Tag: .NET
-
Hacker News: Abusing Git branch names to compromise a PyPI package
Source URL: https://lwn.net/Articles/1001215/ Source: Hacker News Title: Abusing Git branch names to compromise a PyPI package Feedly Summary: Comments AI Summary and Description: Yes Summary: The incident highlights a security vulnerability related to automated processes in GitHub that can lead to the compromise of Python packages on PyPI. Particularly, the use of a flawed script…
-
Hacker News: Zizmor would have caught the Ultralytics workflow vulnerability
Source URL: https://blog.yossarian.net/2024/12/06/zizmor-ultralytics-injection Source: Hacker News Title: Zizmor would have caught the Ultralytics workflow vulnerability Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text describes a security incident involving the compromise of the Ultralytics machine learning package, which led to the release of malicious software via multiple versions uploaded to PyPI. The root…
-
Simon Willison’s Weblog: Quoting Ethan Mollick
Source URL: https://simonwillison.net/2024/Dec/7/ethan-mollick/#atom-everything Source: Simon Willison’s Weblog Title: Quoting Ethan Mollick Feedly Summary: A test of how seriously your firm is taking AI: when o-1 (& the new Gemini) came out this week, were there assigned folks who immediately ran the model through internal, validated, firm-specific benchmarks to see how useful it as? Did you…
-
Simon Willison’s Weblog: New Gemini model: gemini-exp-1206
Source URL: https://simonwillison.net/2024/Dec/6/gemini-exp-1206/#atom-everything Source: Simon Willison’s Weblog Title: New Gemini model: gemini-exp-1206 Feedly Summary: New Gemini model: gemini-exp-1206 Google’s Jeff Dean: Today’s the one year anniversary of our first Gemini model releases! And it’s never looked better. Check out our newest release, Gemini-exp-1206, in Google AI Studio and the Gemini API! I upgraded my llm-gemini…
-
Simon Willison’s Weblog: Roaming RAG – make the model find the answers
Source URL: https://simonwillison.net/2024/Dec/6/roaming-rag/#atom-everything Source: Simon Willison’s Weblog Title: Roaming RAG – make the model find the answers Feedly Summary: Roaming RAG – make the model find the answers Neat new RAG technique (with a snappy name) from John Berryman: The big idea of Roaming RAG is to craft a simple LLM application so that the…
-
Simon Willison’s Weblog: datasette-enrichments-llm
Source URL: https://simonwillison.net/2024/Dec/5/datasette-enrichments-llm/#atom-everything Source: Simon Willison’s Weblog Title: datasette-enrichments-llm Feedly Summary: datasette-enrichments-llm Today’s new alpha release is datasette-enrichments-llm, a plugin for Datasette 1.0a+ that provides an enrichment that lets you run prompts against data from one or more column and store the result in another column. So far it’s a light re-implementation of the existing…
-
Simon Willison’s Weblog: Quoting OpenAI o1 System Card
Source URL: https://simonwillison.net/2024/Dec/5/openai-o1-system-card/#atom-everything Source: Simon Willison’s Weblog Title: Quoting OpenAI o1 System Card Feedly Summary: When o1 was led to believe that it would be shut down when acting on its goal and that its actions were monitored, it attempted to deactivate this ‘oversight mechanism’ in 5% of the time. Exfiltration attempts: When o1 found…