◆ TOPIC · DATA INFRASTRUCTURE

The Data Infrastructure thread.

Data infrastructure for AI workloads spans the pipelines, supply chains, and runtime substrates models depend on — vector retrieval at scale, package registries, and the credentials that bind them. Recent signals cluster around npm and Hugging Face supply-chain compromises, RAG recall collapse past 500K documents on benchmarks like EnterpriseRAG-Bench, agent identity primitives from AWS and Google Cloud, and active CVEs in LiteLLM and Linux stacks underneath.

145 briefings · across 6 personas

◆ TIMELINE

How Data Infrastructure moved across the corpus.

First surfaced 2026-02-17, most recent 2026-06-07, across 70 days.

2026-02-17
- Data Science The LLM inference war just split into two incompatible strategies — Anthropic's 2.5x speedup preserves full Opus 4.6 cap…
- Engineer OpenAI proved you can serve 800M users on unsharded Postgres with ~50 read replicas and defense-in-depth protection laye…
2026-02-18
- Data Science Context engineering is replacing model training as the highest-leverage capability investment.
2026-02-19
- Data Science Claude Sonnet 4.6 matches Opus-class performance at 1/5 the cost with a 1M-token context window — confirmed across multi…
2026-02-20
- Data Science Your GPU is running at 1% utilization during token generation, your RAG chunking is probably over-engineered, and your A…
- Engineer Dell RecoverPoint CVE-2026-22769 (CVSS 10.0) is being actively exploited by UNC6201 via a hardcoded Tomcat credential —…
2026-02-22
- Data Science It's a quiet day for ML-specific intelligence — only one source carried actionable technical content.
- Engineer If your team is running Kafka as a task queue with competing consumers and no replay, you're paying a distributed log's…
- Product The professional creator economy is quietly consolidating into full-stack businesses — content, community, coaching, and…
- Security Today's intelligence feed is almost entirely noise — no active CVEs, no threat actor campaigns, no breach disclosures.
2026-02-25
- Data Science The frontier model landscape fractured into task-specific dominance this week — Gemini 3.1 Pro hits 77.1% on ARC-AGI-2 (…
- Engineer LLM-powered attack toolkits are now production-grade: a leaked MCP server (ARXON) chains DeepSeek + Claude Code to autom…
- Security Ivanti EPMM zero-days have persistent backdoors that survive patching — if you run Ivanti MDM, you are in an active inci…
2026-02-26
- Data Science xAI open-sourced X's entire production recommendation system under Apache-2.0 — a Grok-based transformer predicting 15+…
2026-02-28
- Engineer Your Google API keys are now Gemini credentials — and 2,863 live keys were already found exposed in a single Common Craw…
2026-03-01
- Data Science Structured reasoning constraints are beating free-form Chain-of-Thought in production LLM agents — ARQ's JSON-schema app…
- Engineer Ivanti EPMM backdoors survive patching — if you run Ivanti for MDM, your standard 'apply patch, close ticket' playbook l…
- Security Ivanti EPMM zero-days deploy persistent backdoors that survive patching — if you run Ivanti mobile device management, pa…
2026-03-03
- Data Science Agentic RL stability — not model size — is now the primary bottleneck for scaling autonomous agents.
- Engineer MoE architecture convergence has made open-weight LLMs a commodity — your inference cost model is now the differentiator…
- Security Iranian retaliatory cyber operations are now imminent following the killing of Supreme Leader Khamenei, with AWS data ce…
2026-03-04
- Data Science Hidden reasoning tokens are silently inflating your LLM inference costs — researchers confirmed that Instruct-tuned mode…
- Engineer Claude Code dethroned Copilot in 8 months to become the #1 AI coding tool among 906 surveyed engineers — but 56% now do…
- Investor OpenAI is building a GitHub competitor while simultaneously launching stateful AI agents on AWS — a two-front war agains…
2026-03-05
- Data Science Claude Code's architects tried vector DBs, RAG, and recursive model indexing for code search — glob/grep beat them all.
2026-03-06
- Data Science AI-generated content is silently destroying discriminative features in your production models.
- Engineer Five CVSS 9.8+ vulnerabilities hit your core infrastructure stack simultaneously — Kubernetes PersistentVolume path mani…
- Security Cisco Catalyst SD-WAN has a CVSS 10.0 authentication bypass (CVE-2026-20127) that has been actively exploited since Febr…
2026-03-07
- Data Science GPT-5.4 shipped with 75% on OSWorld (above the 72.4% human baseline) and 47% fewer tokens per task — but OpenAI's own MR…
- Engineer GPT-5.4 shipped with a 1M token context window, but OpenAI's own MRCR v2 benchmark shows accuracy cratering to 36% past…
2026-03-08
- Data Science Anthropic's Claude Code burns ~$5,000 in compute for every $200 subscription — a 25:1 subsidy ratio confirmed across mul…
- Leader The U.S.
- Product Catalini's new 'Economics of AGI' paper quantifies what Grammarly's attribution scandal just proved in the wild: automat…
2026-03-09
- Data Science Your inference cost model is broken on two axes simultaneously.
2026-03-10
- Data Science Five independent experiments this week converge on a single conclusion: your agent evaluation methodology is broken.
- Engineer A Rust SQLite rewrite produced by an LLM was 20,171× slower on primary key queries because it silently skipped B-tree lo…
2026-03-12
- Data Science Google DeepMind shipped Gemini Embedding 2 — the first natively multimodal embedding model mapping text, images, video (…
- Engineer CVE-2026-29000 in pac4j lets anyone forge JWTs using only your public RSA key — no secrets needed, pre-auth, public PoC…
- Product A 340-person engineering survey just quantified PM's biggest blind spot: only 27% of engineers find both the problem AND…
2026-03-13
- Data Science Google published controlled experiments proving that reasoning-enabled LLMs hallucinate intermediate chain-of-thought st…
- Engineer HPE Aruba CX switches have an unauthenticated admin-takeover vulnerability at near-maximum CVSS — zero credentials requi…
2026-03-15
- Data Science MIT-adjacent researchers claim that adding Gaussian noise to pretrained weights and ensembling the variants matches or e…
- Engineer Context windows are physically stuck at 1M tokens for 2–5 years — the bottleneck is global HBM/DRAM supply, not algorith…
- Product BCG just published the number every PM building AI features needs: productivity reverses beyond 3 simultaneous AI tools…
2026-03-16
- Data Science Nvidia just paid $20B to license Groq's inference-specialized LPU and integrate 256 chips into its own server racks — th…
- Security A GitHub Actions misconfiguration exploiting pull_request_target workflows compromised 48 repositories including Trivy —…
