K // Andrea Kregar

New course: Spec-Driven Development with Coding Agents, built in partnership with @jetbrains, and taught by @paulweveritt. Vibe coding is fast, but often produces code that doesn't match what you asked for. This short course teaches you spec-driven development: write a detailed spec defining what to build, and work with your coding agent to implement it. Many of the best developers already build this way. A spec lets you control large code changes with a few words, preserve context across agent sessions, and stay in control as your project grows in complexity. Skills you'll gain: - Write a detailed specification to define your mission, tech stack, and roadmap, giving your agent the context it needs from the start - Plan, implement, and validate features in iterative loops using a spec as your agent's guide - Apply the same repeatable workflow to both new and legacy codebases - Package your workflow into a portable agent skill that works across agents and IDEs Join and write specs that keep your coding agent on track! deeplearning.ai/short-courses/…

Anthropic adds Novartis CEO to board wsj.com/tech/ai/anthro…

@Steve8708 Builder

Announcing Builder 2.0 We raised $67M to build collaborative coding for Claude and Codex - Start tasks from a local branch, Slack or Jira - Real-time collab between humans and agents - 100s of parallel agents code, test, review Reply "Builder" and I'll DM you 500 agent credits

Se volete essere più sereni... (e magari anche un filo più svegli) Ascoltate un po' meno il frastuono dei TG e dei social - quel jukebox impazzito che passa sempre la Stessa canzone... solo con titoli diversi. E aprite qualche libro in più. Sì, lo so... non vibra, non notifica, non urla "ULTIM'ORA!!!" ogni tre minuti. Però - strano a dirsi - fa pensare. E ogni tanto... fa pure capire. È meno rumoroso, ma molto più pericoloso. Leggere non vi renderà perfetti... ma almeno un po' meno telecomandati. E già quello, oggi, è rock. #pensierodelgiorno #vascolive

We’re excited to announce today that @mastra has raised a $22M Series A led by Spark Capital. This brings our total capital raised to $35M:

Introducing RubberDuck in Copilot CLI: a new builtin subagent for cross model family escalations. Sonnet will now proactively solicit input from GPT 5.4 and vice versa. In our most difficult benchmark subsets, this results in a massive 5% improvement in resolution rates

Copilot CLI now supports BYOK and local models! We have users running fully offline in air gapped environments.

Github Copilot CLI is the most underrated agentic coding tool out there, especially if you like using subagents. Being able to launch a fleet of subagents with whatever frontier models you like + this not costing extra credits has completely changed my workflow

We just launched a free, open-source course on GitHub Copilot CLI. Learn how to ship faster with AI powered command line workflows—context, custom agents, skills, MCP servers, and more. Hands on. Practical. Built for devs. Check it out: github.com/github/copilot…

Marc Andreessen: Software isn't precious anymore. In this new world, high quality software is infinitely available. "We've always lived in a world in which software is this precious thing that you have to think about very carefully." "It was really hard to generate good software, and there was only a small number of people who could do it." "Those days are just over." "If you need new software to do X, Y, or Z, you're just going to wave your hand and get it." "Things that used to be hard, or even seem like an insurmountable mountain to get through, all of a sudden, I think, become very easy." @pmarca with @latentspacepod

Starting tomorrow at 12pm PT, Claude subscriptions will no longer cover usage on third-party tools like OpenClaw. You can still use these tools with your Claude login via extra usage bundles (now available at a discount), or with a Claude API key.

The Copilot SDK is now in public preview, enabling you to embed Copilot’s AI capabilities into your apps, workflows, and platform services. • Supports Node.js, Python, Go,.NET, and Java github.blog/changelog/2026…

Lovable is part of the Enterprise Tech 30. This recognition reflects a shift in how companies think about building: by giving the people closest to the problem the power to build the solution. We created Lovable for that world. Glad the enterprise is ready for it.

@lastknight Precog... Ma a parte le citazioni cinematografiche, un altro bel passo verso iperpersonalizzazione e iperinstradamento verso propri servizi e nel rassicurante 'sentirsi dire quello che si vuol sentire' che sarà sempre più persuasivo.

State capiendo il potenziale, vero?

📌 Update: There are emerging claims of mass credential exfiltration: reports from @IntCyberDigest and @vxunderground cite ~300GB of credentials exfiltrated and ~500,000 stolen via the LiteLLM compromise alone. Our post has been updated with the latest details:

Software horror: litellm PyPI supply chain attack. Simple `pip install litellm` was enough to exfiltrate SSH keys, AWS/GCP/Azure creds, Kubernetes configs, git credentials, env vars (all your API keys), shell history, crypto wallets, SSL private keys, CI/CD secrets, database passwords. LiteLLM itself has 97 million downloads per month which is already terrible, but much worse, the contagion spreads to any project that depends on litellm. For example, if you did `pip install dspy` (which depended on litellm>=1.64.0), you'd also be pwnd. Same for any other large project that depended on litellm. Afaict the poisoned version was up for only less than ~1 hour. The attack had a bug which led to its discovery - Callum McMahon was using an MCP plugin inside Cursor that pulled in litellm as a transitive dependency. When litellm 1.82.8 installed, their machine ran out of RAM and crashed. So if the attacker didn't vibe code this attack it could have been undetected for many days or weeks. Supply chain attacks like this are basically the scariest thing imaginable in modern software. Every time you install any depedency you could be pulling in a poisoned package anywhere deep inside its entire depedency tree. This is especially risky with large projects that might have lots and lots of dependencies. The credentials that do get stolen in each attack can then be used to take over more accounts and compromise more packages. Classical software engineering would have you believe that dependencies are good (we're building pyramids from bricks), but imo this has to be re-evaluated, and it's why I've been so growingly averse to them, preferring to use LLMs to "yoink" functionality when it's simple enough and possible.

It was an honor to hang out with Jensen Huang, CEO of @nvidia, and do a long-form podcast with him. Really fun & fascinating technical deep-dive conversation on & off the mic. One of the most brilliant & thoughtful human beings I've ever met. NVIDIA is the most valuable company in the world by market cap and is the engine powering the AI revolution. Podcast probably out tomorrow (Monday) unless I get stuck in too many interesting conversations while running around in SF ;-) PS: I haven't checked my messages in days. Sorry for slow replies 🙏 Trying to stay deeply focused at in overwhelmingly intense time & barely hanging on. Love you all ❤️

Excellent news story based on Socket research socket.dev/blog/trivy-und…

Introducing the new @stitchbygoogle, Google’s vibe design platform that transforms natural language into high-fidelity designs in one seamless flow. 🎨Create with a smarter design agent: Describe a new business concept or app vision and see it take shape on an AI-native canvas. ⚡️ Iterate quickly: Stitch screens together into interactive prototypes and manage your brand with a portable design system. 🎤 Collaborate with voice: Use hands-free voice interactions to update layouts and explore new variations in real-time. Try it now (Age 18+ only. Currently available in English and in countries where Gemini is supported.) → stitch.withgoogle.com

Thank you Jensen and NVIDIA! She’s a real beauty! I was told I’d be getting a secret gift, with a hint that it requires 20 amps. (So I knew it had to be good). She’ll make for a beautiful, spacious home for my Dobby the House Elf claw, among lots of other tinkering, thank you!!