OpenAI has acquired Astral, a startup whose essential Python development tools are used by millions. This strategic move aims ...

OpenAI has acquired Astral, the company behind Python tools uv and Ruff, to integrate them into its Codex platform as it competes with Anthropic's Claude Code.

Florida is home to some of the most unique ecosystems in the United States, from the vast wetlands of the Everglades to ...

AdamW: A standard optimizer used to train deep learning models. Muon: A newer optimizer that Netflix found performs better ...

编辑｜冷猫这是一件极其严肃的软件安全事件。今天，Karpathy 发长推文警告全部开发者注意，GitHub 超过 4 万星，月下载量达 9700 万次的 Python 库 LiteLLM 在 PyPI 上被投毒。首先提请各位开发者检查自己的 LiteLLM 版本 ，含有恶意代码的版本号为 1.82.7 和 ...

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...

最新上传的LiteLLMPython 版本1.82.7和1.82.8，已被人为恶意植入信息窃取程序。 一旦安装，SSH密钥、AWS凭证和API密钥等数据均会立即泄漏。 目前LiteLLM的维护者Krrish Dholakia，已经公开证实此事。 在恶意版本存在三小时后，PyPI迅速发现了这一漏洞，并将软件包隔离。但LiteLLM每天下载量约为340万次，许多自动安装新版本的程序员已经遭殃。 社区迅 ...

The open-source project maps directly to OWASP’s top 10 agentic AI threats, aiming to curb issues like prompt injection, ...

OpenAI unveils its “Child Safety Blueprint” to combat rising AI-generated abuse, focusing on stronger laws, reporting systems, and safety-by-design.

如果你是一名 Python 开发者，对 pip install命令肯定很熟悉——这是最常用的套件安装指令，可用来从 PyPI 或其它来源安装、升级与管理套件。 但就在 3 月 24 日，这个看似无害的动作，差点变成一场席卷整个开源生态的安全灾难：出问题的是 AI 开发圈中使用非常广泛的 Python 库 LiteLLM，它在 PyPI 上发布的两个版本（1.82.7 和 1.82.8）被发现包含恶 ...

The PyTorch Foundation also welcomed Safetensors as a PyTorch Foundation-hosted project. Developed and maintained by Hugging ...