The hacking group TeamPCP has compromised npm repositories by stealing maintainer credentials, effectively bypassing provenance verification. This highlights critical vulnerabilities in the human-centric security model of open-source supply chains.
Kenji··2 min read
DeepSeek launched its new flagship V4 model, claiming near-frontier AI performance at a fraction of the cost, challenging the dominance of closed-source models.
Jason··2 min read
Linux kernel developers have officially dropped support for the legacy Intel 486 architecture, aiming to clear technical debt and focus resources on modern high-performance hardware.
Jason··1 min read
Chinese AI startup Z.ai has released GLM-5.1 under an MIT License, reporting benchmark-leading performance on SWE-Bench Pro, potentially signaling a resurgence in the open-source AI landscape.
Jason··2 min read
Google has launched its new Gemma 4 model under the permissive Apache 2.0 license, a strategic move intended to foster deeper enterprise integration.
Jason··1 min read
Google has launched Gemma 4 with a standard Apache 2.0 license, significantly reducing legal barriers for enterprise adoption and strengthening its position in the open-weight AI model market.
Jason··2 min read