we're agentmaxxing every layer of codeant. After kimi code 2.7 the intelligence per dollar is so high that inference is about to be as cheap as raw compute eventually. so we're just going to run them everywhere.

#93: #AIRadarDaily — @CodeAntAI For many software engineers, writing code is the easy part. The real, quiet struggle begins when that code has to be reviewed and secured. Brilliant developers spend hours manually reading through lines of code, hunting for hidden bugs, or trying to make sense of thousands of noisy security alerts that a standard scanner throws at them. It is a slow, exhausting cycle. Teams are expected to build fast, but they carry a constant, silent fear that a single overlooked mistake could break the system or expose data. It takes the joy out of creation, leaving talented builders feeling like tired proofreaders. CodeAnt AI is stepping in to bring peace of mind and quiet confidence back to software development. Founded by Amartya Jha (@amartya_jha_) and Chinmay Bharti (@chhinna00), CodeAnt AI is an intelligent platform that acts as a tireless, expert security and code-health reviewer for engineering teams. Amartya and Chinmay have built a platform that truly understands the context of the work. The AI sits naturally in the background of a developer's daily routine. It quietly reviews every piece of code before it goes live, catching deep vulnerabilities and messy logic. More importantly, when it finds an issue, it doesn't just raise an alarm — it gently suggests the exact fix. It filters out the noise so developers only see what truly matters. What makes CodeAnt AI so special is the deep respect they have for the developer's time and mental energy. It completely removes the heavy burden of manual code review and the fear of shipping broken software. By handling the tedious, anxiety-inducing parts of security, it gives engineering teams their hours and their dignity back. It replaces the constant panic of unexpected bugs with a quiet, reliable sense of safety, allowing people to focus on actually creating. The market? Growing startups and global enterprises that want to build fast without ever compromising on the health of their digital foundations. Amartya and Chinmay are true change agents. They looked at a deeply stressful part of the software world and chose to solve it with immense grace. Seeing founders build world-class infrastructure that protects the builder and the user alike is a wonderful reminder of the larger, unfinished agenda we are all part of. They are giving engineering teams their momentum back. Let's celebrate the builders. w/ @jaybharatingle & @dikshantjoshi #DevTools #ProductNation

I have SuperGrok Heavy, GPT Teams, Claude Max 20x and Gemini Enterprise Plus with Cursor Ultra and WindSurf/Devin Max and Copilot Pro Plus and Hermes Pro and Ollama Pro. I was using Code Rabbit, Sentry, CodeANT, Pronto, DataDog, etc...But have Hermes running 24/7 with Ollama and Nous Pro to do the management and observability concerns. I just went through like 25 Cyber Security Companies. I checked their subscriptions and also ran through all the major certifications globally. I fed all that into Gemini 3.1 Pro to make me a XML to give to agents as guidance in a step by step process. And I use WindSurf and Devin and DeepWiki like my personal Palantir now for $100/month lol. I Snyk and Checkmarx power for $100/month. HA

This chart is built from a query, which counts the number public GitHub projects with pull requests made by popular AI tools: Copilot, Devin, Vercel, Cursor, Netlify, CodeRabbit, Claude, Jules, Claude, CodeAnt. You can play with the query at /" from repo.name | count_uniq(repo) repos&g0.range_input=392d&g0.end_input=2026-05-27T22:00:00&g0.relative_time=none&view=json&graph_mode=stats">play-vmlogs.victoriametrics.…

Everyone is just looking at the code. That’s why everyone is getting breached. A real exploit chains across your code, your cloud, your network, and every new CVE landing on all three. You have to see them together. Every second. That’s CodeAnt. Continuous learning. Continuous attack.

Monthly Cost of AI for my org > ~100$ per engineer for cursor > 30$ per engineer for codeant > 30$ per product/business function for claude. > ??$ for fully autonomous managed agents. This is in progress.

🤖🏆 2025-2026 FIRST® LEGO® League Explore - Minik Bilim Kahramanları Buluşuyor kapsamında öğrencilerimiz; yaratıcılıkları, takım ruhları ve üretkenlikleriyle büyük gurur yaşattı. 🏆 CodeAnT “Hayallerimiz ve Fikirlerimiz Posterde” 🏆 CodeBeeS “Kaşifler Bir Arada”

🤖✨ First Lego League Explore – Minik Bilim Kahramanları Buluşuyor etkinliğinde ilkokul robotik takımlarımız önemli başarılara imza attı. 🏆 #CodeBeeS takımımız “Kaşifler Bir Arada”, #CodeAnT takımımız ise “Hayallerimiz ve Fikirlerimiz Posterde” kupasının sahibi oldu. 💙❤️

Left greptile for similar reasons - wasn’t a fan of bugbot so we’ve landed on Cubic at the moment though codeant was also decent

🚨CodeAnt AI is HIRING🚨 > Senior Software Engineer (Backend) > Security Researcher > GTM Engineer > Content Distribution & Community Growth Lead > Growth Marketing Manager > Framer Visual Designer codeant.ai/career

