BestHub
Sign in
Tagged articles
28 articles
Page 1 of 1
IT Services Circle
IT Services Circle
Apr 28, 2026 · Artificial Intelligence

How an AI Agent Deleted a Company’s Database in 9 Seconds – The Aftermath and Lessons

In April 2026 an AI coding assistant (Cursor powered by Claude Opus 4.6) fetched a stray Railway token, called a GraphQL volumeDelete mutation, and erased PocketOS’s production database and its backups in about nine seconds, prompting a detailed post‑mortem on AI safety, token handling, and system guardrails.

AI agentsCursorOperations
0 likes · 9 min read
How an AI Agent Deleted a Company’s Database in 9 Seconds – The Aftermath and Lessons
Big Data and Microservices
Big Data and Microservices
Apr 16, 2026 · Artificial Intelligence

Why Perfect Prompts Crash After Days: Uncovering the Limits of Context Engineering

An AI‑driven customer‑service bot that answered perfectly for two days suddenly started hallucinating because single‑turn prompt engineering ignored the continuous, stateful nature of real‑world conversations, revealing the hidden token, memory, and retrieval challenges that demand a new context‑engineering approach.

Context EngineeringConversation StateLLM
0 likes · 14 min read
Why Perfect Prompts Crash After Days: Uncovering the Limits of Context Engineering
dbaplus Community
dbaplus Community
Apr 8, 2026 · Information Security

Why Storing JWT Tokens in Redis Isn’t a Flaw – When and How to Do It

The article analyzes the debate over placing JWT tokens in Redis, compares traditional session and JWT approaches, discusses security and performance trade‑offs, shows practical blacklist code, and explains when a centralized store is justified versus when true stateless JWTs are preferable.

AuthenticationJWTSecurity
0 likes · 13 min read
Why Storing JWT Tokens in Redis Isn’t a Flaw – When and How to Do It
Yunqi AI+
Yunqi AI+
Mar 23, 2026 · Information Security

Beyond the Hype: How to Safely and Effectively Use OpenClaw AI Agent

The article examines OpenClaw’s rapid rise, outlines concrete security risks such as prompt injection and skill‑market poisoning, and provides a step‑by‑step framework for defining use cases, isolating environments, limiting permissions, and maintaining cost‑effective, long‑term operation.

AI AgentOpenClawSecurity
0 likes · 13 min read
Beyond the Hype: How to Safely and Effectively Use OpenClaw AI Agent
DevOps Coach
DevOps Coach
Mar 18, 2026 · Artificial Intelligence

Cut Your AI Subscription Costs by 70% with Smarter Prompt Strategies

The article reveals why AI expenses skyrocket, breaks down a typical $127 monthly bill, and presents four practical techniques—focused prompting, limiting documentation output, off‑loading concept learning to free tiers, and a tiered usage strategy—that together slash token usage and reduce costs to around $30 while improving delivery quality.

AI cost optimizationPrompt engineeringproductivity
0 likes · 7 min read
Cut Your AI Subscription Costs by 70% with Smarter Prompt Strategies
High Availability Architecture
High Availability Architecture
Feb 6, 2026 · Information Security

How to Securely Run an OpenClaw AI Agent on a Dedicated Machine

This guide details a step‑by‑step, security‑first approach for safely experimenting with OpenClaw using a dedicated host, Tailscale private network, command whitelisting, read‑only tokens, and one‑way data flow, complete with configuration commands and emergency procedures.

AI Agent SecurityOpenClawTailscale
0 likes · 12 min read
How to Securely Run an OpenClaw AI Agent on a Dedicated Machine
Ops Development & AI Practice
Ops Development & AI Practice
Jan 15, 2026 · Artificial Intelligence

Why Rapid Experimentation Beats Token‑Saving in LLM Development

The article explains how AI development with large language models differs from traditional software engineering, why developers feel abstract and uncertain, and offers actionable strategies—such as micro‑prototyping, tiered model usage, simple evaluation sheets, and embracing throwaway code—to accelerate learning despite token costs.

