Bitwarden's Command Line Interface (CLI) version 2026.4.0 has been compromised as part of an ongoing Checkmarx supply chain campaign. The attackers exploited a GitHub Action in Bitwarden's CI/CD pipeline to achieve this.
Keeping you up to date with the latest crawl
Bitwarden's Command Line Interface (CLI) version 2026.4.0 has been compromised as part of an ongoing Checkmarx supply chain campaign. The attackers exploited a GitHub Action in Bitwarden's CI/CD pipeline to achieve this.
Agent Vault is an open-source credential proxy and vault designed for agents. It allows for secure storage and management of sensitive information, such as credentials and tokens, and provides a centralized location for agents to access and use these credentials. The project aims to provide a secure and scalable solution for managing agent credentials.
The author of the article, a co-founder of a successful startup, is embarking on a new venture to build a cloud platform. The author's motivation for this project is not driven by a desire to solve a specific problem or address a social need, but rather by a personal passion for computers and a frustration with the limitations of existing cloud products. The author believes that the current cloud abstraction is the wrong shape, with virtual machines tied to CPU/memory resources, and that this limits the ability to run multiple virtual machines on a single computer. The author aims to create a more flexible and powerful cloud platform that allows users to run multiple virtual machines on a single computer, with better performance and more control over resources.
Vadim Drobinin, an iOS engineer, recounts his experience of using his phone to track his progress while learning to shoot and cook venison from scratch. He ported a 2012 OpenCV paper and trained a state-of-the-art computer vision model to aid in the process. The dinner ultimately took longer than expected due to the complexity of the project.
Google has developed TorchTPU, a new engineering stack designed to run PyTorch natively on TPU infrastructure with peak efficiency. TorchTPU features an "Eager First" approach with multiple execution modes and utilizes the XLA compiler to optimize distributed training across massive clusters. The project aims to further reduce compilation overhead and expand support for dynamic shapes and custom kernels to ensure seamless scalability for the next generation of AI.
GitHub experienced an incident affecting multiple services, resulting in disruptions to users. The issue has been resolved, and services are now operational.
Palantir employees are questioning their role in the company's work with government agencies, citing concerns over the use of their technology for surveillance and other purposes. Interviews with current and former employees, along with internal Slack messages, suggest a workforce in turmoil. The company's work with agencies such as Immigration and Customs Enforcement has sparked particular controversy.
In Brief