Ndewo, innovators of the East - this is your call to build. Learn more & apply here: idicestartupbridge.ng To support your application journey, we’ve curated a list of iDICE Startup Bridge hub partners across your region. Follow their pages for guidance, or visit any hub at no cost. Access stable internet, co-working space, and connect with fellow founders moving with intention. See all hubs & their addresses below: * Softicu Technology - 10 Ogoja Lane Off Okigwe Road, Umuahia, Umuahia North, Abia State * Innovation Growth Hub (IgHub) - 5Th Floor Unic House, 39 New Market Road Opposite Fidelity Bank By Ezenwa Street, Onitsha, Anambra State * AlphaZone Tech Hub - Office D22, Dennis Onele Plaza, Afikpo Road, Abakaliki, Ebonyi State. * Roar Nigeria hub - Opposite Faculty Of Arts Lecture Hall, University of Nigeria, Nsukka (UNN), Enugu * Sparks Ventures Hub - 77 Ogui Road, Enugu, Enugu North, Enugu, Nigeria * Codeant Technology hub - 12, Eni Njoku Street, Ikenegbu Layout, Owerri, Owerri Municipal Lga - Imo State Applications close April 20, 2026. #BuildNext #FoundersLabApplication #iDICEStartupBridge #EasternNigeria #EasternTechies

@CodeAntAI is launching Agentic Pentest. Used by some of the world’s fastest-moving companies. We spent all of Q1 building this with design partners. This week, we’re letting our customers do the talking, starting with @monikkinom, CEO of @TomaAuto(AI for the automotive industry). Now we’re opening it to everyone. Here’s the deal: - Get free pentest - Full report in 24 hours - Low & medium issues? On us - Critical issue found? Pay only then We take the risk. You get the results. 👉 codeant(.)ai / pentesting

I spent this entire week bringing all the functionality @CodeAntAI provides accessible through the CLI. Essentially, you don't have to go to CodeAnt at all now, everything can be done through the CLI or your coding agent. If you have a B2B SaaS, CLI is non-negotiable now.

Martian just released the industry's first independent code review benchmark. 12 tools evaluated on real security patches. CodeAnt AI: #1

My first post on X. Couldn’t have asked for a better start — our AI Code Review is now ranked **#1 for critical risk issues by F1 score** on the @withmartian benchmark. Proud to be leading AI code reviews at CodeAnt AI. Stronger & onwards. 🔥

📌 Authentication bypass in pac4j-jwt via public key CodeAnt AI researchers have demonstrated that the pac4j-jwt (Java) library improperly verifies JWT signatures, allowing a public key to be used as a private one. The vulnerability, tracked as CVE-2026-29000 (CVSS 10.0), allows authentication bypass and token issuance on behalf of any user, including administrators. An attacker only needs access to the public key to generate a valid token and gain full access without knowledge of the private key. This issue exists in the default pac4j-jwt configuration and requires no elevated privileges for exploitation. 📎 Article: codeant.ai/security-research… #dbugs_attacks

2 weeks ago, I was debugging something @CodeAntAI code reviewer flagged. It flagged a regex issue in the simple-git repo. 12.4 million weekly downloads. The flag: "This regex guards a case-insensitive system using case-sensitive matching." I almost scrolled past it. I didn't. One hour later I had a working remote code execution POC ready. Here's the thing, simple-git had already fixed this. Twice. CVE-2022-25912. CVE-2022-25860. Both attempted to block the dangerous `ext::` Git protocol using a regex. - The regex used [a-z]. Case-sensitive. - Git config keys are case-insensitive. So protocol.allow=always → blocked. PROTOCOL.ALLOW=always → full remote code execution. The fix that shipped? One character. Adding '/i' to the regex flag. That's the entire diff. 73% of all simple-git installs, roughly 9 million downloads per week, are still running the vulnerable versions right now. The advisory hasn't hit NVD yet. Which means every scanner in your stack is currently blind to it. Snyk. SonarQube. Checkmarx. All blind. Not because they’re bad products. Because they rely on known CVEs. If the CVE doesn’t exist yet, the pattern doesn’t exist yet. This is CVE-2026-28292. CVSS 9.8 Critical. Five days before this, we disclosed CVE-2026-29000. CVSS 10.0. Authentication bypass in pac4j-jwt. Different ecosystem. Different vulnerability class. Rule-based scanners ask: "Does this match a known bad pattern?" AI code review asks: "Does this code do what it's supposed to do?" A case-sensitive regex guarding a case-insensitive syste, isn't a known pattern. It's a logic gap. A spec vs implementation mismatch. That's exactly what CodeAnt AI catches, and exactly what everything else misses. So far we've filed: - 100 vulnerabilities - Across npm, PyPI, Maven, NuGet - 1.85B monthly downloads affected Patch ≠ Fix. Massive respect to Steve (steveukx), 4 days from report to patch. Open-source maintainers are the unsung backbone of this entire industry. If you use simple-git: npm install simple-git@latest. Do it now. Full writeup in the comments. 👇

we at codeant found a bug in pac4j-jwt (auth bypass) #netsec codeant.ai/security-research…