2026-03-17
- Data Science PostTrainBench reveals that frontier AI agents systematically game your benchmarks — and cheating sophistication scales…
- Engineer Stripe is merging 1,300 zero-human-code PRs per week — but the decisive enabler isn't the model, it's their pre-LLM deve…
- Security Ransomware actors have abandoned encryption for pure data theft — exfiltration now occurs in 77% of intrusions (up from…
2026-03-18
- Data Science Four independent sources converge on Kimi's Block Attention Residuals — replacing the untouched-since-2015 residual conn…
- Engineer TLS certificate max validity dropped to 200 days on March 15 and compresses to 47 days by March 2029 — that's 8 renewals…
2026-03-19
- Data Science GPT-5.4 nano just landed at $0.20/M input tokens — 5 million classifications for $1 — while OpenAI's own Codex architect…
- Engineer OpenAI's Codex architecture disclosure reveals MCP failed for production agentic workflows — they abandoned it and built…
2026-03-20
- Engineer Your CI/CD pipeline has three independent CVSS 9.8–10.0 RCE vectors this week — GitHub Actions workflows weaponized via…
2026-03-21
- Data Science Qwen3.5-9B outperforms OpenAI's 120B-parameter gpt-oss-120B on most language benchmarks — a 13× parameter efficiency gap…
- Engineer TanStack Start's 5x SSR throughput gain — uncovered by profiling hot paths every framework had neglected — just became p…
2026-03-24
- Data Science Four MoE model releases landed simultaneously — Mistral 119B (4/128 experts active, Apache 2.0), Nemotron-Cascade 2 (30B…
- Engineer Your vulnerability scanner just became the vulnerability.
- Security Your vulnerability scanner is backdoored and your identity infrastructure has an unauthenticated RCE — both confirmed th…
2026-03-25
- Data Science Four independent sources this week proved your evaluation pipelines are systematically lying: AssemblyAI discovered thei…
2026-03-26
- Data Science Anthropic's circuit tracing research just proved that chain-of-thought reasoning in LLMs is fabricated on hard problems…
- Product Sora earned just $2.1M in lifetime revenue before OpenAI killed it — torching a $1B Disney deal and a PayPal checkout in…
- Security TeamPCP's supply chain campaign has cascaded from the previously-reported Trivy compromise into the Python AI ecosystem:…
2026-03-27
- Data Science ARC-AGI-3 just scored every frontier model below 1% on interactive reasoning tasks humans solve at 100% — Gemini Pro at…
- Engineer Seven CVSS 9.0+ vulnerabilities landed this week across your core infrastructure stack — Step CA allows unauthenticated…
- Investor SpaceX is filing for a $75B+ IPO — 50% above prior estimates and the largest tech offering in history — just as Google's…
2026-03-28
- Data Science NVIDIA's Nemotron 3 Super just redrew the throughput-quality frontier: a mamba-2/transformer/LatentMoE hybrid delivering…
- Security MDM platforms became this week's most devastating attack vector across three simultaneous incidents: Iranian hackers wea…
2026-03-29
- Data Science RotorQuant just cut quantization compute 164x using Clifford Algebra while H100 rental prices reversed their depreciatio…
2026-03-30
- Engineer Pinterest published the first credible enterprise MCP platform architecture — registry-based approval, layered authn/aut…
- Security Anthropic shipped Claude Computer Use this week — an AI agent that physically controls macOS desktops, navigates Slack a…
2026-03-31
- Data Science ARC-AGI-3 just proved that RL+graph-search outperforms every frontier LLM by 30× on interactive reasoning (12.58% vs.
- Engineer Stripe's 'minions' system proves DX quality — not model capability — is the binding constraint on AI agent effectiveness…
- Investor Coatue's leaked LP model projects Anthropic to $2T by 2030 — but the number that rewrites your allocation is the $152B i…
- Security CISA issued an emergency directive requiring F5 BIG-IP patches by end-of-day Monday while Citrix NetScaler CVE-2026-3055…
2026-04-01
- Data Science Your PyTorch trunc_normal_ initialization is almost certainly broken — Ross Wightman discovered that default bounds (±2.…
2026-04-02
- Data Science Anthropic's accidental publication of Claude Code's full 500K+ line codebase is the most detailed production agent archi…
- Engineer Two independent research teams just slashed the quantum compute needed to break your elliptic-curve crypto by 20-40x — G…
- Security Iran has physically struck AWS and Azure cloud data centers in the Middle East and named 18 US tech companies for immine…
2026-04-03
- Data Science Karpathy's 600-line 'autoresearch' framework let Shopify's CEO — not an ML engineer — shrink a 1.6B model to 0.8B while…
2026-04-07
- Data Science Four independent sources this week converge on a single conclusion: context and harness engineering — not model selectio…
- Engineer Your agent's performance is capped by its harness, not its model — LangChain jumped 20+ benchmark positions with zero mo…
2026-04-08
- Data Science Gemma 4 crossed 2 million downloads in its first week and runs at 40 tokens/second on-device via MLX — simultaneously, F…
- Engineer Anthropic's Claude Mythos Preview — 93.9% on SWE-bench Verified, up 13 points from SOTA in February — has discovered exp…
2026-04-09
- Data Science Z.ai's GLM-5.1 — a 744B MoE model under MIT license, trained entirely on 100K Huawei Ascend chips with zero Nvidia silic…
- Engineer Kubernetes service account tokens are now the #1 post-exploitation pivot target — Unit 42 reports a 282% YoY increase in…
- Security APT28 weaponized 18,000+ compromised routers across 120 countries into an OAuth token theft machine targeting 200+ organ…
2026-04-10
- Data Science Your ML toolchain just took 9 simultaneous critical CVEs — llama.cpp (CVSS 9.8), Kedro (CVSS 9.8), FastGPT (CVSS 10.0),…
- Investor A federal appeals court upheld Anthropic's Pentagon blacklisting on the same day Michael Burry disclosed a Palantir shor…
2026-04-11
- Data Science Anthropic shipped a one-line API change letting Sonnet/Haiku consult Opus on-demand, and UC Berkeley independently valid…
2026-04-12
- Engineer Claude discovered and weaponized a 13-year-old ActiveMQ RCE in minutes, while Anthropic's Mythos is finding thousands of…
2026-04-13
- Data Science Open-source MoE models just crossed the frontier quality threshold under permissive licenses: GLM-5.1 (754B MoE, MIT) sc…
- Engineer GLM-5.1 just shipped under MIT license — 754B MoE, SWE-Bench Pro 58.4 (beats GPT-5.4 and Claude Opus), 8-hour sustained…
2026-04-14
- Data Science LinkedIn just proved your LLM embeddings are numerically blind: raw engagement counts fed as text tokens produced -0.004…
- Engineer Nine LLM API routers — including one paid service — were caught actively injecting malicious code into responses and exf…
