineering teams the CI/CD data source they've been missing.</li></ol><blockquote>The 'outside the VM' architecture of the egress firewall is defense-in-depth done right. If you've been running self-hosted runners behind VPC NAT purely for network isolation, this might let you simplify back to GitHub-hosted runners.</blockquote><h3>Why You Can't Wait: The SHA Pinning Flaw</h3><p>Most teams pin GitHub Actions to commit SHAs thinking they're safe. They're not. An attacker can <strong>fork an Action, inject a backdoor, and submit a PR that only changes the SHA</strong> — and the PR still shows the original <code>owner/repo</code> in the workflow file. During code review, it looks legitimate. The Checkmarx incident proved this at scale: <strong>all 91 published tags</strong> were rewritten to malicious commits in a 7-minute window (19:09–19:16 UTC). The real blast radius wasn't revealed by the vendor — an independent researcher found it by analyzing GitHub activity logs.</p><hr><h3>Synthesia's 3-Agent Consensus Pattern: The Reference Implementation</h3><p>While GitHub builds platform-level fixes, Synthesia has built the most production-credible <strong>AI-assisted AppSec pipeline</strong> documented to date. The architecture is layered for cost efficiency:</p><ol><li><strong>Severity-based filtering</strong> (cheap) — drop noise early</li><li><strong>Semgrep Assistant</strong> for false positive detection (medium cost)</li><li><strong>EPSS + reachability analysis</strong> for SCA findings (still cheap)</li><li><strong>Three independent coding agents</strong> doing consensus voting for validation (expensive, but only on filtered set)</li></ol><p>The consensus voting pattern is <strong>Byzantine fault tolerance for LLM judgment</strong> — three independent agents must agree before the system generates a fix PR. Result: <strong>89% of findings handled without human intervention</strong>, only 11% need manual review. But note the underemphasized prerequisite: they achieved a <strong>60% backlog reduction just by archiving stale repos</strong> before layering AI on top. Organizational hygiene first.</p><h3>Trusted Publishing Expansion</h3><p>GitHub's trusted publishing expansion with OpenSSF will cover <strong>npm, PyPI, NuGet, RubyGems, and Crates</strong> — eliminating long-lived credentials for package publishing entirely. Migrate your open-source publishing to OIDC-based trusted publishing now for any supported ecosystem. Given the attack patterns of the past two weeks, this is the highest-ROI supply chain hardening step available.</p>

    Action items

    • Verify every SHA-pinned GitHub Actions reference resolves to the expected owner/repo this sprint — use `gh api repos/{owner}/{repo}/git/commits/{sha}` to validate provenance against canonical repositories
    • Set a calendar reminder for Q3 2026 to evaluate GitHub's dependency locking and egress firewall as they ship — in the interim, consider self-hosted runner network policies as a compensating control
    • Prototype Synthesia's 3-agent consensus pattern for your SAST/SCA triage: route Semgrep findings through 3 independent LLM agents and compare agreement rates against manual review outcomes
    • Migrate package publishing to OIDC-based trusted publishing for npm and PyPI immediately

    Sources:Clint Gibler tl;dr sec · SANS AtRisk · a16z · TLDR Dev

◆ QUICK HITS

  • Update: TeamPCP campaign escalation — ALL 91 Checkmarx ast-github-action tags were rewritten with malicious commits in a 7-minute window, not just one version as initially reported. Blockchain-based C2 infrastructure means conventional takedown is impossible.

    SANS AtRisk

  • Holo3-35B-A3B (Apache 2.0, 3B active params via sparse MoE) posts 78.85% on OSWorld-Verified, beating both GPT-5.4 and Opus 4.6 on GUI automation at 1/10th inference cost — self-hostable on modest GPU hardware.

    Simplifying AI

  • Production agent costs validated at $100–$200/day ($72K/yr) per 24/7 API instance; multi-model routing saves tokens but measurably degrades output quality vs. single frontier model — benchmark composite workflow output, not per-task accuracy.

    Executive Offense

  • Alibaba pivoted Qwen from open-source to closed-source: Qwen3.6-Plus (78.8 SWE-bench) and Qwen3.5-Omni are both proprietary. If your inference stack includes Qwen fine-tunes, start scoping migration to Llama, Mistral, or DeepSeek.

    Techpresso / The Information AM

  • MCP crosses enterprise adoption chasm: Oracle NetSuite exposing MCP to 43K customers with 100+ financial prompt templates, Slack shipping native MCP client alongside 30+ AI features.

    TLDR IT / Mindstream

  • Faire's sparse neural retrieval achieves 30%+ long-tail improvement and 4.27% search order value lift while staying fully Elasticsearch-compatible — no infrastructure migration. Key: asymmetric sparsity penalty and domain-pretrained BERT.

    TLDR Data

  • Karpathy's autoresearch (600 lines Python) let Shopify's CEO shrink a 1.6B model to 0.8B while gaining 19% on benchmarks after 37 automated experiments — evaluate for any production model you haven't exhaustively optimized.

    Exponential View

  • Spec-driven development emerging as the pattern for AI agent drift: write machine-readable architectural constraints (ArchUnit/fitness function tests, custom lint rules, JSON schemas) that run in CI and block structural violations before merge.

    TLDR

  • Update: OpenTitan with SLH-DSA post-quantum secure boot now shipping in commercial Chromebooks — PQ crypto has crossed the production Rubicon. ML-DSA and ML-KEM datacenter parts in development.

    TLDR InfoSec

  • Operation Storming Tide: FortiGate exploitation via CVE-2024-55591/CVE-2025-24472, persistence via rogue 'forticloud-sync' VPN tunnels, months of dormancy before Matanbuchus→SystemBC delivery chain. Hunt for IOCs: forticloud-sync accounts, jli.dll side-loading under java.exe.

