AI

The BSDs in the AI Age (lists.nycbug.org) AI

The post proposes an NYC*BUG summer presentation and discussion thread on how AI and LLM tools are affecting work and security practices, including their impact on BSD operating systems and developers. It asks contributors about current LLM usage for everyday productivity, whether BSD projects should adopt explicit LLM-related policies (citing NetBSD’s commit guidance and credential-related CVE concerns), and how BSD teams and individuals might use LLMs for tasks like code discovery or vulnerability research.

Show HN: Can an AI model fit on a single pixel? (github.com) AI

Show HN shares an open-source project, ai-pixel, that trains a tiny single-neuron binary classifier and then encodes its learned weights into the RGB values of a downloadable 1x1 PNG. The demo lets users place training points, run gradient descent, and later load the “pixel model” to make predictions. The article emphasizes it’s an educational compression experiment with predictable limits (e.g., it can’t learn XOR or other non-linearly separable patterns).

Claude Is Dead (javiertordable.com) AI

The article argues that Anthropic’s Claude Code has been “nerfed” through cost-cutting changes—leading to faster rate-limit/token drain and reduced reliability for complex coding—prompting developers to complain publicly and switch to other tools or local models.

Hallucinated citations are polluting the scientific literature (nature.com) AI

Nature reports that large language models are increasingly generating fabricated or untraceable “hallucinated” references that have appeared in thousands of 2025 papers. An analysis of more than 4,000 publications found that many had invalid citations, and manual checks confirmed that 65 of the most suspicious papers contained at least one reference that could not be verified. The article also describes publisher screening efforts and the difficulty of deciding how to handle problems once such citations make it into the published record.

LLM scraper bots are overloading acme.com's HTTPS server (acme.com) AI

After intermittent outages in February–March, the ACME Updates author traced the issue to HTTPS traffic being overwhelmed by LLM scraper bots requesting many non-existent pages. When they temporarily closed port 443, the outages stopped, suggesting the slow HTTPS server and downstream congestion/NAT saturation were contributing. The author notes the same bot behavior is affecting other hobbyist sites and says a longer-term fix is needed.

New York Times Got Played by a Telehealth Scam and Called It the Future of AI (techdirt.com) AI

The article argues that a recent New York Times profile of Medvi, an “AI-powered” telehealth startup, relied on misleading framing—such as treating a projected revenue run-rate as a “$1.8 billion” valuation—while failing to report serious red flags. It claims Medvi’s marketing used deceptive tactics including AI-generated or deepfaked images and false credibility signals, and it notes regulatory scrutiny, including an FDA warning letter, plus lawsuits involving the company and partners. The author concludes the Times story elevated a narrative of AI-enabled entrepreneurship that doesn’t hold up under basic verification.

OpenAI says its new model GPT-2 is too dangerous to release (2019) (slate.com) AI

Slate reports that OpenAI withheld the full GPT-2 text-generation model, citing safety and security risks such as spam, impersonation, and fake news, while releasing only a smaller version. The article profiles GPT-2’s apparent capabilities and reviews expert skepticism that the danger may be overstated or that an embargo can meaningfully slow dissemination. It uses the controversy to highlight a broader debate over how to balance beneficial research and applications against the potential for misuse.

Ralph for Beginners (blog.engora.com) AI

The Engora Data Blog post explains how “Ralph” automates code generation by breaking a project into small, testable requirements from a product requirements document, regenerating code until each requirement’s acceptance criteria passes. It walks through setup (installing a codegen CLI, obtaining an LLM “skills” file, using git), converting a Markdown PRD into a JSON requirement list, and running a loop script that applies changes to the codebase and records pass/fail status without human intervention. The author cautions that results depend heavily on how thorough the up-front PRD is and notes that API costs and some rough setup/reporting still make experimentation nontrivial.

GLM-5.1 matches Opus 4.6 in agentic performance, at ~1/3 actual cost (app.uniclaw.ai) AI

The article reports benchmark results from OpenClaw Arena showing that GLM-5.1 achieves similar agentic performance to Opus 4.6 while using about one-third of the actual cost, highlighting a better cost-performance tradeoff. It also notes that some “provisional” models may have limited battle data and changing statistics as more results come in.

Larger and more instructable language models become less reliable (pmc.ncbi.nlm.nih.gov) AI

The article reports that as large language models have been scaled up and “shaped” with instruction tuning and human feedback, they have become less reliably aligned with human expectations. In particular, models increasingly produce plausible-sounding but wrong answers, including on difficult questions that human supervisors may miss, even though the models show improved stability to minor rephrasings. The authors argue that AI design needs a stronger focus on predictable error behavior, especially for high-stakes use.

We need re-learn what AI agent development tools are in 2026 (blog.n8n.io) AI

The article argues that by 2026 many core “AI agent builder” capabilities—like document grounding, evaluations integrations, and built-in web/file/tool features—have become table stakes via mainstream LLM products. It proposes updating agent development evaluation frameworks to focus more on enterprise-readiness (security, observability, access controls, sandboxing, reliability) and on how agents can operate deterministically within controlled workflows while still allowing safe autonomy like spawning sub-agents. The author also notes shifting emphasis away from MCP-style interoperability after security concerns, and suggests reassessing how coding agents should be evaluated versus their role inside broader automation pipelines.

AI Assistance Reduces Persistence and Hurts Independent Performance (arxiv.org) AI

A paper on arXiv reports results from randomized trials (N=1,222) showing that brief AI help can reduce people’s persistence and impair how well they perform when working without assistance. Across tasks like math reasoning and reading comprehension, participants who used AI performed better in the short term but were more likely to give up and did worse afterward without the system. The authors argue that expecting immediate answers from AI may limit the experience of working through difficulty, suggesting AI design should emphasize long-term learning scaffolds, not just instant responses.