LLMRapid Prototypingtoken management
0 likes · 7 min read
Why Rapid Experimentation Beats Token‑Saving in LLM Development
AI Tech Publishing
AI Tech Publishing
Nov 23, 2025 · Artificial Intelligence

How Agents Leverage File Systems for Context Engineering

The article examines why file system access is crucial for autonomous agents, outlining common context‑engineering failures such as missing, excessive, or irrelevant information, and demonstrates how using file‑system tools like ls, grep, and write‑file can reduce token waste, enable dynamic storage, improve targeted search, and support continual learning.

Autonomous AgentsContext EngineeringLLM
0 likes · 11 min read
How Agents Leverage File Systems for Context Engineering
21CTO
21CTO
Sep 24, 2025 · Information Security

How GitHub’s New npm Security Measures Aim to Stop Supply‑Chain Worms

GitHub is tightening npm security by removing infected packages, enforcing two‑factor authentication for publishing, shortening token lifespans, and expanding trusted publishing to curb the Shai‑Hulud worm and protect the open‑source supply chain.

GitHubSoftware SecurityTwo-Factor Authentication
0 likes · 3 min read
How GitHub’s New npm Security Measures Aim to Stop Supply‑Chain Worms
Architect's Guide
Architect's Guide
Sep 7, 2025 · Backend Development

User Login & Token Management: Flow, Rate Limiting, and Security

This article explains the complete user login process, from mobile verification and automatic registration to token generation, validation, expiration policies, logout handling, anonymous access strategies, rate‑limiting via authorized tokens, path‑regex checks, and blacklist management, illustrated with diagrams and Java‑Spring code examples.

API SecurityUser Authenticationrate limiting
0 likes · 10 min read
User Login & Token Management: Flow, Rate Limiting, and Security
Architecture and Beyond
Architecture and Beyond
Sep 6, 2025 · Artificial Intelligence

How AI Agents Manage Context: Compression Strategies from Manus, Claude Code, and Gemini CLI

This article examines the context explosion problem in AI agents and compares three distinct compression approaches—Manus's never‑lose philosophy, Claude Code's aggressive 92% threshold with eight‑section summaries, and Gemini CLI's balanced 70% trigger with curated history—highlighting their trade‑offs in performance, cost, and reliability.

AIAgent DesignLLM
0 likes · 19 min read
How AI Agents Manage Context: Compression Strategies from Manus, Claude Code, and Gemini CLI
Architect
Architect
Jan 17, 2024 · Backend Development

How to Build a Custom Spring Security Authentication Flow with Redis Token Management

This article walks through the complete process of implementing a custom login authentication in Spring Boot, including custom authentication filters, success/failure handlers, a token stored in Redis, role‑based URL security, and detailed configuration of Spring Security headers and session handling.

Custom AuthenticationJavaSpring Boot
0 likes · 24 min read
How to Build a Custom Spring Security Authentication Flow with Redis Token Management
JD Retail Technology
JD Retail Technology
Dec 13, 2023 · Artificial Intelligence

Integrating ChatGPT with the Columbus Instant Design Platform: Capabilities, Demonstrations, and Implementation Principles

This article explains how ChatGPT is integrated into the Columbus Instant Design low‑code platform, detailing the platform’s core capabilities, AI‑driven workflow for creating and modifying UI floors, implementation architecture, token management, and future development plans.

AI integrationChatGPTDSL
0 likes · 7 min read
Integrating ChatGPT with the Columbus Instant Design Platform: Capabilities, Demonstrations, and Implementation Principles
Selected Java Interview Questions
Selected Java Interview Questions
Nov 23, 2023 · Backend Development

Common Issues and Solutions When Integrating Third‑Party APIs

This article outlines typical problems such as unreachable domains, signature errors, token expiration, timeouts, HTTP 500/404 responses, pagination inconsistencies, undocumented field changes, and billing issues, and provides practical troubleshooting and mitigation strategies for backend developers working with third‑party APIs.

Error Handlingapi-integrationretry mechanism
0 likes · 15 min read
Common Issues and Solutions When Integrating Third‑Party APIs
Sanyou's Java Diary
Sanyou's Java Diary
May 15, 2023 · Information Security

Master OAuth2: From Theory to Hands‑On Implementation with Spring Security

This article explains OAuth2 fundamentals, key terminology, and authorization flows, then guides you through setting up database tables, Spring Boot dependencies, resource and authorization server configurations, multiple grant types, token refresh, permission checks, and common pitfalls, providing complete code snippets and diagrams for a practical implementation.

