Daniel Marashlian

The 10 fastest growing GitHub repos this week: 1. codegraph (+14.1K stars) Pre-indexed code knowledge graph for Claude Code, Codex, Cursor, OpenCode, and Hermes Agent — fewer tokens, fewer tool calls, 100% local https://t.co/PmnpMlGC3r 2. openhuman (+17.1K stars) Your Personal AI super intelligence. Private, Simple and extremely powerful. https://t.co/mrpvMxUFwe 3. academic-research-skills (+11.6K stars) Academic Research Skills for Claude Code: research → write → review → revise → finalize https://t.co/dek8R1gZIu 4. RuView (+6.8K stars) π RuView turns commodity WiFi signals into real-time spatial intelligence, vital sign monitoring, and presence detection — all without a single pixel of video. https://t.co/UILhiVpLyX 5. agentmemory (+6.9K stars) #1 Persistent memory for AI coding agents based on real-world benchmarks https://t.co/KttGKncznV 6. supertonic (+3.6K stars) Lightning-Fast, On-Device, Multilingual TTS — running natively via ONNX. https://t.co/LA0oJzR5Hf 7. CloakBrowser (+7.0K stars) Stealth Chromium that passes every bot detection test. Drop-in Playwright replacement with source-level fingerprint patches. 30/30 tests passed. https://t.co/smRQh0wY3u 8. ViMax (+2.7K stars) "ViMax: Agentic Video Generation (Director, Screenwriter, Producer, and Video Generator All-in-One)" https://t.co/Jp53BzC0rK 9. 12-factor-agents (+1.9K stars) What are the principles we can use to build LLM-powered software that is actually good enough to put in the hands of production customers? https://t.co/qMqRwXa7iu 10. bun (+2.0K stars) Incredibly fast JavaScript runtime, bundler, test runner, and package manager – all in one https://t.co/UAtNVbQlBd The theme this week: agent memory, context efficiency, and on-device intelligence are making AI infrastructure the hottest build category. Bookmark this. Next week's list will look completely different.

Today, we’re launching into a new orbit. 🚀 Introducing the next chapter of Drata, the agentic trust management platform. Built for a world where trust is dynamic, continuous, and powered by intelligent automation. Where security and GRC don’t slow teams down, they move them forward. This is trust management, reimagined. Win with Trust: https://t.co/vaHeUGFllj

I am the Chief Information Officer of Stryker Corporation. I build the robots that perform your surgery. The defibrillators that restart your heart. The systems that let your nurse find your doctor at three in the morning when something goes wrong. Twenty-five billion dollars a year. Fifty-six thousand employees. Sixty-one countries. Every device in every country, managed from one console. On March 11th, someone who was not me sat down at that console and erased everything. I should be precise. They did not hack us. They logged in. Microsoft Intune is an endpoint management platform. I deployed it across every laptop, workstation, manufacturing terminal, and enrolled phone in my organization. From one console I could push an update to Kalamazoo, enforce a policy in Cork, wipe a compromised device in Freiburg. One console. Every device. That was the architecture. That was the selling point. That was the attack surface. Intune can push software. It can enforce compliance. It can, if instructed by an administrator with the correct credentials, wipe any device to factory settings. These are features. I paid for them. I presented them to the board as our zero-trust posture. A group called Handala used them to erase every managed device in my organization in a single afternoon. I will be precise about what happened next, because my lawyers are in the room and precision is the only thing that still belongs to me. No malware was deployed. No ransomware was installed. No zero-day was used. No vulnerability in any product was found. A threat actor obtained administrative credentials and issued a remote wipe command using the remote wipe feature that I chose this product for. My security tool did not fail. It performed exactly as designed. It wiped every device it was told to wipe, without error, on schedule. The architect of my destruction was my own IT budget line item. The command went out. The devices obeyed. Laptops in Kalamazoo. Workstations in Cork. Terminals in Freiburg. Manufacturing floors in Mahwah. The screens did not go dark. They changed. Where there had been a Stryker logo, there was now a barefoot cartoon boy with his back turned to the viewer -- the Handala icon, hands clasped behind him, facing away from the audience -- on every monitor in every office in sixty-one countries. They claim fifty terabytes. I cannot confirm or deny this. I do not yet know what I still own. Let me walk you through my first forty-eight hours. Hour one. Our Irish operations -- fifty-five hundred employees, eight sites, our largest hub outside the United States -- went dark. Not gradually. Entirely. Security walked everyone out. The voicemail at our Michigan headquarters was changed to say "building emergency." There was no building emergency. The building was fine. Everything inside it was gone. Hour four. Employees who had installed Microsoft Outlook on their personal phones discovered that their personal phones had been wiped. Intune does not distinguish between a corporate laptop and a personal iPhone with a company email profile. It manages endpoints. It managed them. Hour eight. Hospitals called. Not because they had been breached. Because they could not order surgical implants. I make the hip replacements. The knee joints. The spinal hardware. The trauma fixation systems. My ordering system was down. My manufacturing was down. My shipping was down. A hospital in Baltimore could not schedule a knee replacement because a hacktivist group on another continent had pressed a single button on a console I built. Hour twelve. Maryland Emergency Medical Services issued a memo. Hospitals were disconnecting from LIFENET -- my system that transmits your EKG from the ambulance to the emergency department while you are still in the back of the ambulance -- not because LIFENET had failed, but because they no longer trusted anything with my name on it. Hour twenty-four. Fifty-six thousand employees coordinating on WhatsApp. Twenty-five billion dollar company. Sixty-one countries. Crisis response running on a free consumer messaging app, because every internal system I owned was now owned by someone else. Hour thirty-six. I released my first official statement. "As a precaution, we have proactively taken all systems offline." Proactively. As though I had a choice. As though the systems I was taking offline had not already been taken. I released six statements in forty-eight hours, plus an SEC filing. Each said less than the one before it. By statement five, I was confirming that specific products still functioned. Mako surgical robots: unaffected. LIFEPAK 35 defibrillators: unaffected. Vocera badges: unaffected. When a medical device company begins listing which of its products still work, that is not reassurance. That is a casualty report delivered in reverse. Handala says this is retaliation. For Minab. February 28th. A U.S. Tomahawk struck an IRGC naval base in southeastern Iran. The girls' school next door collapsed. One hundred and seventy-five dead. Most of them children. Handala published a statement. They called Stryker a "Zionist-rooted corporation." They said they would make us understand what it means to lose something you cannot replace. I do not make missiles. I make hip replacements. I make the robot that holds the scalpel and the defibrillator in the crash cart. But I am a defense contractor's second cousin, and in the calculus of retaliation, proximity is guilt. I filed with the SEC on March 11th. "The full scope, nature and impacts of the incident are not yet known." That is the most honest sentence I have produced in two days. I do not know what they took. I do not know what they copied before they wiped. I cannot audit what was lost, because the tool I built to audit my systems is the tool they used to erase them. My stock dropped three and a half percent. One analyst called it "contained." A cybersecurity researcher called it "the first drop of blood in the water." I prefer the analyst. The analyst is wrong, but I prefer him. Here is what I know. I built a console that could touch every device in sixty-one countries. I gave it the authority to wipe anything it touched. I protected it with credentials. Someone obtained those credentials. And my management tool managed. No malware. No ransomware. No exploit. No CVE. Nothing to patch. Nothing to update. Nothing broken. Just a feature, performing its documented function, at the scale I purchased it for. I make the machines that keep people alive. I was taken offline by my own architecture doing the one thing it was designed to do. The system worked. That is the problem.

