Sabitlenmiş Tweet
We just won the 3rd Prize ! Thank u @EUyouthPrize
Congrats to @YELtweets team and to all those who have contributed to #yec16
#ECYP2016
English
KJ
14.1K posts
KJ
@Magikaaa
AI & Art | Utopian | Part-Time Philosopher 👽 Spread the art. Spread the love.
🌍 Katılım Şubat 2014
3K Takip Edilen1.2K Takipçiler
@KaleidoJosh @FinanceLancelot The forced friendliness doesn't bother me as much as the overbearing guardrails. It’s the moralizing that’s the issue. having a machine act as a gatekeeper for thought and creativity is inherently patronizing.
English
@Magikaaa @FinanceLancelot they can restore the old models with the push of a button. It's still on business / enterprise GPTs. the model is well and alive.
English
BREAKING: OpenAI announces it will discontinue public access to Sora and is removing video features in ChatGPT.
Sam Altman is reportedly running out of funding to keep their data center running.
Financelot@FinanceLancelot
Did Sam Altman commit the biggest theft in world history? Elon Musk finally got revenge today by bringing SpaceX into xAI. All investment liquidity will be redirected away from OpenAI into xAI, leaving Sam with nothing A 5D chess move to destroy Sam & Elon made the final blow🔥
English
KJ retweetledi
🚨 Andrej Karpathy just explained the scariest thing happening in software right now..
someone poisoned a Python package that gets 97 million downloads a month.. and a simple pip install was enough to steal everything on your machine..
SSH keys.. AWS credentials.. crypto wallets.. database passwords.. git credentials.. shell history.. SSL private keys.. everything..
and here's the part that should terrify every developer alive..
the attack was only discovered because the attacker wrote sloppy code.. the malware used so much RAM that it crashed someone's computer.. if the attacker had been better at coding.. nobody would have noticed for weeks..
one developer.. using Cursor with an MCP plugin.. had litellm pulled in as a dependency they didn't even know about.. their machine crashed.. and that crash saved thousands of companies from getting their entire infrastructure stolen..
Karpathy's take is the real wake up call.. every time you install any package you're trusting every single dependency in its tree.. and any one of them could be poisoned..
vibe coding saved us this time.. the attacker vibe coded the attack and it was too sloppy to work quietly.. next time they won't make that mistake.
Andrej Karpathy@karpathy
Software horror: litellm PyPI supply chain attack. Simple `pip install litellm` was enough to exfiltrate SSH keys, AWS/GCP/Azure creds, Kubernetes configs, git credentials, env vars (all your API keys), shell history, crypto wallets, SSL private keys, CI/CD secrets, database passwords. LiteLLM itself has 97 million downloads per month which is already terrible, but much worse, the contagion spreads to any project that depends on litellm. For example, if you did `pip install dspy` (which depended on litellm>=1.64.0), you'd also be pwnd. Same for any other large project that depended on litellm. Afaict the poisoned version was up for only less than ~1 hour. The attack had a bug which led to its discovery - Callum McMahon was using an MCP plugin inside Cursor that pulled in litellm as a transitive dependency. When litellm 1.82.8 installed, their machine ran out of RAM and crashed. So if the attacker didn't vibe code this attack it could have been undetected for many days or weeks. Supply chain attacks like this are basically the scariest thing imaginable in modern software. Every time you install any depedency you could be pulling in a poisoned package anywhere deep inside its entire depedency tree. This is especially risky with large projects that might have lots and lots of dependencies. The credentials that do get stolen in each attack can then be used to take over more accounts and compromise more packages. Classical software engineering would have you believe that dependencies are good (we're building pyramids from bricks), but imo this has to be re-evaluated, and it's why I've been so growingly averse to them, preferring to use LLMs to "yoink" functionality when it's simple enough and possible.
English
KJ retweetledi
Software horror: litellm PyPI supply chain attack.
Simple `pip install litellm` was enough to exfiltrate SSH keys, AWS/GCP/Azure creds, Kubernetes configs, git credentials, env vars (all your API keys), shell history, crypto wallets, SSL private keys, CI/CD secrets, database passwords.