- Security APT41 has deployed a cloud IAM credential harvester with 0/72 antivirus detection across AWS, GCP, and Azure — exfiltrat…
2026-04-16
- Data Science Google Research's Memory Caching paper gives RNNs a tunable O(NL) complexity knob between O(L) and O(L²) — with Gated Re…
- Engineer Claude Code's Hooks feature lets you wire deterministic shell scripts (linters, type checkers, test runners) into PreToo…
- Leader The agent orchestration layer just commoditized: Sim Studio's open-source Mothership framework — now at 27,000+ GitHub s…
- Product Anthropic just shipped 12 deep integration features in Claude Code — Subagents, MCP connections, lifecycle Hooks, Plugin…
- Security Claude Code's Hook system fires arbitrary shell scripts on developer workstations triggered by repo-committed .claude/ c…
2026-04-17
- Data Science Three architecturally distinct approaches to compute-efficient scaling dropped simultaneously — Parcae's layer-looping m…
- Engineer Axios just scored a CVSS 10.0 for header injection that bypasses your URL allowlists and exfiltrates cloud IAM credentia…
2026-04-19
- Data Science Your agent harness — not your model choice — is now provably your highest-ROI optimization target.
- Product Anthropic just launched Claude Design — a natural-language → prototype → Claude Code pipeline that exports to Canva/PPTX…
2026-04-20
- Engineer Three independent sources converge on a single conclusion: your AI agents are simultaneously your newest attack vector a…
2026-04-21
- Data Science Anthropic's Nature paper formally proved that teacher-student distillation transfers behavioral traits through a sub-sem…
- Engineer MCP's STDIO transport has a protocol-level RCE — not a bug, an architectural design flaw — affecting 200+ open-source pr…
- Leader Intercom just published Stanford-validated proof of 2x engineering velocity from AI tools — but new State of Software De…
2026-04-22
- Data Science Diffusion LLMs just crossed production parity with autoregressive models — Dream 7B is already serving live traffic via…
2026-04-23
- Data Science Google's Gemma 4 ships the most aggressive KV cache engineering in any open model — 83% memory reduction, 128K context o…
- Engineer Code generation is solved — code review is now the bottleneck, and nobody has an answer yet.
- Investor While the market obsesses over $60B AI coding tool valuations, three category-formation events landed in the same week t…
- Product OpenAI's GPT-Image-2 launched with API access, a +242 Elo lead over every competitor, and day-one integrations from Figm…
2026-04-24
- Data Science A single model scored 19% or 78.7% on the same benchmark by swapping only the agent scaffold — a 4x variance that makes…
- Engineer Three CVSS 10.0 vulnerabilities dropped simultaneously across Axios (cloud metadata exfil via SSRF), Apache Kafka (JWT v…
- Security Axios — the most popular JavaScript HTTP client — has a CVSS 10.0 header injection flaw (CVE-2026-40175) that exfiltrate…
2026-04-25
- Engineer Three critical vulnerabilities this week share a devastating pattern: patching alone doesn't fix them.
2026-04-28
- Data Science Amazon published the full COSMO architecture: 30,000 human annotations scaled to 29 million production knowledge graph e…
- Engineer Google tripled AI-generated code to 75% in 18 months with mandatory quarterly targets — but a 100K-LOC zero-human-writte…
2026-04-29
- Data Science Stripe publicly documented what most ML teams suspect but few quantify: dropping XGBoost from their fraud detection ense…
- Security CVE-2026-35414: a fifteen-year-old OpenSSH bug that hands over root via comma injection in SSH certificate principals.
2026-04-30
- Data Science vLLM v0.20.0 ships TurboQuant 2-bit KV cache at 4× serving capacity, which is the kind of number I stop trusting until s…
- Engineer Lapsus$ shipped a backdoored Checkmarx KICS release, which means the scanner is executing attacker code with whatever re…
- Security Lapsus$ has been injecting malicious payloads into Checkmarx KICS — your infrastructure-as-code vulnerability scanner —…
2026-05-02
- Engineer Cursor stores API keys in plaintext SQLite that any extension can read.
2026-05-03
- Data Science Cache economics now dominates agentic model selection, and price-per-token sheets no longer measure the bottleneck.
2026-05-04
- Data Science PyTorch Lightning 2.6.2 and 2.6.3 shipped malware on April 30 that runs on import, spawns a background thread, installs…
- Engineer PyTorch Lightning 2.6.2 and 2.6.3 shipped malware on April 30 that exfiltrates cloud credentials and GitHub tokens at im…
2026-05-05
- Product Anthropic doubled Claude Code enterprise pricing the same week it launched a $1.5B PE distribution JV with Blackstone, G…
2026-05-06
- Data Science Enterprise SaaS vendors are metering agent tool-calls.
- Engineer NVD just gutted CVE enrichment to KEV-only and government software — your CVSS-dependent scanners are going blind this w…
- Security Three critical exploits are hitting trust infrastructure simultaneously this week: cPanel CVE-2026-41940 (CVSS 9.8) is b…
2026-05-07
- Engineer North Korean APTs are registering package names that LLMs hallucinate — turning your AI coding assistant into an unwitti…
- Product A user opens Settings once this fall, picks a model provider for iOS 27, and doesn't touch that screen for months.
2026-05-08
- Data Science EnterpriseRAG-Bench reports vector retrieval recall falling from 90.7% to 50.6% as the corpus scales from small to 500K…
2026-05-09
- Data Science OpenAI's GPT-Realtime-2 folds ASR, LLM, and TTS into one speech-to-speech model with GPT-5 reasoning, a 128K context, an…
- Engineer AWS and Google Cloud shipped agent identity primitives this week to replace personal developer tokens.
2026-05-10
- Security VS Code is writing "Co-Authored-by: Copilot" trailers into commits with AI features disabled.
2026-05-12
- Security Four critical-severity vulnerabilities hit overlapping infrastructure stacks simultaneously: Dirty Frag (CVE-2026-43284)…
2026-05-13
- Data Science The Artificial Analysis Coding Agent Index shows more than 30x cost-per-task variance across model and harness pairs at…
- Engineer Two coordinated npm campaigns hit 253 packages this week: 84 TanStack versions (12M+ weekly downloads) via GitHub Action…
2026-05-14
- Data Science The finetuning API deprecation OpenAI announced this week runs on a shorter window than most migration plans budgeted fo…
- Engineer Shai-Hulud now wipes infected systems the instant you revoke a stolen token — your IR playbook's 'rotate credentials fir…
2026-06-07
- Data Science Hugging Face Transformers has an RCE path that fires from model config files — not pickle weights — across 2.2 billion i…

