From 44 items, 11 important content pieces were selected
- Andrej Karpathy Joins Anthropic’s Pre-Training Team ⭐️ 9.0/10
- CISA contractor leaks AWS GovCloud keys on GitHub ⭐️ 9.0/10
- DeepSeek Vulnerability: Empty Chat ‘<think’ Leaks User Data ⭐️ 9.0/10
- Google Unveils Gemini Omni for Conversational Video Editing ⭐️ 9.0/10
- Google Redesigns Search Box with AI Integration ⭐️ 8.0/10
- Forge boosts 8B model accuracy from 53% to 99% with guardrails ⭐️ 8.0/10
- Apple unveils new accessibility features with Apple Intelligence and agentic AI ⭐️ 8.0/10
- Gemini 3.5 Flash Launches with Higher Price, Wide Integration ⭐️ 8.0/10
- Proposal to rework Linux this_cpu ops for speed ⭐️ 8.0/10
- CXL Worsens Memory Management, Future Directions ⭐️ 8.0/10
- Lisuan 7G100: China’s DX12 Gaming GPU Preorder on May 20 ⭐️ 8.0/10
Andrej Karpathy Joins Anthropic’s Pre-Training Team ⭐️ 9.0/10
Andrej Karpathy announced on X that he has joined Anthropic, specifically working on the pre-training team responsible for the massive training runs that give Claude its core knowledge and capabilities. Karpathy is a highly influential AI researcher and educator, and his move to Anthropic signals the lab’s growing strength in frontier AI research and may impact both model development and AI education. Karpathy will work on Anthropic’s pre-training team, which handles large-scale training runs for Claude. He previously founded Eureka Labs and coined the term ‘vibe coding’ for AI-assisted programming.
hackernews · dmarcos · May 19, 15:07 · Discussion
Background: Pre-training is a self-supervised learning technique where a model is first trained on a large, unlabeled dataset to learn general representations, then fine-tuned for specific tasks. Karpathy is a co-founder of OpenAI, former Tesla AI Director, and a prominent educator known for projects like nanoGPT and his YouTube channel. Anthropic is a leading AI safety company, creator of the Claude model series.
Discussion: The community largely expressed excitement about Karpathy joining Anthropic, with many hoping he continues his educational work despite potential NDA restrictions. Some users voiced concern about Anthropic becoming a dominant force that absorbs top talent, while others noted Karpathy had foreshadowed this move in a recent interview.
Tags: #AI, #Anthropic, #Andrej Karpathy, #machine learning, #industry news
CISA contractor leaks AWS GovCloud keys on GitHub ⭐️ 9.0/10
A CISA contractor accidentally published AWS GovCloud access keys and a CSV file containing plaintext usernames and passwords for dozens of internal CISA systems on a public GitHub repository. This breach exposes highly sensitive U.S. government cloud infrastructure and internal credentials, undermining national security and highlighting severe lapses in security practices and incident response. The leaked credentials included AWS GovCloud keys for a CISA Workspace environment and a file named “AWS-Workspace-Firefox-Passwords.csv” with plaintext passwords. The contractor failed to respond when notified about the exposure.
hackernews · LelouBil · May 19, 07:45 · Discussion
Background: AWS GovCloud (US) is a compliant cloud environment designed to host sensitive and controlled unclassified information for U.S. government agencies, with restricted access to U.S. persons. CISA (Cybersecurity and Infrastructure Security Agency) is a federal agency responsible for protecting the nation’s critical infrastructure from cyber threats.
Discussion: Commenters expressed shock at the lack of response and the use of plaintext passwords, with some suggesting that the incident could be mistaken for a honeypot by foreign intelligence. Others highlighted the irony of using AWS services that offer better security features.