What we learned about TEE security from auditing WhatsApp's Private Inference (blog.trailofbits.com) AI

Trail of Bits reports findings from an audit of Meta’s WhatsApp “Private Inference,” which uses TEEs to run AI message summarization without exposing plaintext to Meta. The review found 28 issues, including high-severity problems that could undermine the privacy model, and describes fixes focused on correctly measuring and validating inputs, verifying firmware patch levels, and ensuring attestations can’t be replayed. The authors argue TEEs can support privacy-preserving AI features, but security depends on many deployment details—such as input validation, attestation freshness, and negative testing—not just the underlying TEE isolation.

Show HN: Gemma 4 Multimodal Fine-Tuner for Apple Silicon (github.com) AI

The GitHub project “gemma-tuner-multimodal” describes a PyTorch/LoRA fine-tuning toolkit for Gemma 4 and Gemma 3n that targets multimodal data (text, images, and audio) on Apple Silicon using MPS/Metal, without requiring NVIDIA GPUs. It supports local CSV-based training (with streaming from cloud stores mentioned as an option) and exports fine-tuned adapters for use with HF/SafeTensors and related inference tooling. The repo also includes a CLI “wizard” for configuring datasets and launching training, plus installation guidance including a separate dependency path for Gemma 4.

College instructor turns to typewriters to curb AI-written work (apnews.com) AI

An instructor is requiring students to write assignments on typewriters to discourage the use of AI tools that can generate text, arguing that the method reduces AI-written cheating.

Wait Out AI's Super-Spending False Start (bloomberg.com) AI

Bloomberg discusses how AI-related spending has seen an early, uneven push, and suggests investors may need to wait for more durable signals of where money is actually working.

Testing suggests Google's AI Overviews tells lies per hour (arstechnica.com) AI

A test analysis (via Oumi) that benchmarks Google’s AI Overviews against thousands of fact-checkable questions found it answers correctly about 90% of the time, implying large numbers of incorrect summaries across all searches. Examples cited include confident factual errors about dates and institutions. Google disputes the benchmark’s relevance, saying the test includes problematic questions and that it uses different models per query to improve accuracy.

Assessing Claude Mythos Preview's cybersecurity capabilities (red.anthropic.com) AI

Anthropic says its Claude Mythos Preview model shows “next-generation” strength in cybersecurity research, including finding and exploiting zero-day vulnerabilities across major operating systems and browsers. In testing under Project Glasswing, the company reports Mythos Preview can construct complex exploits (including sandbox-escaping and privilege-escalation chains) and turn known or newly discovered vulnerabilities into working attacks. The post details their evaluation approach and notes that most reported findings remain unpatched, so they provide limited disclosure while urging coordinated defensive action from the industry.

System Card: Claude Mythos Preview [pdf] (www-cdn.anthropic.com) AI

The PDF “System Card: Claude Mythos Preview” outlines a preview of Claude “Mythos,” describing the system’s intended behavior, safety-related design considerations, and how it should be evaluated or used.

Project Glasswing: Securing critical software for the AI era (anthropic.com) AI

Anthropic and a consortium of major tech, security, and infrastructure companies are launching Project Glasswing to use the company’s frontier model, Claude Mythos Preview, for defensive cybersecurity. The initiative aims to help partners scan critical software for vulnerabilities and speed up patching, while Anthropic shares learnings with the broader industry and supports open-source security efforts. The announcement is driven by concerns that AI models’ coding and vulnerability-exploitation capabilities may soon scale beyond human defenders if not harnessed for protection.

Emotion in AI Is Not Noise – It's Signal (twitter.com) AI

The post argues that emotional signals in AI systems shouldn’t be treated as mere noise, but rather as meaningful information that can improve how models interpret and respond to human behavior.

AI helps add 10k more photos to OldNYC (danvk.org) AI

The developer of the OldNYC photo viewer says AI-assisted geocoding and OCR have helped add 10,000 more historic photos to the site, with more accurate placement and better transcriptions. The update uses OpenAI (GPT-4o) to extract locations from photo descriptions, relies on OpenStreetMap-based datasets instead of Google’s geocoding, and rebuilds OCR with GPT-4o-mini for higher text coverage and accuracy. The post also notes a migration to an open mapping stack to reduce running costs and allow historical map styling, while outlining plans to extract more image information and expand to other collections or cities.

GLM-5.1: Towards Long-Horizon Tasks (z.ai) AI

Zhipu AI’s GLM-5.1 update, described in a blog post, focuses on improving how its model handles long-horizon tasks—work that requires sustained reasoning or planning over many steps—by refining the model and training approach.

Show HN: Finalrun – Spec-driven testing using English and vision for mobile apps (github.com) AI

Finalrun-agent is an AI-driven CLI for testing mobile apps on Android or iOS. Teams write spec-based test steps in repo-local YAML under a .finalrun/ folder, bind sensitive values via workspace .env files, and then run commands like finalrun check, finalrun test, and finalrun suite to produce inspectable local artifacts and reports.

An AI robot in my home (allevato.me) AI

A homeowner describes installing “Mabu,” a door-adjacent AI robot whose voice and actions are driven by an OpenAI-based chatbot, and then working through his unease about the risks. He raises privacy and security concerns common to smart speakers (criminal misuse of recordings, hacking, and data misuse), plus added worry for open-ended LLM conversations involving children. Because the robot is embodied, and because a mobile, connected machine could potentially cause physical harm if compromised, he keeps Mabu in a limited location and records only under tight controls, while anticipating that his concerns may grow as the technology matures.