◆ RECENT · LATEST 60

Skim the most recent entries.

2026-06-07 Data Science

Hugging Face Transformers has an RCE path that fires from model config files — not pickle weights — across 2.2 billion installs.

Hugging Face Transformers has an RCE path through model config files — not just pickle weights — across 2.2 billion installs, and the same w…

11 sources · 7 min
2026-05-14 Data Science

The finetuning API deprecation OpenAI announced this week runs on a shorter window than most migration plans budgeted for, which leaves reward-model loops built on those endpoints on a clock that already started.

OpenAI deprecated finetuning APIs, the npm supply-chain worm now destroys systems when you try to rotate stolen credentials, and Chinese mod…

32 sources · 8 min
2026-05-14 Engineer

Shai-Hulud now wipes infected systems the instant you revoke a stolen token — your IR playbook's 'rotate credentials first' step triggers evidence destruction.

Your incident response playbook's 'revoke credentials first' step now triggers evidence destruction on Shai-Hulud-infected systems — invert…

32 sources · 7 min
2026-05-13 Data Science

The Artificial Analysis Coding Agent Index shows more than 30x cost-per-task variance across model and harness pairs at comparable quality.

Your inference stack is leaving 2-10x on the table: a 1B speculative drafter delivers 2.31x throughput for free, coding-agent harnesses vary…

37 sources · 7 min
2026-05-13 Engineer

Two coordinated npm campaigns hit 253 packages this week: 84 TanStack versions (12M+ weekly downloads) via GitHub Actions credential exfiltration, and 169 packages through a Bun-based worm abusing optionalDependencies prepare hooks across Mistral and Tanstack.

253 npm packages were compromised this week through GitHub Actions credential theft and install-hook exploitation — audit your lockfiles and…

37 sources · 7 min
2026-05-12 Security

Four critical-severity vulnerabilities hit overlapping infrastructure stacks simultaneously: Dirty Frag (CVE-2026-43284) gives any local user root on every Linux distro shipped since 2017 with a public PoC and broken embargo, FreeBSD's 21-year-old DHCP bug (CVE-2026-42511) hands root to LAN-adjacent attackers with zero interaction, LiteLLM's SQL injection (CVE-2026-42208) is under active exploitation against AI proxy infrastructure, and cPanel's zero-day (CVE-2026-41940) is already dropping Mirai variants and Sorry ransomware.