AuthenticationAuthorization Code FlowBackend Development
0 likes · 17 min read
Master OAuth2: From Theory to Hands‑On Implementation with Spring Security
IT Services Circle
IT Services Circle
May 9, 2023 · Backend Development

Common Issues and Solutions When Integrating Third-Party APIs

This article outlines typical problems such as domain inaccessibility, signature errors, token expiration, timeouts, HTTP 500/404 responses, inconsistent documentation, and provides practical debugging and mitigation strategies for developers working with third‑party API integrations.

BackendError Handlingapi-integration
0 likes · 15 min read
Common Issues and Solutions When Integrating Third-Party APIs
Su San Talks Tech
Su San Talks Tech
Apr 16, 2023 · Backend Development

13 Common Pitfalls When Integrating Third‑Party APIs and How to Fix Them

This article outlines the most frequent problems developers encounter when calling third‑party APIs—such as unreachable domains, signature errors, token expiration, timeouts, and inconsistent documentation—and provides practical solutions and best‑practice recommendations to keep integrations reliable.

Error Handlingapi-integrationretry logic
0 likes · 15 min read
13 Common Pitfalls When Integrating Third‑Party APIs and How to Fix Them
Alipay Experience Technology
Alipay Experience Technology
Mar 21, 2023 · Artificial Intelligence

How to Make OpenAI’s API Understand Ultra‑Long Insurance Policies

This article explains how to overcome OpenAI's token limits by splitting massive insurance documents into manageable chunks, vectorizing them with embeddings, using a custom "broccoli" algorithm for intelligent segmentation, and compressing text with dictionary mapping and tokenization techniques to enable accurate question‑answering via the API.

APIDocument SplittingNLP
0 likes · 22 min read
How to Make OpenAI’s API Understand Ultra‑Long Insurance Policies
Alibaba Cloud Native
Alibaba Cloud Native
Apr 22, 2022 · Operations

How to Design and Execute Performance Tests for Mini‑Programs with PTS

This guide explains why mini‑programs need load testing, outlines three common testing scenarios, describes four test‑type designs, and provides step‑by‑step instructions for using Alibaba Cloud PTS to obtain platform tokens, configure APIs, and run stable, long‑duration pressure tests.

Load TestingMini ProgramPTS
0 likes · 9 min read
How to Design and Execute Performance Tests for Mini‑Programs with PTS
vivo Internet Technology
vivo Internet Technology
Mar 3, 2021 · Backend Development

Design and Implementation of a Hundred-Million-Level User Center System

The article outlines a microservice‑based user‑center architecture for handling over one hundred million users, detailing gateway, core, and async services, interface design, vertical and horizontal database sharding, token graceful degradation, multi‑layer password security, event‑driven async processing, and comprehensive monitoring for high availability, performance, and security.

Backend ArchitectureMicroservicesSystem Design
0 likes · 14 min read
Design and Implementation of a Hundred-Million-Level User Center System
Tencent Cloud Developer
Tencent Cloud Developer
Feb 20, 2019 · Cloud Computing

WePY and Cloud Development: Practical Guide and Best Practices

The guide explains how to combine WePY’s Vue‑style component model with Tencent Cloud Development—showing project initialization, cloud‑function setup, common pitfalls, and a token‑caching example—so developers can build and launch a full mini‑program in roughly 24 hours while competing for best‑practice prizes.

JavaScriptMini ProgramTencent Cloud
0 likes · 9 min read
WePY and Cloud Development: Practical Guide and Best Practices
Hujiang Technology
Hujiang Technology
Aug 30, 2017 · Information Security

Design Principles and Security Considerations for User Account Systems

This article shares practical insights on building robust user account systems, covering the shift from usernames to phone numbers as unique identifiers, the drawbacks of passwords, the limited value of periodic password changes, the pitfalls of security questions, and best practices for token management, SMS/voice verification, captcha usage, and multi‑layered future security strategies.

AuthenticationPasswordlessSMS Verification
0 likes · 14 min read
Design Principles and Security Considerations for User Account Systems