Erixp

Microsoft is investigating mistralai PyPI package v2.4.6 compromise. Attackers injected code in mistralai/client/__init__.py that executes on import, downloads hxxps://83[.]142[.]209[.]194/transformers.pyz to /tmp/transformers.pyz, and launches a second-stage payload on Linux. The file name transformers.pyz appears deliberately chosen to mimic the widely used Hugging Face Transformers library and blend into ML/dev environments. The main payload is a credential stealer, but it also includes country-aware logic; it avoids Russian-language environments and contains a geo fenced destructive branch that has 1-in-6 chance of executing rm -rf / when the system appears to be in Israel or Iran. To mitigate this threat: isolate affected Linux hosts, block 83[.]142[.]209[.]194, hunt for /tmp/transformers.pyz, pgmonitor[.]py, and pgsql-monitor.service, and rotate exposed credentials.

Claude for Excel, PowerPoint, and Word are now generally available, and Claude for Outlook is in public beta. As Claude moves between your Microsoft apps, it carries the full context of your conversation.

Roy Lee (Cluely CEO) goes crazy because people don't take action

GPT-Image-2 VS Nano Banana Prompt: {"image_settings": {"aspect_ratio": "3:4", "resolution": {"width": 1152, "height": 1536}}, "prompt": {"identity_lock": {"reference": "input_photo", "preserve": ["face", "facial proportions", "eye shape", "nose", "lips", "skin tone", "skin texture", "hairline", "overall identity"], "rules": ["no face swap", "no beautify", "no smoothing", "no reshaping", "no AI look"]}, "scene": {"camera_angle": "high-angle downward shot, POV", "composition": "MacBook screen fills most of the frame, thin strip of physical keyboard visible at the bottom", "screen_surface": ["visible RGB pixel grid", "subtle moire effect", "micro dust on glass", "faint fingerprints", "soft ambient reflections"]}, "digital_interface": {"os": "macOS dark mode", "background_app": {"name": "Spotify", "view": "Liked Songs", "visible_tracks": ["Blank Space \u2013 Taylor Swift", "Shake It Off \u2013 Taylor Swift", "Cruel Summer \u2013 Taylor Swift", "Love Story \u2013 Taylor Swift"]}, "foreground_app": {"name": "Photo Booth", "state": "live preview window", "position": "floating, center-right"}}, "photo_booth_content": {"environment": {"room": "dim bedroom", "background": "off-white wall, rumpled bedding", "lighting": "low-light, nocturnal, cool screen glow mixed with warm skin tones"}, "subject": {"pose": "lying down, relaxed, candid", "expression": "natural, slightly relaxed", "outfit": "light-colored tank top", "prop": {"item": "iPhone 15 Pro", "hand": "right hand"}}}, "realism_rules": ["this is a photo of a screen, not a screenshot", "raw smartphone photo look", "natural noise", "imperfect glass", "no studio lighting", "no HD polish"]}, "negative_prompt": ["screenshot", "flat UI", "perfect screen", "clean glass", "studio lighting", "beauty filter", "cartoon", "3d render", "painting", "watermark", "blurred face"]}

Mercedes Compression Ratio may be a red herring Do you remember in 2013/14 when Mercedes were winning everything and the talk of the paddock was their amazing split turbocharger, for which they even won Powertrain Innovation of the Year? We later found out that the real reason for their dominance was their revolutionary (and highly secret) plasma jet ignition system. The advantage was so big that Toto turned the turbo boost down to make it look smaller. Do you remember when Brawn GP had their controversial double diffuser? They had a massive advantage, were accused of cheating and even taken to court. But a lot of the aero advantage on that car actually came from the outwash front wing, which almost nobody was talking about at the time. Now everyone is saying Mercedes are dominant because their car has a higher compression ratio at race temperature, but I’m getting a sense of déjà vu. After all, if compression ratio was the race-winning advantage, all the Mercedes-engined cars should be fastest on the straights.

MASSIVE: 🇩🇪 Germany has announced it's working to send over 700,000 refugees home!

We are currently investigating a security incident involving unauthorized minting of USR. At this stage: The collateral pool remains fully intact. No underlying assets have been lost. The issue appears isolated to USR issuance mechanics. Our immediate priority is to: 1) Contain the incident 2) Assess impact 3) Ensure legitimate users are not affected We are actively investigating and will share more updates shortly.