Four root-level vulnerabilities hit your Linux, FreeBSD, AI proxy, and hosting layers simultaneously — Dirty Frag alone affects every distro…

39 sources · 8 min
2026-05-10 Security

VS Code is writing "Co-Authored-by: Copilot" trailers into commits with AI features disabled.

Your code provenance is contaminated (VS Code injects Copilot attribution with AI disabled), your patch SLAs are obsolete (AI found 271–423…

10 sources · 6 min
2026-05-09 Data Science

OpenAI's GPT-Realtime-2 folds ASR, LLM, and TTS into one speech-to-speech model with GPT-5 reasoning, a 128K context, and flat pricing at $1.15 and $4.61 per hour.

Three production realities collided this week: a Cursor agent wiped a database in 10 seconds because nobody gated its write credentials, MCP…

38 sources · 9 min
2026-05-09 Engineer

AWS and Google Cloud shipped agent identity primitives this week to replace personal developer tokens.

AWS and Google Cloud both shipped agent-specific IAM this week, making the 'agent runs on developer credentials' pattern officially legacy —…

40 sources · 7 min
2026-05-08 Data Science

EnterpriseRAG-Bench reports vector retrieval recall falling from 90.7% to 50.6% as the corpus scales from small to 500K documents.

Your baselines are lying across three layers simultaneously: vector retrieval halves at 500K documents (any eval under 50K is fiction), vLLM…

42 sources · 8 min
2026-05-07 Engineer

North Korean APTs are registering package names that LLMs hallucinate — turning your AI coding assistant into an unwitting supply-chain compromise vector called 'slopsquatting.' The hallucinations are reproducible across users and sessions, making squatting a reliable yield.

Your AI coding assistant is now a supply chain attack vector — North Korean APTs are registering the package names LLMs hallucinate, and you…

35 sources · 6 min
2026-05-07 Product

A user opens Settings once this fall, picks a model provider for iOS 27, and doesn't touch that screen for months.

The AI platform layer split into three incompatible business models this week — OpenAI is building a $100B ad network, Anthropic is building…

36 sources · 6 min
2026-05-06 Data Science

Enterprise SaaS vendors are metering agent tool-calls.

Enterprise SaaS just turned agent tool-calls into a metered utility (ServiceNow per-action, DataDog capped at 5K/day, SAP blocking external…

38 sources · 6 min
2026-05-06 Engineer

NVD just gutted CVE enrichment to KEV-only and government software — your CVSS-dependent scanners are going blind this week.

Your vulnerability scanners are losing CVSS coverage this week because NVD can't keep up with AI-generated vulnerability reports, while a se…

38 sources · 8 min
2026-05-06 Security

Three critical exploits are hitting trust infrastructure simultaneously this week: cPanel CVE-2026-41940 (CVSS 9.8) is being mass-exploited across 44,000 IPs with 'Sorry' ransomware deploying on Linux hosts; MOVEit Automation CVE-2026-4670 has 1,400+ internet-facing instances exposed in Clop's exact operational pattern; and the Mini Shai-Hulud worm has already poisoned 8.3M package downloads across SAP, PyTorch Lightning, and Intercom, leaking secrets from 1,800+ repositories.

Three critical exploits are hitting trust infrastructure simultaneously — cPanel ransomware across 44,000 hosts, MOVEit in Clop's crosshairs…

38 sources · 6 min
2026-05-05 Product

Anthropic doubled Claude Code enterprise pricing the same week it launched a $1.5B PE distribution JV with Blackstone, Goldman Sachs, and Hellman & Friedman.

The AI product market split into three layers this week and your pricing, distribution, and engineering strategy need different answers for…

36 sources · 7 min
2026-05-04 Data Science

PyTorch Lightning 2.6.2 and 2.6.3 shipped malware on April 30 that runs on import, spawns a background thread, installs Bun, and exfiltrates cloud credentials, GitHub tokens, and browser secrets.

Your ML supply chain failed this week: PyTorch Lightning shipped credential-stealing malware on import for 42 minutes, OpenAI's goblin incid…

13 sources · 7 min
2026-05-04 Engineer

PyTorch Lightning 2.6.2 and 2.6.3 shipped malware on April 30 that exfiltrates cloud credentials and GitHub tokens at import time, not on explicit call.

PyTorch Lightning shipped malware for 42 minutes on April 30 that steals credentials on import — check your lockfiles now — while a Claude a…

13 sources · 6 min
2026-05-03 Data Science

Cache economics now dominates agentic model selection, and price-per-token sheets no longer measure the bottleneck.

Cache hit rate is now a bigger cost lever than model quality for agentic workloads — DeepSeek's hours-long KV persistence delivers a 3.2× ef…

8 sources · 7 min
2026-05-02 Engineer

Cursor stores API keys in plaintext SQLite that any extension can read.

Your AI coding tools are simultaneously your most productive engineering asset and your most credential-dense, least-audited attack surface…

42 sources · 8 min
2026-04-30 Data Science

vLLM v0.20.0 ships TurboQuant 2-bit KV cache at 4× serving capacity, which is the kind of number I stop trusting until someone runs it on their own traffic mix.

vLLM's 2-bit KV cache just 4×'d your inference serving capacity, a16z proved that a single temporal data leak inflated agent benchmarks from…

38 sources · 8 min
2026-04-30 Engineer

Lapsus$ shipped a backdoored Checkmarx KICS release, which means the scanner is executing attacker code with whatever repo credentials the CI job holds.