Tags: #security, #breach, #CISA, #AWS, #GovCloud
DeepSeek Vulnerability: Empty Chat ‘<think’ Leaks User Data ⭐️ 9.0/10
A critical session isolation vulnerability has been discovered in DeepSeek’s Web and API dialogue systems, where an attacker can send an unclosed ‘<think’ string in an empty conversation to retrieve other users’ conversation histories, including sensitive data. This vulnerability poses a severe privacy risk, potentially exposing private code, API keys, and personal conversations of DeepSeek users, undermining trust in AI chat services and highlighting the need for robust session isolation in multi-tenant systems. The vulnerability was responsibly disclosed by reporter cancat2024 on May 11, 2026, and affects both the DeepSeek Web interface and API; the attacker only needs to submit an incomplete ‘<think’ string in a fresh empty chat session to trigger data leakage.
telegram · zaihuapd · May 19, 11:33
Background: Session isolation is a security mechanism that ensures each user’s chat sessions are kept separate from others. The ‘<think’ token is a special token used by some AI models to indicate reasoning or internal thought processes. This vulnerability suggests a flaw in how DeepSeek handles incomplete special tokens, causing the model to incorrectly retrieve data from other sessions.
References
Discussion: On GitHub, community members noted that third-party deployments also exhibit the same behavior, suggesting the issue may stem from a hallucination-like effect in the model rather than a pure session management bug.
Tags: #security, #vulnerability, #DeepSeek, #data leakage, #AI
Google Unveils Gemini Omni for Conversational Video Editing ⭐️ 9.0/10
Google has announced Gemini Omni, a new multimodal AI model that allows users to edit videos through natural language conversation, with capabilities including physics understanding, character consistency, and SynthID digital watermarking. The first model, Gemini Omni Flash, is now available to Google AI Plus, Pro, and Ultra subscribers through the Gemini app, Google Flow, YouTube Shorts, and YouTube Create App. This marks a major step toward intuitive, AI-assisted video creation, potentially lowering the barrier for content creators and enabling more dynamic, real-time edits. The inclusion of SynthID watermarking also addresses growing concerns over AI-generated content authenticity. The model demonstrates inherent understanding of physics like gravity and fluid dynamics, and maintains character consistency across multiple edit iterations. All generated videos are embedded with SynthID digital watermarks for transparency, and Google plans to open the API to developers in the coming weeks.
telegram · zaihuapd · May 19, 18:23
Background: Multimodal AI models process multiple data types like text, images, and audio. Gemini Omni is Google’s latest such model, bridging reasoning and creation to enable direct video editing via natural language. SynthID, developed by Google DeepMind, embeds imperceptible watermarks into AI-generated content that can be detected by specialized tools, helping to distinguish AI-made content from real footage.
References
Discussion: Community comments are cautiously positive but critical of physics realism. Users point out specific examples where the model violates physics (e.g., a marble speeding up without energy source, Jenga brick tower bricks disappearing). Some compare it unfavorably to existing tools like Seedance, while others note fundamental issues with deep spatial understanding in video generation.
Tags: #multimodal AI, #video generation, #Google Gemini, #AI model, #natural language processing
Google Redesigns Search Box with AI Integration ⭐️ 8.0/10
At Google I/O 2026, Google announced a major redesign of its search box, integrating a new AI mode powered by Gemini, its large language model, to provide direct, synthesized answers rather than just links. This shift could fundamentally change how users interact with search, reducing traffic to external websites and raising concerns about information reliability and the future of web publishing. The new search box moves away from the classic blue link format, presenting AI-generated summaries that pull from multiple sources but may lack clear attribution, and users can opt into ‘AI Mode’ to get conversational answers.
hackernews · berkeleyjunk · May 19, 18:34 · Discussion
Background: Google has long been the dominant search engine, using algorithms to rank web pages. Large language models (LLMs) like Gemini can generate human-like text by predicting words based on training data, enabling a more direct answer style. At I/O 2026, Google deepens its commitment to AI-first search.
Discussion: Commenters expressed concerns about AI-generated answers sounding authoritative but potentially aggregating unreliable sources, and the risk of ‘Google Zero’ where traffic to original sites dries up. Some users distrust LLM outputs for factual queries and prefer primary sources.