The New Drata Experience is here. 🔭 We rebuilt the Drata platform on a modern foundation designed for enterprise-scale GRC+A, connecting people, processes, controls, and AI-driven insights into a single constellation. When you can clearly see how everything relates, you can move faster and make better decisions with confidence. A more powerful way to manage trust. 💫 Explore what’s new and why we built it: https://t.co/ljAIYpFFw3

Introducing Vellum: Agents for the rest of us. Just describe your task and get a working agents in minutes. This is not another ChatGPT wrapper or a complex workflow builder. We spent thousands of hours to build the “brain” so you don’t have to look at error logs and learn prompting. Vellum will ask smart questions, connect to your apps, build you a custom agent, and make improvements along the way.

SPEED IS THE ONLY MOAT In the AI era, companies that can’t move fast won't survive. 5 ways to move faster: 1. Build rapid feedback loops The faster you iterate with real users, the better your product will be. Build a prototype in the morning and get user feedback by lunch. Reject doing 3+ rounds of internal reviews before talking to a real user. 2. Ship to concentric circles It’s almost always a bad idea to ship a new product to everyone at once. Instead, run staff alphas and customer betas to catch issues and improve quality before launch. I genuinely don't know how to build great products without a community of beta users I can talk to daily. 3. Small teams ship faster A team of 4-6 full-stack builders who are empowered to co-create with users will out execute a 50-person org any day. The key word here is “empowered” — if you hire a team of A players, give them the autonomy to listen, ship, fail, and learn with real users. 4. Iterate with AI first Everyone now has an AI teammate who’s available 24/7. So work with AI to summarize feedback, draft plans, and improve prototypes BEFORE you meet with your team. Doing the basic AI work ahead of time is now a baseline expectation. 5. Become the user. Most PMs don’t actually dogfood their product on a weekly basis. Use your product like a first-time user and write a friction log of how annoying the experience is. Nobody is too senior to test their own shit. I made a new video covering the above and 25 things I believe in to build great products. 📌 Subscribe to get it tomorrow: https://t.co/Ggqaa3F11Z

Stanford just made a $200,000 AI degree free. No application. No tuition. No “elite access”. Stanford released its actual AI/ML curriculum on YouTube. Not a PR-friendly intro. Not “AI for the public”. This is the real thing. The same lectures shaping people working on frontier models. What just became public: Deep Learning (CS230) → https://t.co/DUtL9MO6Y7 Transformers & LLMs (CME295) → https://t.co/gN57biwLsE Language Models from Scratch (CS336) → https://t.co/GnH11pPBdW ML from Human Feedback (CS329H) → https://t.co/X9nxEX6PNg Computer Vision (CS231N) → https://t.co/oBxKKWZP22 LLM Evaluation & Scaling → https://t.co/1tDpw9ArTq The uncomfortable truth: The degree isn’t the scarce asset anymore. Execution speed is. Top schools know this. That’s why they’re publishing the playbook. 👉 Bookmark this. Comment the first lecture you’ll actually watch.