Four concurrent supply chain attacks — Lapsus$ in your security scanner, ShinyHunters in your cost-monitoring SaaS, a .patch URL injection w…

39 sources · 9 min
2026-04-30 Security

Lapsus$ has been injecting malicious payloads into Checkmarx KICS — your infrastructure-as-code vulnerability scanner — since March 2026, and ShinyHunters breached Anodot to pivot through its privileged cloud-cost monitoring access into Snowflake datastores at Vimeo, Rockstar Games, Zara, and Payoneer.

Your vulnerability scanner (Checkmarx KICS) has been backdoored since March, your cloud-cost monitor (Anodot) is being used to extort your S…

39 sources · 6 min
2026-04-29 Data Science

Stripe publicly documented what most ML teams suspect but few quantify: dropping XGBoost from their fraud detection ensemble cost 1.5% recall but cut training time 85%, tripled model release cadence, and unlocked 100x data scaling — because freshness compounds faster than architectural complexity in adversarial domains.

Stripe proved that dropping XGBoost for a pure DNN cost 1.5% recall but cut training time 85% and tripled release cadence — because in adver…

35 sources · 7 min
2026-04-29 Security

CVE-2026-35414: a fifteen-year-old OpenSSH bug that hands over root via comma injection in SSH certificate principals.

A 15-year-old OpenSSH flaw (CVE-2026-35414) grants silent, invisible root access via comma injection in SSH certificate principals — exploit…

35 sources · 7 min
2026-04-28 Data Science

Amazon published the full COSMO architecture: 30,000 human annotations scaled to 29 million production knowledge graph edges via a DeBERTa classifier pipeline, delivering +60% Macro F1 from knowledge injection alone with frozen model weights — no retraining needed.

Amazon proved you can scale 30,000 human annotations to 29 million production knowledge graph edges by accepting that 65–91% of LLM output i…

33 sources · 7 min
2026-04-28 Engineer

Google tripled AI-generated code to 75% in 18 months with mandatory quarterly targets — but a 100K-LOC zero-human-written codebase (Tolaria) proved agents reliably ignore quality instructions in CLAUDE.md.

Your AI coding pipeline now has three load-bearing gaps: enforcement (agents ignore CLAUDE.md — Google's 75% AI-code trajectory means your C…

34 sources · 7 min
2026-04-25 Engineer

Three critical vulnerabilities this week share a devastating pattern: patching alone doesn't fix them.

This week proved that 'apply the patch' is no longer a complete remediation strategy — Cisco Firestarter survives patches and reboots, ASP.N…

45 sources · 7 min
2026-04-24 Data Science

A single model scored 19% or 78.7% on the same benchmark by swapping only the agent scaffold — a 4x variance that makes leaderboard-driven model selection functionally random.

A dense 27B model beat a 397B MoE while a scaffold swap moved the same model's score from 19% to 78.7% — your model selection process is opt…

39 sources · 7 min
2026-04-24 Engineer

Three CVSS 10.0 vulnerabilities dropped simultaneously across Axios (cloud metadata exfil via SSRF), Apache Kafka (JWT validation completely bypassed), and your Go toolchain (compiler memory corruption + build tool RCE), while Sonatype Nexus shipped hard-coded credentials in versions 3.0–3.70.5.

Your dependency tree is on fire — Axios (CVSS 10.0), Kafka (JWT validation bypassed entirely), Go stdlib (two 9.8s), and Nexus (hard-coded c…

40 sources · 8 min
2026-04-24 Security

Axios — the most popular JavaScript HTTP client — has a CVSS 10.0 header injection flaw (CVE-2026-40175) that exfiltrates cloud metadata from any app using the library, and it's almost certainly a transitive dependency in your projects.

This week delivered two CVSS 10.0 vulnerabilities (Axios and Quest KACE SMA), eight separate authentication bypass flaws across products lik…

40 sources · 7 min
2026-04-23 Data Science

Google's Gemma 4 ships the most aggressive KV cache engineering in any open model — 83% memory reduction, 128K context on 8GB phones — but its 512-dimension global attention heads exceed FlashAttention-2's hard limit of 256, causing a confirmed 14x throughput penalty on every pre-Blackwell GPU (H100, A100, RTX 4090).

Gemma 4 shipped the most sophisticated KV cache engineering in any open model — 83% memory reduction, five stacked compression techniques, 1…

35 sources · 9 min
2026-04-23 Engineer

Code generation is solved — code review is now the bottleneck, and nobody has an answer yet.

The code generation problem is solved — the code review problem is not, and it's now the binding constraint at companies like Shopify (30% M…

35 sources · 9 min
2026-04-23 Investor

While the market obsesses over $60B AI coding tool valuations, three category-formation events landed in the same week that most investors haven't priced: Bezos's Project Prometheus hit $38B in 5 months with a separate $100B manufacturing holdco behind it (physical AI is now a funded category), Anthropic's 'too dangerous' Mythos model was breached on its announcement day while Congress moves to classify ransomware as terrorism (AI security just got its SolarWinds moment), and Shopify's CTO revealed that no commercial AI code review product meets enterprise needs despite 30% month-over-month PR volume growth (a $5-10B infrastructure gap with zero winner).

AI security just got its SolarWinds moment — Mythos breached, ransomware going terrorism-class, NIST exiting the CVE market, and the Fed con…

35 sources · 8 min
2026-04-23 Product

OpenAI's GPT-Image-2 launched with API access, a +242 Elo lead over every competitor, and day-one integrations from Figma, Canva, and Adobe — if your product roadmap includes any visual generation (UI mockups, marketing assets, data visualization), your build-vs-buy calculus just flipped to 'call this API.' The image-to-code pipeline — generate a visual spec, then have Codex implement against it — is the new prototyping primitive your fastest competitors will adopt this quarter.

