1 bug, $50k in bounties, a Zendesk backdoor

A 15-year-old bug hunter discovered a vulnerability in Zendesk, a customer service tool used by many Fortune 500 companies, that allowed attackers to read customer support tickets from any company using Zendesk. The bug, which relied on email spoofing, was initially rejected by Zendesk's bug bounty program because it was considered "out of scope." However, the bug hunter was able to escalate the issue and eventually discovered that it could be used to gain access to private Slack workspaces of hundreds of companies.

Read more

Helping wikis move away from Fandom

Weird Gloop is now hosting the official League of Legends Wiki, having moved it from Fandom after working with Riot and the wiki editors. This move is part of a larger effort to help communities and developers take control of their wikis from Fandom and create better alternatives.

Read more

Machines of loving grace: How AI could transform the world for the better

Here's a summary of the text in a couple of sentences:

The author, CEO of Anthropic, believes that the potential benefits of powerful AI are being underestimated and that a world with AI could be fundamentally positive, but he has chosen to focus on the risks due to concerns about leverage, perception, grandiosity, and "sci-fi" baggage. He aims to provide a concrete vision of a positive future with AI, focusing on five areas: biology and physical health, neuroscience and mental health, economic development and poverty, peace and governance, and work and meaning.

Read more

INTELLECT–1: Launching the First Decentralized Training of a 10B Parameter Model

PrimeIntellect is launching INTELLECT-1, a decentralized training run of a 10-billion-parameter model, aiming to bring open-source AGI closer to reality. This is the third step in their masterplan to collaboratively train frontier open foundation models, ensuring AGI is open-source, transparent, and accessible.

Read more

AI Winter Is Coming

Here's a summary of the text in a couple of sentences:

The current AI ecosystem is dominated by "promoters" who spread misinformation and hype about AI capabilities, often for personal gain or to attract attention, rather than "producers" who actually contribute meaningful research and innovation. This phenomenon is fueled by academia's pressure to publish, industry's secrecy around valuable techniques, and the amplification of noise through social media, leading to a distorted view of AI's capabilities and a potential "AI winter" similar to previous tech downturns.

Read more

Machine learning and information theory concepts towards an AI Mathematician

The current state-of-the-art in artificial intelligence excels in language mastery but lags behind in mathematical reasoning, suggesting a gap in its ability to perform system 2 tasks, such as reasoning and uncertainty estimation. This gap may be addressed by developing an AI that can discover new and interesting mathematical conjectures, rather than simply proving existing theorems.

ArXiv

DSPy: Compiling Declarative Language Model Calls into Self-Improving Pipelines

Researchers introduced DSPy, a programming model that abstracts language model pipelines as text transformation graphs, allowing for a more systematic approach to developing and optimizing these pipelines. DSPy enables the creation of parameterized modules that can learn to apply various techniques, resulting in optimized pipelines that outperform standard few-shot prompting and expert-created demonstrations in various tasks.

ArXiv

Understanding the Limitations of Mathematical Reasoning in LLMs

Recent advancements in Large Language Models (LLMs) have raised questions about the reliability of their reported mathematical reasoning capabilities, as their performance on existing benchmarks may be due to memorization rather than genuine reasoning. A new benchmark, GSM-Symbolic, reveals that LLMs are fragile in their mathematical reasoning, with performance declining significantly when numerical values or additional clauses are altered in a question.

ArXiv

ARIA: An Open Multimodal Native Mixture-of-Experts Model

Aria is an open-source, multimodal native AI model that integrates real-world information from various sources, offering a comprehensive understanding. It outperforms existing models and is competitive with proprietary models on various tasks, making it a valuable resource for real-world applications.

ArXiv

Grokking at the edge of linear separability

Researchers studied the generalization properties of binary logistic classification and found that it exhibits "Grokking," a phenomenon of delayed generalization and non-monotonic test loss, especially when training sets are on the verge of linear separability. They also discovered that the model tends to overfit when training data is linearly separable from the origin, but generalizes perfectly asymptotically when it's not separable.

ArXiv

Lm.rs: Minimal CPU LLM inference in Rust with no dependency

The lm.rs project allows running language models locally on a CPU using Rust, supporting various models including Google's Gemma 2 and Meta's Llama 3.2. It also supports multimodal models with the PHI-3.5-vision model.

Repo

Chunkr – Vision model based PDF chunking

Here's a summary of the text in a couple of sentences:

Chunkr, a search engine developed by Lumina, has temporarily switched to Textract for OCR due to issues with PaddleOCR, but users can still choose PaddleOCR for self-deployed tasks. The service is experiencing high loads, affecting throughputs, but the team is working to resolve the issue and improve ingestion speeds.

Repo

DeskPad – A virtual monitor for screen sharing

DeskPad is a virtual monitor for screen sharing that creates a dedicated, easily shareable workspace by mirroring a virtual display within its application window. It can be installed via download or Homebrew and behaves like any other display, allowing users to change the display resolution and interact with the virtual display.

Repo

Show HN: Arch – an intelligent prompt gateway built on Envoy

Arch is an intelligent Layer 7 gateway designed to protect, observe, and personalize generative AI (GenAI) applications with APIs. It handles critical tasks such as detecting and rejecting jailbreak attempts, routing to upstream LLMs, and managing observability in a centralized way.

Repo

Show HN: Airgapped Offline RAG – Run LLMs Locally with Llama, Mistral, & Gemini

Here's a summary of the text in a couple of sentences:

The Airgapped Offline RAG project is a Retrieval-Augmented Generation (RAG) based Question-Answering system for documents that can run locally without internet access. It uses various models, including Llama 3, Mistral, and Gemini, and can be set up and run using Python, Docker, or a virtual environment, with a user interface provided by Streamlit.

Repo