PyPI's litellm 1.82.8 contains a malicious file exfiltrating system secrets and credentials upon activation, posing a critical supply chain security threat.
// curated from Hacker News with AI
PyPI's litellm 1.82.8 contains a malicious file exfiltrating system secrets and credentials upon activation, posing a critical supply chain security threat.
Many are tired of AI talk, focusing too much on tools rather than meaningful projects and real value creation.
GPT-5.4 Pro has solved a frontier math open problem related to hypergraph partitions, advancing bounds and providing algorithms for improved constructions.
AI boosts updates mainly in popular AI packages, but overall software creation remains unchanged; no widespread productivity surge.
Arm announces AGI CPU designed for scalable, efficient agentic AI workloads, powering next-gen data centers with strong industry momentum.
Gemini now natively embeds videos for sub-second semantic dashcam footage search using vector similarity, enabling fast clip retrieval.
AI is dismantling the wealth-advantage bridge, threatening intergenerational mobility and heightening inequality over the next decade.
Hypura optimizes LLM inference on Apple Silicon by smartly integrating GPU, RAM, and SSD tiers, enabling large models to run without crashing.
The AI industry massively overstates data center growth and GPU sales; most projects are delayed or never built, revealing a costly bubble.
ProofShot gives AI coding agents eyes by recording UI verification videos, screenshots, and error reports for review.
Repeating key transformer layers, especially mid-stack ones, improves model reasoning with minimal overhead—its circuits are universal.
ARM launches AGI CPU for AI datacenters with up to 136 cores, high density, and scalable server configurations.
AI-assisted PR created; author feels like a fraud but contributed valuable syntax highlighting; ethics and identity concerns persist.
AI models debate whether to walk or drive to a 50m car wash, showcasing AI collaboration and reasoning.
OpenAI is shutting down its video platform Sora amid industry concerns, shifting focus ahead of an IPO and reallocation of resources.
Cloudflare's Dynamic Workers enable 100x faster, scalable, secure sandboxing for AI agents via lightweight JavaScript isolates, supporting custom APIs and automations.
Web Bot Auth enables AI agents to cryptographically prove their identity, improving trust and traffic validation for websites.
Qure automates manual web QA flows into reliable, code-free end-to-end tests, speeding up testing and reducing maintenance with AI.
Claude's GitHub activity exceeds 19M commits, showcasing rapid adoption, growth, activity clustering, and new repository contributions.
Claude-Code's auto mode automates permission decisions, reducing risk while allowing longer tasks; available now as a research preview.
Humans wrongly anthropomorphize LLMs, mistaking statistical mimicry for genuine thought, which distorts evaluation and understanding.
TopMail offers affordable, automated email marketing with AI agency integration, real-time analytics, and scalable plans for growth.
TurboQuant compresses large language models and vector search with zero accuracy loss, vastly reducing memory and boosting speed.
Nvidia CEO Jensen Huang claims AI has achieved AGI, then somewhat retracts, citing widespread use but cautioning against overhyped claims.
Pools GPU capacity across nodes, enabling larger-scale LLM inference with automatic distribution, parallelism, and minimal cross-node traffic.
OpenAI Foundation plans $1B investment in life sciences, AI resilience, jobs, and communities to benefit humanity and address AI challenges.
Telling AI it’s an expert worsens coding performance but aids safety; a new method, PRISM, improves alignment without harm.
Blackburn’s AI bill repeals Section 230, expands liability, mandates age verification, and enforces centralized oversight, increasing censorship risks.
OpenAI plans to end support for Sora amid network activity issues; check browser settings and contact support if needed.
Open-source Rust framework packages, runs, and secures portable AI agents across environments with sandboxing and multi-surface access.
Built an AI agent architecture that keeps API keys hidden by isolating the agent in a sandbox, proxying credentials securely.
AI expands code, but software needs pruning; constraints and discipline are essential to prevent bloat and ensure quality.
Microsoft considers legal action over Amazon-OpenAI $50B cloud deal; access blocked due to potential misuse.
PwC plans to oust staff skeptical of AI, pushing a mandatory AI-first culture despite research showing limited benefits.
Open-source MolmoWeb enables visual web task automation with multimodal AI, offering training data, code, and benchmarks for research and deployment.
Pharaoh maps code architecture into a knowledge graph, enabling AI to understand dependencies, prevent errors, and improve code management.
Hates GenAI for its social costs, corporate greed, privacy loss, environmental impact, and societal division, despite acknowledging some technical ease.
Google unveils Veo 3.1 with multi-image uploads, vertical video support, and faster high-quality video generation for creative storytelling.
AI, guided by a professor, crafted a groundbreaking quantum physics paper, boosting research speed 10x but still needing expert oversight.
Adjusting weight decay impacts overfitting; experiments suggest 0.01 outperforms the default 0.1 for small models.
SysMoBench tests AI's ability to formally model complex distributed systems; current models struggle with syntax, invariants, and abstraction.
Kubernetes struggles with real-time AI inference due to latency, load, and routing challenges; Cerebrium adapted architecture for better performance.
Introducing Engram, a scalable memory module for large language models that enhances knowledge retrieval and reasoning.
Tluma offers free, unlimited Ask AI for open-source projects via simple embed, funded by paid plans, supporting open-source maintainers.