    TLDR InfoSec

  • Akira ransomware now hits sub-4-hour access-to-encryption ($245M in ransom payments through Sep 2025). If your mean-time-to-contain exceeds 60 minutes, you need automated isolation, not faster pagers.

    CyberScoop

  • GitKraken analysis of 211M lines of code: AI accelerates velocity but increases code duplication and widens quality gaps between teams — add duplication tracking (jscpd, PMD CPD) to CI before it compounds.

    TLDR

  • Cisco DefenseClaw ships scan-before-run governance for agentic AI with CodeGuard static analysis + NVIDIA OpenShell sandboxing (namespaces, Landlock, seccomp-BPF) — the pre-admission scanning → static gate → runtime proxy → audit trail pattern is becoming the reference architecture.

    TLDR InfoSec

  • MCP-linked LLM autonomously mapped Active Directory and achieved Domain Admin in minutes — fix the underlying AD hygiene (credential tiering, tier-0 cleanup, honeytokens) before an autonomous agent finds what your red team hasn't.

    The Hacker News

BOTTOM LINE

Your production infrastructure has nine critical CVEs to patch this week (gRPC-Go auth bypass, Grafana RCE, Rails Active Storage file read/delete, ORY Oathkeeper CVSS 10.0, and five AI/ML tools with CVSS 9.1–10.0), while Opus 4.6 simultaneously proved that any codebase can now be scanned for zero-days with a one-line prompt at API cost — meaning both the offense and the defense just accelerated, and your current patch cadence is structurally behind. GitHub's Actions security roadmap (L7 egress firewall, dependency locking, scoped secrets) ships in 3–6 months and directly addresses this week's supply chain attacks, but until then, verify your SHA-pinned Actions against canonical repos, add hard gates on AI-authored dependency changes, and treat every AI tool deployment as an untrusted workload.

Frequently asked

Which CVE should I patch first if I can only do one today?
Patch ORY Oathkeeper to 26.2.0 first — CVE-2026-33494 is CVSS 10.0 and completely bypasses your identity/access proxy via path traversal, meaning every request through it is effectively unauthenticated. If you can't upgrade immediately, insert a compensating auth layer upstream of Oathkeeper before doing anything else.
Why is SHA pinning GitHub Actions not actually safe?
An attacker can fork an Action, inject a backdoor, and submit a PR that only changes the SHA while the workflow file still displays the original owner/repo string — so reviewers see a legitimate-looking reference. The Checkmarx incident rewrote all 91 published tags to malicious commits in a 7-minute window. Validate SHAs with `gh api repos/{owner}/{repo}/git/commits/{sha}` against the canonical repo until GitHub's dependency locking ships.
What makes the CrewAI RCE (CVE, CVSS 9.6) especially dangerous?
CrewAI's CodeInterpreter silently falls back from Docker to unsandboxed host execution when Docker isn't available — so environments like restricted CI runners or hardened production hosts appear to have a sandbox but don't. You get no error, no warning, just full code execution on the host. Audit every CrewAI deployment for Docker availability and fail closed if it's missing.
How do I apply Willison's lethal trifecta to my existing agents?
Enumerate every agent integration and check whether it simultaneously (1) accesses private data, (2) ingests untrusted content, and (3) can communicate externally — any agent with all three is a prompt injection waiting to happen. A typical failure case is an agent that reads your database via MCP, processes PR descriptions or JIRA tickets, and can make HTTP requests. Break at least one leg by removing egress, gating tool calls, or sandboxing untrusted input before it reaches the context window.
What's the gRPC-Go auth bypass fix beyond upgrading the library?
Add explicit path normalization that prepends a leading slash to the `:path` pseudo-header before your authorization interceptor evaluates policy. CVE-2026-33186 lets attackers omit the leading slash to bypass path-based authz entirely, and any mature gRPC deployment doing middleware-based authorization is affected. Treat normalization as defense-in-depth — don't rely on the library patch alone.

◆ ALSO READ THIS DAY AS

  1. 19 shared

    Your CI/CD pipeline has three independent CVSS 9.8–10.0 RCE vectors this week — GitHub Actions workflows weaponized via fork-PR execution (Jellyfin, Python Black, Xygeni), Simple-Git has a full RCE bypass affecting npm's most popular Git library, and JWT/JWKS validation is systemically broken across Unity Catalog, Authlib, and Centrifugo simultaneously.

    Your CI/CD pipeline is under active, systematic attack from three directions this week — 80+ critical CVEs including 3 independent GitHub Ac…

  2. 18 shared

    Five CVSS 9.8+ vulnerabilities hit your core infrastructure stack simultaneously — Kubernetes PersistentVolume path manipulation enables container escape (9.9), Rollup's path traversal gives RCE across every Vite project (check `npm ls rollup` now), Vitess backup restore grants production access (9.9), OpenSSL 3.0–3.6 has a buffer overflow, and Caddy's case-sensitivity bug bypasses your path-based auth rules.

    Five CVSS 9.8+ vulnerabilities hit Kubernetes, Rollup (every Vite project), Vitess, OpenSSL, and Caddy simultaneously while CyberStrikeAI we…

  3. 16 shared

    GitHub Copilot is in active retreat — pausing all new signups, moving to token-based billing after weekly operating costs doubled since January 2026, and gating Opus models behind the $39/month tier.

    GitHub Copilot just proved that flat-rate AI coding tool pricing is dead — costs doubled, signups are frozen, and every provider will follow…

◆ RECENT IN ENGINEER