LiteLLM itself has 97 million downloads per month which is already terrible, but much worse, the contagion spreads to any project that depends on litellm. For example, if you did `pip install dspy` (which depended on litellm>=1.64.0), you'd also be pwnd. Same for any other large project that depended on litellm.
Afaict the poisoned version was up for only less than ~1 hour. The attack had a bug which led to its discovery - Callum McMahon was using an MCP plugin inside Cursor that pulled in litellm as a transitive dependency. When litellm 1.82.8 installed, their machine ran out of RAM and crashed. So if the attacker didn't vibe code this attack it could have been undetected for many days or weeks.
Supply chain attacks like this are basically the scariest thing imaginable in modern software. Every time you install any depedency you could be pulling in a poisoned package anywhere deep inside its entire depedency tree. This is especially risky with large projects that might have lots and lots of dependencies. The credentials that do get stolen in each attack can then be used to take over more accounts and compromise more packages.
Classical software engineering would have you believe that dependencies are good (we're building pyramids from bricks), but imo this has to be re-evaluated, and it's why I've been so growingly averse to them, preferring to use LLMs to "yoink" functionality when it's simple enough and possible.
Daniel Hnyk@hnykda
LiteLLM HAS BEEN COMPROMISED, DO NOT UPDATE. We just discovered that LiteLLM pypi release 1.82.8. It has been compromised, it contains litellm_init.pth with base64 encoded instructions to send all the credentials it can find to remote server + self-replicate. link below
English
KJ retweetledi
i think openclaw is the most overhyped thing since nfts
English
🚨 BREAKING: Disney’s $1B OpenAI deal DEAD after Sora shutdown
december 2025:
>disney invests $1 billion in openai
>licenses 200+ characters for sora
>3-year exclusive deal
>disney+ would stream sora-generated videos
>“the future of storytelling”
march 2026:
>openai kills sora
wtf happens to Disney now??
Sam Altman@sama
Really happy to be working with Disney to bring some magic to Sora and image gen! Disney is the best storytelling company in the world, and our users really, really want to generate content with their characters.
English
KJ retweetledi
et ils passent leur temps productif a monter des dossiers pour chopper des financements étatiques.
J'ai 100000000000000000 fois plus de respect pour Kevin, apprenti maçon qui dix ans plus tard réussi a faire tourner son entreprise de maçonnerie taille de pierres, avec 10 ouvriers qualifiés qu'il paye correctement.
Lui c'est un entrepreneur
Kim Noël ⚡ 📖@KimNoel399
On dirait que @BetterCallMedhi s'est lâché sur Reddit : la réalité derrière les startups en France.
Français
KJ retweetledi
KJ retweetledi
Don’t forget to support people trying strange new things. They won’t forget that you did.
English
KJ retweetledi
C’est pire que ça
Vous venez de réalisé que les foundeurs sont des fils à papa qui entreprennent
Genre ils ont eu des facilités dans la vie donc ils ont des bases solides (éducation, argent, réseau) pour réussi
Et un jour il ont une idée, il la développe, et il réussissent
Mais c’est pire que ça lol
C’est les fonds d’investissement eux même qui donne l’idée et l’argent au entrepreneur que vous idolâtrer lol
C’est les fonds qui donne le projet clee en main au privilègié avec le story telling, l’idée, et même les clients (qui viennent du même fond)
Tu prends une succes story, les 100 premiers clients c’est des boites du même fond
On vous vent l’histoire de la réussite individuelle en marque blanche
Les CEO qui les incarnent sont des gestionnaires qui récite un texte c’est tout
Kim Noël ⚡ 📖@KimNoel399
On dirait que @BetterCallMedhi s'est lâché sur Reddit : la réalité derrière les startups en France.
Français
KJ retweetledi
Le drame de la "French Tech" c'est que les startups sont noyautées par des ex écoles de commerce. J'ai fait l'erreur d'avoir des cofondateurs comme ça, qui ne savaient pas mettre à jour leur iPhone tout seul mais qui m'expliquaient que le bouton il fallait le mettre à gauche comme dans l'appli concurrente (avec x100 la team d'ingés) avec une UI custom qui aurait pris des semaines à faire.
