JoReBal

Microsoft is investigating a new, emerging Mini Shai-Hulud npm supply chain attack targeting antv packages. Attackers compromised an antv maintainer account and published malicious versions of multiple widely used packages (for example, antv/g2). As these packages are widely used as dependencies, the compromise propagated into downstream libraries like echarts-for-react, impacting a much broader set of applications and continuous integration (CI) environments. All compromised packages contain a byte-identical, obfuscated credential-stealing payload delivered via a preinstall hook (Bun). The malware targets high-value secrets including: - GitHub personal access tokens (PATs) and OpenID Connect (OIDC) tokens - npm / Amazon Web Service (AWS) credentials and Security Token Service (STS) sessions - Secure Shell (SSH) keys, kubeconfigs, and .env / .npmrc files - Software-as-a-service (SaaS) tokens (Slack, Stripe, Vault) Exfiltration occurs over HTTPS with Transport Layer Security (TLS) validation disabled. The payload also abuses stolen OIDC tokens to forge Supply-chain Levels for Software Artifacts (SLSA) provenance and propagate malicious releases, exhibiting worm-like behavior across repositories. Malicious files distributed through npm packages are detected by Microsoft Defender as Trojan:AIGen/NPMStealer , "Suspicious Node.js process behavior", or “Credential access attempt”, preventing credential theft and malicious post-install execution. Mitigation: - Audit dependencies for affected antv and related packages; pin or downgrade to known-good versions (pre-2025-05-18). - Revoke and rotate exposed credentials (GitHub, npm, cloud tokens, SSH keys). - Validate integrity of CI pipelines and recent build artifacts. - Network IOC: Stolen credentials are exfiltrated over HTTPS to t.m-kosche[.]com:443. Block at egress and review network logs for outbound connections.

Mathematician Terence Tao offers a counterintuitive take: AI doesn't look intelligent because our definition of intelligence was wrong all along. He argues that the entire history of AI has followed a predictable pattern: "The history of AI has been here's a task that only humans can do, like maybe it is read natural language or win at chess or solve a math problem, and then one by one someone finds some AI algorithm that also does that." But every time a machine cracks one of these "uniquely human" tasks, we move the goalposts. The solution never feels like real thinking: "You look at how it's done and it doesn't feel like intelligence. It's, oh, it was some trick. You just cobbled together these neural networks and you ran some algorithm, and we were looking for some elusive intelligent way of thinking, and we don't see it in the tools that actually solve our goals." Tao then flips the problem on its head. What if the issue isn't with the machines, but with us? "But maybe it's actually because intelligence is not what we think it is." He points to large language models as the clearest case. What they do sounds almost embarrassingly simple: "Large language models in particular become very successful, and a lot of what they're doing is just predicting the next token, clicking the next word in a sentence. And that doesn't sound like something which is intelligent." To show why this feels wrong, Tao draws a comparison to how we'd judge a human doing the same thing: "If you ask someone to improvise a speech and they have no preparation, and at every moment they're just saying the next word that comes to their mind, you don't think that this could actually work." And yet it works for LLMs. Which forces an uncomfortable possibility: "Maybe that's actually a lot of what humans do as well."

Local AI is about to be competitive. I will do everything in my power to make it better than Claude desktop/claude code by end of year.