- The AI security learning path on TryHackMe now includes hands-on ransomware and forensics scenarios targeting AI systems directly.
- AI security learning is becoming a practical skill for developers, not just dedicated security professionals chasing certifications.
- SwiftUI’s streak algorithm section reveals surprisingly elegant date-handling logic using compactMap, Calendar, and LazyVStack.
- React Router v7’s Framework Mode closely mirrors Remix, giving developers with Remix experience a real head start.
- The AI security learning path on TryHackMe now includes hands-on ransomware and forensics scenarios targeting AI systems directly.
- AI security learning is becoming a practical skill for developers, not just dedicated security professionals chasing certifications.
- SwiftUI’s streak algorithm section reveals surprisingly elegant date-handling logic using compactMap, Calendar, and LazyVStack.
- React Router v7’s Framework Mode closely mirrors Remix, giving developers with Remix experience a real head start.
AI Security Learning Is No Longer Someone Else’s Problem
AI security learning has quietly moved from niche specialisation to something every developer probably should care about — and one developer’s weekly log from early 2026 makes that point better than most white papers. Working through TryHackMe’s AI Security Learning Path, they completed the ContAInment room this week: a scenario built around a company that suffered a data breach, had critical files encrypted, and faced blackmail. Standard ransomware playbook, except the twist is that the attacker specifically targeted an AI environment.
That shift matters. For years, cybersecurity training treated AI systems as tools for defenders — anomaly detection, log analysis, threat intelligence. The ContAInment room flips the script. Here, the AI system is the victim. Attackers compromised it, weaponised it, and used it to obscure their tracks. If that sounds abstract, it isn’t. As organisations pour infrastructure into AI pipelines — training environments, inference endpoints, model registries — those assets become high-value targets. Encrypting a company’s fine-tuned model and demanding ransom is not science fiction in 2026. AI security learning is one of the few disciplines that addresses this emerging threat directly.
What makes TryHackMe’s approach interesting is the tooling inside the room itself. Rather than dropping players into a raw terminal with minimal guidance, the ContAInment scenario provides a dedicated AI assistant embedded within the victim environment. You use it to interrogate logs, decode flag candidates, and cross-reference clues. It’s a neat piece of instructional design — it normalises AI-assisted forensics as a workflow rather than treating it as a cheat code. The developer noted that working through the investigation required careful, step-by-step thinking: spotting anomalies in attacker notes, extracting and analysing encrypted files, and tracing activity across logs and archives.
This is classic Digital Forensics and Incident Response (DFIR) methodology, just applied to a context that didn’t exist five years ago. The fact that platforms like TryHackMe are building this content now — and that developers outside dedicated security roles are consuming it — says something about where the industry is heading.
What the ContAInment Room Actually Teaches
Beyond the narrative framing, the room delivered some concrete technical takeaways worth unpacking. AI security learning through hands-on incident response exercises makes the lesson stick in a way that reading a threat report simply doesn’t. The developer came away with a sharper sense of how AI systems themselves can become attack surfaces — not just conduits for attacks on other systems. That’s a meaningful distinction. An AI model trained on proprietary data carries intellectual property value; an inference endpoint exposed to the internet carries operational risk. Neither of those facts is new, but experiencing them through a simulated incident response exercise tends to make the lesson stick in a way that reading a threat report doesn’t.
The Linux operations review was an unexpected bonus. Chasing clues across compressed archives, running commands to extract and decode data, navigating a compromised file system — it’s the kind of hands-on repetition that firms up muscle memory. For developers who live primarily in high-level languages and cloud consoles, that grounding is genuinely valuable.
SwiftUI and the Badge Algorithm: Elegant Date Logic
Away from the security track, progress continued on a SwiftUI tutorial — specifically Sections 7 and 8, which cover building a badge algorithm. On the surface, streak calculation sounds trivial. In practice, getting it right in Swift requires thinking carefully about how dates actually work.
The implementation leans on a few Swift concepts that reward attention. compactMap transforms an array of Moment objects into simple integer day offsets — something like [0, 1, 2] — while filtering out any nils cleanly. Calendar.dateComponents handles the actual arithmetic, calculating differences in calendar-based units rather than raw time intervals, which matters the moment you cross midnight or hit a daylight saving boundary. Anchoring calculations to the end of the current day rather than the current moment makes the streak logic more predictable — a subtle but important design decision.
The array reversal trick is worth flagging: by processing moments from newest to oldest, the algorithm can walk backwards through history and check whether each day offset equals the current expected streak count. Multiple entries on the same day count as one streak day, which is the correct behaviour and requires explicitly deduplicating before you start counting.
The @ViewBuilder versus Group distinction covered in these sections trips up a lot of SwiftUI newcomers. @ViewBuilder lets you build conditional or branching view structures — it’s the mechanism that makes if/else blocks inside view bodies legal Swift. Group, by contrast, just organises existing views or shares modifiers without touching layout. They look similar at a glance and serve entirely different purposes. Similarly, LazyVStack versus VStack: a regular VStack instantiates every child view immediately, which is fine for small, static lists and a performance problem for anything data-heavy and scrollable. LazyVStack defers view creation until the item is about to appear on screen, which keeps memory usage sensible in long feeds.
AI Security Learning Alongside React Router v7
On the web front, the developer kicked off a portfolio site project using React Router v7 — creating the project files and repository, and starting to work through the official documentation. One early observation stands out: React Router v7’s Framework Mode is architecturally close to Remix. That’s not a coincidence. The Remix team merged their work back into React Router, so the patterns — root.tsx, routes.ts, nested route files — will feel immediately familiar to anyone who has built with Remix before. Existing Remix knowledge isn’t wasted; it transfers almost directly. Pursuing AI security learning in parallel with new framework exploration is exactly the kind of deliberate breadth-building that this developer’s log exemplifies.
This convergence is one of the more interesting things happening in the React ecosystem right now. The line between a routing library and a full-stack framework has blurred considerably. React Router v7 in framework mode handles server-side rendering, data loading, and nested layouts in a way that would have required a separate framework layer not long ago. For a developer building a portfolio site, that’s a lot of capability without a lot of configuration overhead.
The Bigger Picture: Building Breadth on Purpose
What’s striking about this particular weekly log isn’t any single technology — it’s the intentional breadth. SwiftUI for native iOS development, React Router v7 for web, TryHackMe for security fundamentals. That combination isn’t accidental. It reflects a calculation that’s becoming more common among developers who came up through web development: iOS skills remain well-compensated and relatively uncrowded compared to the web space, security knowledge is increasingly expected even in non-security roles, and having a polished portfolio site matters more than ever when AI tooling is compressing the perceived barrier to entry for junior development work.
The AI security learning thread is probably the most forward-looking piece of the stack. As AI systems proliferate across enterprise infrastructure, the attack surface expands in ways that organisations are still mapping. Developers who invest in AI security learning — understanding how AI environments can be compromised, not just how to build with AI — are going to be genuinely useful in ways that a typical full-stack profile isn’t. TryHackMe’s ContAInment room is a small data point, but it’s pointing at something real.
Source: https://dev.to/umitomo-lab/weekly-dev-log-2026-w06-52do
