Ephraim Batambuze

Software horror: litellm PyPI supply chain attack. Simple `pip install litellm` was enough to exfiltrate SSH keys, AWS/GCP/Azure creds, Kubernetes configs, git credentials, env vars (all your API keys), shell history, crypto wallets, SSL private keys, CI/CD secrets, database passwords. LiteLLM itself has 97 million downloads per month which is already terrible, but much worse, the contagion spreads to any project that depends on litellm. For example, if you did `pip install dspy` (which depended on litellm>=1.64.0), you'd also be pwnd. Same for any other large project that depended on litellm. Afaict the poisoned version was up for only less than ~1 hour. The attack had a bug which led to its discovery - Callum McMahon was using an MCP plugin inside Cursor that pulled in litellm as a transitive dependency. When litellm 1.82.8 installed, their machine ran out of RAM and crashed. So if the attacker didn't vibe code this attack it could have been undetected for many days or weeks. Supply chain attacks like this are basically the scariest thing imaginable in modern software. Every time you install any depedency you could be pulling in a poisoned package anywhere deep inside its entire depedency tree. This is especially risky with large projects that might have lots and lots of dependencies. The credentials that do get stolen in each attack can then be used to take over more accounts and compromise more packages. Classical software engineering would have you believe that dependencies are good (we're building pyramids from bricks), but imo this has to be re-evaluated, and it's why I've been so growingly averse to them, preferring to use LLMs to "yoink" functionality when it's simple enough and possible.

Is this confidence or recklessness? I hope this video doesn’t cross to Naija. We aren’t ready for their banter.

Total number of new cars sold in Nigeria in 2025 less than 25k. SA sold over 500k new cars for context. So yeah.

It's time to admit that we need public mass transportation for the city. But it woukd mean people that set up car wash bays, petrol stations, car bonds & other services to profit will have to lose or redirect investment. I'll give you a few guesses if they'll let that happen.

FOR YEARS IN YEARS OUT, I HAVE BEEN WAITING FOR SOMEONE WITH AN INNOVATIVE IDEA FOR KILLING TRAFFIC JAMS IN AND AROUND BUT WE ALL SEEM TO BE CLUELESS. ​1). 🚨 📌 Look at the roads over the last week; it is a total disaster that we have brought upon ourselves. We all remember the day when one person "sat on the road" and blocked the whole Masaka-Kampala highway, but what is happening now is much worse because the blockage is everywhere. Every road leading in and out of the city is like a graveyard of unmoving cars, and nobody can move even an inch. This is not just a small delay; it is a complete heart attack for our city’s movement because our roads cannot handle this madness. When a whole city of millions of people can be stopped completely just because it is a Monday - Friday morning, it means our system is broken and we are all trapped in a big metallic cage. ​2). 🚨📌 The timing of this terrible traffic reveals a very simple and stupid truth: the "schools opening" is what is killing our movement. The moment schools open their gates, the roads are suddenly flooded with every old car that has been hiding in a garage for months. We are seeing a situation where every parent thinks they must drive their child right to the school door in a private car, even if it makes a short trip take 40 minutes or 2 hours. The political campaigns are finished and the rallies are gone, yet the traffic is worse than ever before. This proves that our traffic nightmare is caused by people who choose their own small comfort over the movement of the entire country. ​3). 🚨📌 My idea has been proven right by this mess: most people in Uganda only buy cars to act as private school buses for their children. People are literally pulling old vehicles out of the dusty garages, starting engines that barely work, just to join this daily line of cars that go nowhere. This means there is a huge "ghost fleet" of cars that only comes out to choke the roads when school starts and then hides away during the holidays. The smell of burning fuel and the loud noise of thousands of idling engines is the proof of our failure. Because we refuse to use organized Rapid Transport Bus systems which investors have proposed, we have turned our high-speed roads into giant parking lots where even ambulances cannot pass. ​4). 🚨📌 The result of everyone bringing their garage cars onto the road is that we are all losing money and getting tired before the workday even starts. We are wasting expensive fuel and losing time that should be spent working, all because "dropping the kids" has become a reason to stop the whole economy. This is a big red light showing us that our way of living cannot continue like this. If a simple school term starting can make a whole capital city fail to move, then the system is already dead. We are being strangled by our own cars—the same cars we bought to help us move have now become the heavy chains that keep us stuck in the mud.

BREAKING: Forbes 2025 30 Under 30 honoree Gokce Guven, who founded fintech startup Kalder, now faces up to 52 years in prison for an alleged $7 million fraud