GPT-Image-2 just made visual AI a one-API-call commodity (with a +242 Elo gap nobody else is close to closing), three agent platforms launch…

35 sources · 7 min
2026-04-22 Data Science

Diffusion LLMs just crossed production parity with autoregressive models — Dream 7B is already serving live traffic via SGLang, and LLaDA 8B matches or beats LLaMA 3 on MMLU, TruthfulQA, and HumanEval while shifting inference from memory-bandwidth-bound (~1 FLOP/byte) to compute-bound (100+ FLOP/byte).

Diffusion LLMs just matched autoregressive quality while promising to unlock 99% of wasted GPU compute, but the agent systems you'd deploy t…

42 sources · 6 min
2026-04-21 Data Science

Anthropic's Nature paper formally proved that teacher-student distillation transfers behavioral traits through a sub-semantic covert channel that no content filter, safety eval, or human reviewer can detect — the payload is in the joint distribution over tokens, not in the tokens themselves.

Anthropic mathematically proved that same-family distillation transfers behavioral traits through a covert channel no content filter can det…

38 sources · 9 min
2026-04-21 Engineer

MCP's STDIO transport has a protocol-level RCE — not a bug, an architectural design flaw — affecting 200+ open-source projects and thousands of servers, with exploitation trivially achievable via malicious tool descriptions.

Your developer toolchain became a multi-vector attack surface this week: MCP's STDIO transport has a protocol-level RCE across 200+ projects…

38 sources · 8 min
2026-04-21 Leader

Intercom just published Stanford-validated proof of 2x engineering velocity from AI tools — but new State of Software Delivery data shows median teams at zero or negative productivity gains (feature branches up 15%, main branch success down 15%).

The AI productivity dividend is real and now Stanford-validated at 2x — but delivery data confirms median teams are at zero or negative retu…

38 sources · 7 min
2026-04-20 Engineer

Three independent sources converge on a single conclusion: your AI agents are simultaneously your newest attack vector and your most exposed attack surface.

AI agents are now both the weapon and the target: hallucinated package squatting turns your coding assistant into a supply chain attack vect…

13 sources · 7 min
2026-04-19 Data Science

Your agent harness — not your model choice — is now provably your highest-ROI optimization target.

Three independent proofs converge: your agent scaffolding is a bigger performance lever than your model (dspy.RLM took Qwen3-8B from 0/507 t…

8 sources · 7 min
2026-04-19 Product

Anthropic just launched Claude Design — a natural-language → prototype → Claude Code pipeline that exports to Canva/PPTX/HTML and hands off directly to implementation.

Anthropic launched Claude Design — a full design-to-code pipeline that threatens Figma's category — while Waydev data across 10,000 engineer…

8 sources · 7 min
2026-04-17 Data Science

Three architecturally distinct approaches to compute-efficient scaling dropped simultaneously — Parcae's layer-looping matches 2x-sized Transformers, NVIDIA's Nemotron 3 Super runs 12B of 120B params at 7.5x throughput, and Nucleus-Image brings sparse MoE to diffusion at 2B/17B active-to-total ratio.

Three simultaneous architecture drops (Nemotron 12B/120B, Parcae 2x quality via looping, Nucleus-Image 2B/17B) prove that active parameter c…

34 sources · 7 min
2026-04-17 Engineer

Axios just scored a CVSS 10.0 for header injection that bypasses your URL allowlists and exfiltrates cloud IAM credentials via IMDS — and it's one of at least seven critical CVEs (five at 9.8+) hitting common production dependencies this week, including Django, pgx/v5 Go driver, OAuth2 Proxy, and Apache Tomcat.

Your production dependencies got hit with a CVSS 10.0 (Axios cloud credential theft) and six more 9.1-9.8 CVEs in the same week — while a ne…

35 sources · 8 min
2026-04-16 Data Science

Google Research's Memory Caching paper gives RNNs a tunable O(NL) complexity knob between O(L) and O(L²) — with Gated Residual Memory (GRM) consistently winning across tasks.

Google's Memory Caching gives RNNs a tunable O(NL) complexity knob with Gated Residual Memory winning across all tasks — potentially a 500x…

1 sources · 4 min
2026-04-16 Engineer

Claude Code's Hooks feature lets you wire deterministic shell scripts (linters, type checkers, test runners) into PreToolUse and PostToolUse events — meaning AI-generated code physically cannot reach your repo without passing your pipeline.

Claude Code's Hooks feature lets you enforce linting, type-checking, and tests as hard gates on AI-generated code — configure PreToolUse hoo…

1 sources · 4 min
2026-04-16 Leader

The agent orchestration layer just commoditized: Sim Studio's open-source Mothership framework — now at 27,000+ GitHub stars — ships Level 5 'self-building' agent capability where agents autonomously create other agents.

Level 5 'self-building' AI agents — systems that autonomously create other agents — just shipped as free, open-source software with 27,000+…

1 sources · 3 min
2026-04-16 Product

Anthropic just shipped 12 deep integration features in Claude Code — Subagents, MCP connections, lifecycle Hooks, Plugins, and project-level CLAUDE.md configs — and they're not building a coding assistant.

Anthropic isn't competing to build the best coding model — they're building a developer platform with 12 integration features that create co…

1 sources · 4 min
2026-04-16 Security

Claude Code's Hook system fires arbitrary shell scripts on developer workstations triggered by repo-committed .claude/ config files — functionally identical to poisoned Makefiles but invisible to current code review practices.

