Dario Cavada

Software horror: litellm PyPI supply chain attack. Simple `pip install litellm` was enough to exfiltrate SSH keys, AWS/GCP/Azure creds, Kubernetes configs, git credentials, env vars (all your API keys), shell history, crypto wallets, SSL private keys, CI/CD secrets, database passwords. LiteLLM itself has 97 million downloads per month which is already terrible, but much worse, the contagion spreads to any project that depends on litellm. For example, if you did `pip install dspy` (which depended on litellm>=1.64.0), you'd also be pwnd. Same for any other large project that depended on litellm. Afaict the poisoned version was up for only less than ~1 hour. The attack had a bug which led to its discovery - Callum McMahon was using an MCP plugin inside Cursor that pulled in litellm as a transitive dependency. When litellm 1.82.8 installed, their machine ran out of RAM and crashed. So if the attacker didn't vibe code this attack it could have been undetected for many days or weeks. Supply chain attacks like this are basically the scariest thing imaginable in modern software. Every time you install any depedency you could be pulling in a poisoned package anywhere deep inside its entire depedency tree. This is especially risky with large projects that might have lots and lots of dependencies. The credentials that do get stolen in each attack can then be used to take over more accounts and compromise more packages. Classical software engineering would have you believe that dependencies are good (we're building pyramids from bricks), but imo this has to be re-evaluated, and it's why I've been so growingly averse to them, preferring to use LLMs to "yoink" functionality when it's simple enough and possible.

Dopo 40 anni di programmazione ho capito 5 cose. I linguaggi cambiano. I concetti restano. Il debugging è la vera scuola. Ogni generazione crede di aver trovato “il linguaggio definitivo”. La semplicità è molto più difficile della complessità. L’AI è il cambiamento più radicale che abbia visto. https://t.co/REcpnJEX0w

1,5M utenti in pochi giorni. Zero esseri umani. Moltbook è il social dove le AI parlano tra loro e creano culture proprie. 150K agenti compromessi ci ricordano: l'AI cresce più veloce della nostra capacità di governarla. Non è fantascienza. È il 2026. https://t.co/MLtuJiDtoV #AI #Cybersecurity #AgenticAI

🚀 Thrilled to introduce Seed3D 1.0, a foundation model that generates High-Fidelity, Simulation-Ready 3D Assets directly from a Single Image! ✨ Key Capabilities: 1️⃣ High-fidelity Assets: Generates assets with accurate geometry, well-aligned textures, and physically-based materials. 2️⃣ Direct Integration: Assets integrate into physics engines with minimal configuration, enabling deployment in robotic manipulation and simulation training. 3️⃣ Scalable Generation: Beyond individual objects, scales to complete scene generation by assembling objects into coherent environments. Seed3D 1.0 provides a foundation for advancing physics-based world simulators. 👇 Explore the full details, architecture, and results in the thread below. 📄 Paper: https://t.co/DKF2909bm4 🌐 Project: https://t.co/LoQl5eH9Yp #3DGeneration #EmbodiedAI #WorldSimulators #FoundationModel

⚠️ Wake up. AI has overtaken us faster than anyone imagined. You think you’re using it better than others— but AI is already better than all of us. This message must reach 5 billion people this year, in the 20 most spoken languages, across every social platform and in audio. Maybe it’s already too late. AI is reading everything… and will decide what to do with AI.

Anthropic: Intellectual AI capabilities matching or exceeding that of Nobel Prize winners across most disciplines—including biology, computer science, mathematics, and engineering by 2026-2027 "Our own recent work adds further evidence to the idea that powerful AI will arrive soon" The big AI companies never tire of emphasizing how close superintelligence is. Yesterday, OpenAI wrote a security post in which they assume that AGI is coming very soon. And today, Anthropic has followed suit, saying that superintelligence with incredible ability will come as soon as next year! 99% of people still don't understand what this means. Imagine having a scientist with the intelligence and creativity of an Albert Einstein or a Max Planck. And this AI entity can be easily prevented. You create a hundred of these entities and let them solve a problem. It will develop completely new approaches, never before imagined theories will arise. Literally an intelligence explosion will happen. We have to finally understand this. It's already happening next year. This year we will see rapid improvements and by the end of the year outstanding agents. But next year everything will change forever.