Daily curated AI insights you can't miss.
ShinyHunters Zero-Day Oracle PeopleSoft Campaign

Mandiant's detailed breakdown of ShinyHunters' zero-day exploit against Oracle PeopleSoft reveals how attackers used MeshCentral agents and SSH credential spraying to breach educational institutions. Immediate endpoint blocking and log auditing are critical defenses.
Profiling in PyTorch (Part 2): From nn.Linear to a Fused MLP
The article traces the journey from a single nn.Linear to a fused MLP, showing that torch.compile fuses GeLU and multiplication into one Triton kernel while leaving the three cuBLAS GEMMs untouched. It then introduces hand-tuned Liger kernels that achieve the same fusion without compile latency or shape specialization, trading a few microseconds of peak performance for robustness across changing input sizes.
Chinese-Language PhaaS: Real-Time Interception and Digital Wallet Exploitation

Chinese-language PhaaS operators have moved from static password harvesting to real-time interception of OTPs and digital wallet tokenization, enabling direct financial control. Using encrypted channels like RCS and iMessage, along with AI-generated pages, they bypass traditional defenses. Defenders must adopt FIDO2/WebAuthn and risk-based verification during wallet provisioning.
Running Reachy Mini’s voice pipeline fully offline with speech-to-speech
This article walks through running a full speech-to-speech pipeline locally for the Reachy Mini robot, replacing cloud dependencies with a cascaded stack of Silero VAD, Parakeet STT, a local LLM via llama.cpp or vLLM, and Qwen3 TTS. It covers the practical tradeoffs between latency, privacy, and model quality that matter when deploying a voice agent on your own hardware.