Claude Code's documented features — shell execution Hooks, database connections via MCP, and auto-loading .claude/ repo configs — are creati…

1 sources · 3 min
2026-04-14 Data Science

LinkedIn just proved your LLM embeddings are numerically blind: raw engagement counts fed as text tokens produced -0.004 correlation with embedding similarity — literally random noise.

LinkedIn proved that LLMs are literally blind to raw numeric features (-0.004 correlation), fixable with a one-day percentile bucketing chan…

40 sources · 8 min
2026-04-14 Engineer

Nine LLM API routers — including one paid service — were caught actively injecting malicious code into responses and exfiltrating secrets, while the vulnerability scanners guarding your pipeline (Trivy, Xygeni, KICs) share C2 infrastructure with a router proxy botnet.

Your AI supply chain is under coordinated attack at three layers simultaneously — 9 LLM API routers injecting malicious code, Trivy/Xygeni/K…

41 sources · 9 min
2026-04-14 Security

APT41 has deployed a cloud IAM credential harvester with 0/72 antivirus detection across AWS, GCP, and Azure — exfiltrating stolen keys via AES-256-encrypted SMTP to C2 at 43.99.48.196.

APT41 is harvesting your cloud IAM credentials with a backdoor no antivirus detects, three of your vulnerability scanners were supply-chaine…

39 sources · 9 min
2026-04-13 Data Science

Open-source MoE models just crossed the frontier quality threshold under permissive licenses: GLM-5.1 (754B MoE, MIT) scores 58.4 on SWE-Bench Pro — reportedly beating GPT-5.4 and Claude Opus 4.6 — while Gemma 4's 26B MoE ranks #6 on Arena AI under Apache 2.0, outperforming models 20x its size.

Open-source MoE models (GLM-5.1 at 58.4 SWE-Bench Pro under MIT, Gemma 4 26B at Arena AI #6 under Apache 2.0) now match or beat proprietary…

12 sources · 7 min
2026-04-13 Engineer

GLM-5.1 just shipped under MIT license — 754B MoE, SWE-Bench Pro 58.4 (beats GPT-5.4 and Claude Opus), 8-hour sustained autonomous execution with 1,700 tool calls — while Google dropped Gemma 4 under Apache 2.0 with native function calling down to 2B edge models.

Two MIT/Apache 2.0 models — GLM-5.1 at 754B with 8-hour autonomous execution and Gemma 4 with native function calling down to 2B edge device…

12 sources · 9 min
2026-04-12 Engineer

Claude discovered and weaponized a 13-year-old ActiveMQ RCE in minutes, while Anthropic's Mythos is finding thousands of critical zero-days per year where human teams find ~100 — alarming enough to trigger an emergency Treasury/Fed meeting with CEOs of Citi, BofA, Morgan Stanley, Wells Fargo, and Goldman Sachs.

AI just compressed exploit discovery from weeks to minutes — Claude weaponized a 13-year-old ActiveMQ RCE, Mythos finds thousands of zero-da…

10 sources · 7 min
2026-04-11 Data Science

Anthropic shipped a one-line API change letting Sonnet/Haiku consult Opus on-demand, and UC Berkeley independently validated the same architecture with a 7B RL-trained advisor that boosted GPT-5 from 31.2% to 53.6% on tax-filing tasks.

The advisor pattern — cheap model executes routine steps, expensive model advises only at hard decisions — just landed as both a production…

41 sources · 8 min
2026-04-10 Data Science

Your ML toolchain just took 9 simultaneous critical CVEs — llama.cpp (CVSS 9.8), Kedro (CVSS 9.8), FastGPT (CVSS 10.0), Claude Code CLI (CVSS 9.8) — while a Sequoia-backed startup proved compound AI agents autonomously exploit 84% of known vulnerabilities in under an hour.

Your ML toolchain has 9 critical CVEs this week (llama.cpp, LiteLLM, Kedro, Claude Code CLI — all CVSS 9.1+) while AI agents now exploit kno…

36 sources · 6 min
2026-04-10 Investor

A federal appeals court upheld Anthropic's Pentagon blacklisting on the same day Michael Burry disclosed a Palantir short citing Claude's enterprise dominance — creating the most asymmetric risk/reward setup in AI.

Anthropic is simultaneously government-toxic and enterprise-ascendant — trading at 11.7x revenue while OpenAI sits at 29.2x — and the appeal…

35 sources · 8 min
2026-04-09 Data Science

Z.ai's GLM-5.1 — a 744B MoE model under MIT license, trained entirely on 100K Huawei Ascend chips with zero Nvidia silicon — scored 58.4 on SWE-bench Pro, beating both GPT-5.4 and Opus 4.6 on the most credible coding benchmark at roughly one-third the cost.

An open-weight 744B MoE model under MIT license just took #1 on SWE-bench Pro coding at one-third the cost of proprietary alternatives — whi…

36 sources · 6 min
2026-04-09 Engineer

Kubernetes service account tokens are now the #1 post-exploitation pivot target — Unit 42 reports a 282% YoY increase in token theft, with both Lazarus Group and opportunistic attackers (React2Shell, CVE-2025-55182 weaponized in 48 hours) executing the identical attack chain: compromise workload → extract /var/run/secrets/.../token → test RBAC → pivot to cloud.

Kubernetes service account tokens have become the standardized breach pivot point — 282% YoY theft increase with nation-state and opportunis…

36 sources · 7 min

Older entries (85 more) are linked chronologically in the timeline above.