GitHub is investigating TeamPCP's $50K+ sale of ~4,000 internal repos. Count called 'directionally consistent' by GitHub; file list and the VS Code extension attack vector remain unverified.
40GB+ VRAM for a 3B model. VBench 85.11 beats dedicated 14B video generators. RunPod GPU costs from $2.2/session. The 'unified' model still ships as two checkpoint files.
Tested Hermes Agent x_search on a basic X Premium plan (M4 Mac mini). Docs require Premium+ but the basic tier worked. Covers uvx + OAuth setup, the 8.4s vs 58.4s timing gap, and prompts that never invoke X search.
Chaotic Eclipse's MiniPlasma takes SYSTEM on fully patched Windows 11 May 2026 by re-triggering CVE-2020-17103 in cldflt.sys, the same bug James Forshaw reported in 2020 and Microsoft supposedly fixed that December. Will Dormann confirmed the PoC works; the latest Insider Canary blocks it. No new CVE assigned yet, and the regression sits next to the actively exploited CVE-2025-62221 in the same driver.
Mini Shai-Hulud-class npm hijacks live for 3-12 hours before takedown. pnpm 11.0 ships minimumReleaseAge=1440 (1 day) by default, Yarn 4.10 ships npmMinimalAgeGate=3d, npm v11.10 needs explicit min-release-age. Working .npmrc / pnpm-workspace.yaml / .yarnrc.yml configs and what breaks when ignore-scripts=true (esbuild, sharp, node-gyp, Cypress).
SANS ISC (2026-04-30): a fake Homebrew Google sponsored ad drops MacSync Stealer through a 225-byte zsh that fans out into 1,448- and 2,647-byte stages, fakes a 'System Preferences' osascript dialog, and ships Keychain, browser data, crypto wallets, and `.ssh` to glowmedaesthetics[.]com over plain HTTP. IoCs, detection points, and MITRE ATT&CK mapping included.
Chaotic Eclipse released YellowKey and GreenPlasma PoCs one day after May 2026 Patch Tuesday. A USB-borne FsTx folder plus a Ctrl-key reboot drops cmd.exe inside WinRE on a BitLocker-protected machine. Covers WinRE-only behavior, the CTFMON SYSTEM elevation path, the RedSun silent-patch dispute, and what defenders can actually do while unpatched.
Tested MinishLab/semble on a 1595-md Astro blog: warm bm25 returns symbol definitions in 0.84s, hybrid mode loses `seasonalBanner` to the article corpus.
May 12: TeamPCP open-sourced the Shai-Hulud worm on GitHub. Datadog mapped its module pipeline (Loader/Provider/Collector/Dispatcher/Sender/Mutator) and Claude Code SessionStart hook for persistence. May 15: BreachForums opened a paid attack challenge. Detection notes for the copycat wave.
What to patch, rotate, and grep after OpenClaw 2026.4.22. Walks CVE-2026-44112/44113/44115/44118 as one chain on agent runtime, with detection log fields and 24h/1w response steps.
Why Google added BERT to search in 2019, how MLM training really works (15% mask, 80/10/10, WordPiece), and where encoder-only models still beat LLMs — rerank, classification, and OCR correction.
Khala open-source song generator needs 24GB+ NVIDIA VRAM, ~52GB weights, and still carries a 2026-05-07 quality warning. Notes on the 64-layer RVQ pipeline and generate API.