Claude Code, Cowork and Codex #6: Claude Code Auto Mode and Full Cowork Computer Use
Whatever else you think about Anthropic’s agentic coding department, they ship.
Lire
/
War and AI, the death of Sora, and 3 ways you can catch me live today
With apologies for the short notice, a few quick announcements:
Lire
Liminal - A full Laravel playground in your browser
Liminal - A full Laravel playground in your browser
A static, free, and open-source Laravel playground that runs entirely in the browser! Comes with a sqlite db, artisan commands, two-way file syncing, github imports, and more. Read more
Lire
Spotting and Avoiding ROT in Your Agentic AI
Spotting and Avoiding ROT in Your Agentic AI
The following article originally appeared on Q McCallum’s blog and is being republished here with the author’s permission. Generative AI agents and rogue traders pose similar insider threats to their employers. Specifically, we can expect companies to deploy agentic AI with broad reach and insufficient oversight. That creates the conditions for a particular flavor of […]
Lire
★ What's new in laravel-activitylog v5
★ What's new in laravel-activitylog v5
We just released v5 of laravel-activitylog, our package for logging user activity and model events in Laravel. In Flare, Mailcoach, and Oh Dear we use it to build audit logs, so we can track what users are doing: who changed a setting, who deleted a project, who invited a team member. If you need something similar in your app, this package makes it easy. This major release requires PHP 8.4+ and Laravel 12+, and brings a cleaner API, a better database schema, and customizable internals. Let me…
Lire
Welcoming Matt Stauffer to The PHP Foundation Board
We are thrilled to announce that Matt Stauffer has agreed to join The PHP Foundation Board, where he will bring his decades of experience in the PHP ecosystem. Matt joins the Board as a community representative and was voted in by the existing Board members. Not only is Matt a Laravel expert, he has created / maintained dozens of PHP and JavaScript open source packages, he is a published author, and he hosts several successful industry podcasts. We are grateful for his insight, input, and…
Lire
Auto mode for Claude Code
Auto mode for Claude Code
Auto mode for Claude Code Really interesting new development in Claude Code today as an alternative to --dangerously-skip-permissions: Today, we're introducing auto mode, a new permissions mode in Claude Code where Claude makes permission decisions on your behalf, with safeguards monitoring actions before they run. Those safeguards appear to be implemented using Claude Sonnet 4.6, as described in the documentation: Before each action runs, a separate classifier model reviews the conversation…
Lire
How to Build an OS for Your AI Workforce?
An OS layer to manage a fleet of AI agents!
Lire
Package Managers Need to Cool Down
Package Managers Need to Cool Down
Package Managers Need to Cool Down Today's LiteLLM supply chain attack inspired me to revisit the idea of dependency cooldowns, the practice of only installing updated dependencies once they've been out in the wild for a few days to give the community a chance to spot if they've been subverted in some way. This recent piece (March 4th) piece by Andrew Nesbitt reviews the current state of dependency cooldown mechanisms across different packaging tools. It's surprisingly well supported! There's…
Lire
Quoting Christopher Mims
Quoting Christopher Mims
I really think "give AI total control of my computer and therefore my entire life" is going to look so foolish in retrospect that everyone who went for this is going to look as dumb as Jimmy Fallon holding up a picture of his Bored Ape — Christopher Mims, Technology columnist at The Wall Street Journal Tags: ai, security
Lire
5 Malicious npm Packages Typosquat Solana and Ethereum Libraries to Steal Private Keys
Socket's Threat Research Team identified five malicious npm packages published under the account galedonovan, all targeting cryptocurrency developers. Each package typosquats a legitimate crypto library and exfiltrates private keys to a single hardcoded Telegram bot. The campaign covers both the Solana and Ethereum ecosystems, and the C2 infrastructure was confirmed active as of March 23, 2026. One of the packages, base_xd, was published by the same account but was unpublished within five…
Lire
TeamPCP Is Systematically Targeting Security Tools Across the OSS Ecosystem
TeamPCP is escalating a coordinated campaign targeting security tools and open source developer infrastructure, and is now openly taking credit for multiple follow-on attacks across ecosystems. In recent Telegram posts, the group has claimed responsibility for expanding beyond the initial Trivy compromise, pointing to attacks on GitHub Actions, OpenVSX extensions, and now PyPI. The latest development includes attacks on Checkmarx' KICS scanner and OpenVSX extensions and a trojanized release of…
Lire
Malicious litellm_init.pth in litellm 1.82.8 — credential stealer
Malicious litellm_init.pth in litellm 1.82.8 — credential stealer
Malicious litellm_init.pth in litellm 1.82.8 — credential stealer The LiteLLM v1.82.8 package published to PyPI was compromised with a particularly nasty credential stealer hidden in base64 in a litellm_init.pth file, which means installing the package is enough to trigger it even without running import litellm. (1.82.7 had the exploit as well but it was in the proxy/proxy_server.py file so the package had to be imported for it to take effect.) This issue has a very detailed description of what…
Lire
Book Review: Open Socrates (Part 2)
Yesterday I posted Part 1. Read that first. This is Part 2 of 2.
Lire
Rethinking our frontend future at Spatie
Rethinking our frontend future at Spatie
Nick wrote about how native browser features like the dialog element, the Popover API, and anchor positioning could eventually replace much of what we use shadcn and Radix for at Spatie today. A thoughtful look at where the web platform is heading and what it means for our frontend stack. Read more
Lire
Claude Code, Cowork and Codex #6: Claude Code Auto Mode and Full Cowork Computer Use
Don't Worry About the Vase •
Liminal - A full Laravel playground in your browser
Spotting and Avoiding ROT in Your Agentic AI
★ What's new in laravel-activitylog v5
Auto mode for Claude Code
Package Managers Need to Cool Down
Quoting Christopher Mims
Malicious litellm_init.pth in litellm 1.82.8 — credential stealer
Malicious litellm_init.pth in litellm 1.82.8 — credential stealer
Simon Willison's Weblog •
Rethinking our frontend future at Spatie
Claude Code, Cowork and Codex #6: Claude Code Auto Mode and Full Cowork Computer Use
War and AI, the death of Sora, and 3 ways you can catch me live today
Liminal - A full Laravel playground in your browser
Spotting and Avoiding ROT in Your Agentic AI
★ What's new in laravel-activitylog v5
Welcoming Matt Stauffer to The PHP Foundation Board
Auto mode for Claude Code
How to Build an OS for Your AI Workforce?
Package Managers Need to Cool Down
Quoting Christopher Mims
5 Malicious npm Packages Typosquat Solana and Ethereum Libraries to Steal Private Keys
TeamPCP Is Systematically Targeting Security Tools Across the OSS Ecosystem
Malicious litellm_init.pth in litellm 1.82.8 — credential stealer
Book Review: Open Socrates (Part 2)
Rethinking our frontend future at Spatie
Aucun résultat
Essayez avec d'autres termes de recherche.