CodeRabbit’s PR hack: RCE, leaked API keys and the million‑repo scare
CodeRabbit’s PR hack: RCE, leaked API keys and the million‑repo scare Remote‑code execution in an AI code‑review tool allowed attackers to siphon Anthropic and OpenAI keys, a GitHub app private key and more. Here’s why the incident lit up Hacker News – and what it means for your repos. Picture pushing a harmless pull request […]
DeepSeek V3.1: China’s open‑source 685‑billion‑parameter model shakes up the AI race
DeepSeek quietly dropped a 685‑billion‑parameter AI model on Hugging Face that rivals GPT‑5 and Claude 4. With a huge context window and hybrid architecture, the open‑source model costs pennies per task and has already become one of the most downloaded models. Imagine a language model as powerful as the latest proprietary AI but released open‑source […]
OpenAI Reflect: a glowing, hackable hardware assistant from a weekend hackathon
OpenAI’s engineers whipped up a physical AI assistant that talks in light and sound, uses your phone as its brain and costs less than a smart bulb. Reflect might not be a product yet, but its whimsical demo is blowing up among makers. Tired of screens? OpenAI’s hackathon team built Reflect, a palm‑sized AI assistant […]
AGENTS.md: a new standard to teach AI coding agents what humans know
A single Markdown file is taking over GitHub: AGENTS.md, an open format adopted by 20k+ projects, gives AI dev tools the context they need without cluttering README files. Here’s why coders are embracing it. Every time you ask an AI agent to refactor code or fix a bug, it wastes cycles rediscovering how to run […]
Microsoft Copilot’s silent audit‑log bug: hidden file access and a disclosure fiasco
A researcher found that telling M365 Copilot to omit a link causes the audit log to lie. Microsoft quietly fixed the bug but refuses to warn customers or issue a CVE. Here’s what it means for compliance and trust. Your audit log says no one opened that sensitive file – but an AI just did […]