Tags: #google, #search, #AI, #LLM, #UX
Forge boosts 8B model accuracy from 53% to 99% with guardrails ⭐️ 8.0/10
Antoine Zambelli released Forge, an open-source reliability layer that uses domain-agnostic guardrails to dramatically improve local LLM accuracy on multi-step agentic tasks, achieving 99.3% on an 8B model compared to 53% without. Forge narrows the accuracy gap between free local models and costly frontier APIs to less than 1 percentage point, enabling practical self-hosted agentic systems without cloud costs. It also reveals critical infrastructure factors (e.g., serving backend choice) that standard benchmarks ignore. Forge consists of five independently toggleable guardrail layers; retry nudges and error recovery are most impactful per ablation studies. The system includes a novel ToolResolutionError exception class to distinguish between a tool returning data and returning nothing, preventing silent data corruption.
hackernews · zambelli · May 19, 12:23 · Discussion
Background: Agentic workflows involve multi-step tasks where an LLM calls tools and reasons iteratively. Without guardrails, per-step errors compound: 90% per-step accuracy yields ~40% failure rate over 5 steps. Forge’s guardrails address this by adding retry mechanisms, error recovery, step enforcement, and context management optimized for consumer hardware.
References
Discussion: Community members largely praised Forge, noting that small local models with a proper harness can perform excellently. One user highlighted the tool-call ambiguity (e.g., grep returning exit code 1) as a common failure mode that retry nudges address. Another shared parallel experiences with frontier scale and the value of appropriately scaled solutions.
Tags: #LLM, #guardrails, #agentic tasks, #open-source, #reliability
Apple unveils new accessibility features with Apple Intelligence and agentic AI ⭐️ 8.0/10
Apple announced new accessibility features powered by Apple Intelligence, including agentic AI capabilities that can autonomously perform tasks for users with disabilities. This integration brings advanced AI to accessibility, potentially improving independence for disabled users and setting a precedent for agentic AI in consumer products. The features leverage on-device and server AI processing, similar to other Apple Intelligence functions. Agentic AI allows the system to proactively assist users based on context.
hackernews · interpol_p · May 19, 12:04 · Discussion
Background: Apple Intelligence is Apple’s generative AI system announced in 2024, available on devices with A17 Pro or M1+ chips. Agentic AI refers to AI systems that can act autonomously to achieve goals, often by using tools and making decisions within human-defined constraints.
References
Discussion: Commenters praised the practical application of LLMs for accessibility but criticized Apple’s speech-to-text transcription as behind competitors. Some noted the high-speed voiceover demonstration was actually inaccessible to blind users.
Tags: #accessibility, #Apple, #Apple Intelligence, #AI, #agentic AI
Gemini 3.5 Flash Launches with Higher Price, Wide Integration ⭐️ 8.0/10
Google released Gemini 3.5 Flash as a generally available model at Google I/O, skipping the preview phase, and integrated it into key products including the Gemini app, Google Search, Google Antigravity, and Gemini API. This release marks a major update to Google’s flagship model family with immediate broad deployment, but the significant price increase—3x that of its predecessor—signals a trend among AI labs testing customer price tolerance. The model ID is gemini-3.5-flash, with a knowledge cut-off of January 2025, supporting 1,048,576 input tokens and 65,536 output tokens, but lacking computer use capability. Pricing is $1.50 per million input tokens and $9 per million output tokens, and a new Interactions API (beta) offers server-side history management.
rss · Simon Willison · May 19, 22:40
Background: The Gemini Flash series is Google’s cost-efficient model line designed for high-volume, low-latency tasks. Google I/O is the company’s annual developer conference where major product announcements are made. Recent trends show other AI labs like OpenAI and Anthropic also raising prices on newer model versions, indicating a shift toward monetization.
