Simon Willison’s Weblog

Subscribe

Monday, 12th January 2026

Research whenwords-esoteric-langs — Showcasing the versatility of the whenwords time formatting specification, this project features parallel implementations in three esoteric programming languages: LOLCODE, Rockstar, and WebAssembly Text (WAT). Each version adapts the time formatting logic—such as "3 hours ago" and duration parsing—using the idiomatic constructs and limitations of its language, producing transpiled or compiled code for JavaScript, Python, or a compact WASM binary.
12th Jan 2026, 12 am
Tool Lobsters Latest Comments Bookmarklet — View Lobste.rs comment threads with a chronological "Latest" tab that displays all comments in a flat, newest-first layout alongside the original nested view. The bookmarklet adds reply-to links showing which comment each reply targets, and clicking timestamps in the Latest view smoothly navigates back to the threaded view with the selected comment highlighted for easy reference.
12th Jan 2026, 5:15 am

First impressions of Claude Cowork, Anthropic’s general agent

Visit First impressions of Claude Cowork, Anthropic's general agent

New from Anthropic today is Claude Cowork, a “research preview” that they describe as “Claude Code for the rest of your work”. It’s currently available only to Max subscribers ($100 or $200 per month plans) as part of the updated Claude Desktop macOS application. Update 16th January 2026: it’s now also available to $20/month Claude Pro subscribers.

[... 1,863 words]

9:46 pm / sandboxing, ai, prompt-injection, generative-ai, llms, anthropic, claude, ai-agents, claude-code, lethal-trifecta, claude-cowork

Superhuman AI Exfiltrates Emails (via) Classic prompt injection attack:

When asked to summarize the user’s recent mail, a prompt injection in an untrusted email manipulated Superhuman AI to submit content from dozens of other sensitive emails (including financial, legal, and medical information) in the user’s inbox to an attacker’s Google Form.

To Superhuman's credit they treated this as the high priority incident it is and issued a fix.

The root cause was a CSP rule that allowed markdown images to be loaded from docs.google.com - it turns out Google Forms on that domain will persist data fed to them via a GET request!

# 10:24 pm / security, ai, prompt-injection, generative-ai, llms, exfiltration-attacks, content-security-policy

Sunday, 11th January 2026
Tuesday, 13th January 2026

2026 » January

MTWTFSS
   1234
567891011
12131415161718
19202122232425
262728293031