Des mecs qui te vendent leur stock options comme s'ils te donnaient de l'or en barre.
Des cofondateurs qui me font signer des pouvoirs pour signer une AG de levée sans me dire que mes parts passent factuellement à 0%.
Des mecs qui revendent leur boite et les employés ne touchent rien, mais eux facturent bien grassement un "conseil" à l'acheteur, en dehors du deal d'achat.
Des mecs qui vendent leur boite moins cher que mes impôts annuels, puis qui se gargarisent sur LinkedIn de cette super opération, et passent Entrepreneur in residence dans un VC pour donner de (super) conseils aux fondateurs suivants.
Des mecs qui me disent un mois après avoir signé une vente que non non, cette vente est liée au fait que je passe 6 mois de plus dans une boite du groupe qui n'a rien à voir, dans le nord de Paris avec des cubicles des années 80, sinon je ne touche rien.
Je pourrais écrire des livres là dessus.
@siliconcarnesf
Kim Noël ⚡ 📖@KimNoel399
On dirait que @BetterCallMedhi s'est lâché sur Reddit : la réalité derrière les startups en France.
Français
KJ retweetledi
On dirait que @BetterCallMedhi s'est lâché sur Reddit : la réalité derrière les startups en France.
Français
KJ retweetledi
why don't they hook claude straight into my brain
Polymarket@Polymarket
JUST IN: Anthropic releases new feature giving Claude control of its users’ mouse, keyboard, and screen.
English
They do. In Parisian metros,this happens A LOT.
Shibetoshi Nakamoto@BillyM2k
i wish people would burst out into song every once in a while like we were in a musical
English
KJ retweetledi
Introducing: PlayerZero
The world's first Engineering World Model that puts debugging, fixing, and testing your code on autopilot.
We've raised $20M from Foundation Capital, @matei_zaharia (Databricks), @pbailis (Workday), @rauchg (Vercel), @zoink (Figma), @drewhouston (Dropbox), and more
PlayerZero frees up 30% of your engineering bandwidth by:
1. Finding the root cause for bugs & incidents in minutes that engineering teams take days to identify.
2. Predicting in minutes, edge case issues that a 300-person QA team would take weeks to find.
------
Here's why this matters:
No one in your org has a complete picture of how your production software actually behaves.
Support sees tickets. SRE sees infra. Dev sees code. Each team builds their own fragmented view - and none of these systems talk to each other. When something breaks, everyone scrambles to stitch the picture together by hand.
PlayerZero connects all of it into a single context graph -
→ The Slack thread where your lead said "we went with X because Y fell apart in prod last time"
→ The PR review where an engineer explained the tradeoff
→ The lifetime history of your CI/CD pipeline, observability stack, incidents, and support tickets
So you can trace any problem to its root cause across every silo.
And it compounds. Every incident diagnosed teaches the model something new. The longer it runs, the deeper it understands - which code paths are high-risk, which configurations are fragile, which changes tend to break which customer flows.
So when you sit down to debug a live issue, you have your entire org's collective reasoning and production memory behind you - instantly.
------
Zuora, Georgia-Pacific, and Nylas have reduced resolution time by 90% and caught 95% of breaking changes and freeing an average of $30M in engineering bandwidth.
------
Our guarantee:
If we can't increase your engineering bandwidth by at least 20% within one week, we'll donate $10,000 to an open-source project of your choice.
Book a demo - bit.ly/3NlLMeN
English
"La gauche fait la Pau à Bayrou" c’est pas compliqué de faire un bon tweet purée
Victoire Populaire 2027 🔴🟣🟢@NupesNews
🔴⚠️ LA GAUCHE BAT BAYROU À PAU, ENORME SURPRISE !
Français
KJ retweetledi
On l'appelle 007
0 mairies de gagnées
0 mairies de préservées
7 invitations télé/radio par jour
France Inter Presse@inter_presse
Ce lundi, dans la #Grandematinale de @franceinter, À 7h50, Raphaël Glucksmann, député européen Place Publique sera l'invité de Benjamin Duhamel.
Français