Tags: #Gemini, #Google I/O, #AI model, #machine learning, #release
Proposal to rework Linux this_cpu ops for speed ⭐️ 8.0/10
At the 2026 LSFMM+BPF Summit, Yang Shi proposed reimplementing Linux’s this_cpu operations using per-CPU page tables to give each variable the same address on every CPU, eliminating the need to disable preemption on architectures like Arm. This change could significantly improve performance on non-x86 architectures by reducing overhead from multi-instruction sequences and preemption disabling, potentially benefiting a wide range of server and mobile devices that use Arm and other CPUs. The proposal requires double-mapping per-CPU variables (one global mapping for initialization, one per-CPU mapping for access), and faces historical opposition from Linus Torvalds due to TLB management challenges. Benchmarks on a 160-core Arm system showed 13-18% reduction in kernel-build system time.
rss · LWN.net · May 19, 14:30
Background: The kernel’s this_cpu operations provide fast access to per-CPU variables, which are arrays indexed by CPU number to avoid locking. On x86, segment registers enable single-instruction atomic access; on architectures like Arm, multi-instruction sequences require preemption to be disabled, causing performance loss. The proposal aims to eliminate that penalty by making per-CPU variables have uniform addresses via per-CPU page tables.
Tags: #kernel, #performance, #per-CPU, #LSFMM, #Linux
CXL Worsens Memory Management, Future Directions ⭐️ 8.0/10
Dan Williams presented an overview of how Compute Express Link (CXL) technology is exacerbating memory-management problems in Linux and discussed upcoming developments at the 2026 Linux Storage, Filesystem, Memory Management, and BPF Summit. As CXL becomes more prevalent in data centers, the kernel must address challenges like hot-plug memory, firmware interference, and error handling to ensure reliable and efficient memory management for next-generation systems. CXL memory is accessed over PCIe with higher latency than remote NUMA nodes, and its hot-plug nature means portions of RAM can disappear. The kernel is adopting a ‘code-first’ policy to document hardware deviations, and error handling may involve kernel panics.
rss · LWN.net · May 19, 14:15
Background: Compute Express Link (CXL) is an open standard interconnect for high-speed CPU-to-device and CPU-to-memory connections, aimed at high-performance data centers. It provides shared memory nodes over PCIe, but with higher latency than local memory. Non-Uniform Memory Access (NUMA) is a memory design where access time depends on memory location relative to a processor; remote NUMA nodes are slower than local ones. CXL memory typically has worse latency than even remote NUMA nodes, challenging existing memory management.
Tags: #CXL, #memory management, #Linux kernel, #data center, #hardware architecture
Lisuan 7G100: China’s DX12 Gaming GPU Preorder on May 20 ⭐️ 8.0/10
Lisuan Technology confirms the LX 7G100 gaming GPU will begin preorder on May 20 at 8 PM on JD.com. It features 12GB GDDR6, supports DirectX 12 and Vulkan 1.3, and claims performance comparable to the Nvidia RTX 4060. This is a significant milestone for domestic Chinese GPUs in the consumer gaming market, as it is one of the few Chinese-made graphics cards with full DX12 support. If real-world performance matches claims, it could boost the domestic GPU ecosystem and reduce reliance on foreign hardware. The card has passed WHQL certification and over 100 games, including Black Myth: Wukong and Cyberpunk 2077, have been tested for compatibility. However, the claimed RTX 4060-level performance may come from synthetic benchmarks, and real gaming performance depends on driver optimization and game compatibility.
telegram · zaihuapd · May 19, 08:57
Background: Chinese GPU makers have traditionally lagged in the consumer gaming segment, with most previous offerings lacking support for modern graphics APIs like DirectX 12. The Lisuan 7G100 aims to change that by supporting DX12 and Vulkan 1.3, making it compatible with a wide range of mainstream PC games. WHQL certification indicates it has passed Microsoft’s Windows Hardware Quality Labs testing, ensuring driver stability.
Tags: #国产GPU, #DX12, #游戏显卡, #硬件, #消费电子