Animikh Aich

Did a complete redesign of my website. Proud of this one. Have a look. animikh.me

We are excited to announce that Sarvam is partnering with @PixxelSpace to power the AI backbone of India's first orbital data centre satellite. This is a first for the country, with India-built AI models running on an India-built satellite and both training and inference happening directly in orbit, without any dependence on foreign cloud or ground infrastructure.

LiteLLM HAS BEEN COMPROMISED, DO NOT UPDATE. We just discovered that LiteLLM pypi release 1.82.8. It has been compromised, it contains litellm_init.pth with base64 encoded instructions to send all the credentials it can find to remote server + self-replicate. link below

Software horror: litellm PyPI supply chain attack. Simple `pip install litellm` was enough to exfiltrate SSH keys, AWS/GCP/Azure creds, Kubernetes configs, git credentials, env vars (all your API keys), shell history, crypto wallets, SSL private keys, CI/CD secrets, database passwords. LiteLLM itself has 97 million downloads per month which is already terrible, but much worse, the contagion spreads to any project that depends on litellm. For example, if you did `pip install dspy` (which depended on litellm>=1.64.0), you'd also be pwnd. Same for any other large project that depended on litellm. Afaict the poisoned version was up for only less than ~1 hour. The attack had a bug which led to its discovery - Callum McMahon was using an MCP plugin inside Cursor that pulled in litellm as a transitive dependency. When litellm 1.82.8 installed, their machine ran out of RAM and crashed. So if the attacker didn't vibe code this attack it could have been undetected for many days or weeks. Supply chain attacks like this are basically the scariest thing imaginable in modern software. Every time you install any depedency you could be pulling in a poisoned package anywhere deep inside its entire depedency tree. This is especially risky with large projects that might have lots and lots of dependencies. The credentials that do get stolen in each attack can then be used to take over more accounts and compromise more packages. Classical software engineering would have you believe that dependencies are good (we're building pyramids from bricks), but imo this has to be re-evaluated, and it's why I've been so growingly averse to them, preferring to use LLMs to "yoink" functionality when it's simple enough and possible.

@kingofknowwhere @dodopayments time to shine.

Day 69 of regretting being born in India.

Tech guy in Australia adopts a rescue dog. Dog has aggressive cancer. Months to live. Instead of accepting it, he spends $3,000 to sequence the tumor DNA. No biology degree. No lab. Feeds the data into ChatGPT and AlphaFold. Identifies mutated proteins. Matches drug targets. Designs a custom mRNA cancer vaccine. From scratch. A genomics professor reads it and is gobsmacked that a random dog owner did this. The hardest part? Ethics approval. Red tape takes longer than building the vaccine. Three months later it’s approved. First injection. Tumor shrinks. Dog’s coat becomes glossy again. Dog is alive and happy. Now the obvious question: If one guy with a laptop can do this for a dog… why aren’t we doing this for humans? One person. $3,000. Two AI tools. Just outperformed a process that normally takes pharma companies years. We’re about to cure a lot of diseases.

this is insane. just toggle this button and any coding agent can use your browser > no more Chrome extensions > One button, connect Claude Code to your browser all you need is the right harness... try it with the Browser Use CLI right now!

I packaged up the "autoresearch" project into a new self-contained minimal repo if people would like to play over the weekend. It's basically nanochat LLM training core stripped down to a single-GPU, one file version of ~630 lines of code, then: - the human iterates on the prompt (.md) - the AI agent iterates on the training code (.py) The goal is to engineer your agents to make the fastest research progress indefinitely and without any of your own involvement. In the image, every dot is a complete LLM training run that lasts exactly 5 minutes. The agent works in an autonomous loop on a git feature branch and accumulates git commits to the training script as it finds better settings (of lower validation loss by the end) of the neural network architecture, the optimizer, all the hyperparameters, etc. You can imagine comparing the research progress of different prompts, different agents, etc. github.com/karpathy/autor… Part code, part sci-fi, and a pinch of psychosis :)

While waiting for DeepSeek V4 we got two very strong open-weight LLMs from India yesterday. There are two size flavors, Sarvam 30B and Sarvam 105B model (both reasoning models). Interestingly, the smaller 30B model uses “classic” Grouped Query Attention (GQA), whereas the larger 105B variant switched to DeepSeek-style Multi-Head Latent Attention (MLA). As I wrote about in my analyses before, both are popular attention variants to reduce KV cache size (the longer the context, the more you save compared to regular attention). MLA is more complicated to implement, but it can give you better modeling performance if we go by the ablation studies in the 2024 DeepSeek V2 paper (as far as I know, this is still the most recent apples-to-apples comparison). Speaking of modeling performance, the 105B model is on par with LLMs of similar size: gpt-oss 120B and Qwen3-Next (80B). Sarvam is better on some tasks and worse on others, but roughly the same on average. It’s not the strongest coder in SWE-Bench Verified terms, but it is surprisingly good at agentic reasoning and task completion (Tau2). It’s even better than Deepseek R1 0528. Considering the smaller Sarvam 30B, the perhaps most comparable model to the 30B model is Nemotron 3 Nano 30B, which is slightly ahead in coding per SWE-Bench Verified and agentic reasoning (Tau2) but slightly worse in some other aspects (Live Code Bench v6, BrowseComp). Unfortunately, Qwen3-30B-A3B is missing in the benchmarks, which is, as far as I know, is the most popular model of that size class. Interestingly, though, the Sarvam team compared their 30B model to Qwen3-30B-A3B on a computational performance analysis, where they found that Sarvam gets 20-40% more tokens/sec throughput compared to Qwen3 due to code and kernel optimizations. Anyways, one thing that is not captured by the benchmarks above is Sarvam’s good performance on Indian languages. According to a judge model, the Sarvam team found that their model is preferred 90% of the time compared to others when it comes to Indian texts. (Since they built and trained the tokenizer from scratch as well, Sarvam also comes with a 4 times higher token efficiency on Indian languages.

🚨 If you Google “install Claude Code” right now, the top result is malware. Attackers are buying Google Ads for fake Claude Code installers targeting developers. 🤯

@CalmInvestor @1Password Switch to @Bitwarden

No thank you @1Password I’ll forget my passwords the old fashioned way.

🖥Super excited to see Desktop mode finally launch! With the release of Android 16 QPR3 today, connected display support has reached general availability. This means you don't need to flip a Developer option to enable it - just connect a compatible Android device to an external display via USB-C, and you'll get a desktop-like multitasking experience! It's one of many new awesome features in the latest Android release, but it's one I've been looking forward to a ton. Can't wait to see its evolution!

Gemini 3.1 Flash-Lite has landed. It’s our most cost-efficient Gemini 3 series model yet, built for intelligence at scale. Here’s what’s new 🧵

@waitin4agi_ I'm building an intelligent home surveillance system using a combination of doorbell cameras and other sensors. The goal is to have it process everything locally and notify user of certain events, along with cloud backup of redacted data for privacy. A Jetson is the next step.

Giving away an extra jetson orin nano. Comment what you need it for and especially if you’re mid project and need it I’ll DM you if I like what you’re building and it’s yours.

NSO India unveils the MCP Server for eSankhyiki, enabling seamless integration of official statistics with AI tools. Users can now connect directly to seven official datasets like PLFS, CPI, ASI, IIP, NAS & more through this beta version . Faster insights and smarter analysis through seamless access. 🔗 datainnovation.mospi.gov.in/mospi-mcp #AIReadyData #OpenGovernmentData #DigitalIndia #ViksitBharatBudget @PMOIndia @Rao_InderjitS @_saurabhgarg @PIB_India @PibMospi @mygovindia @NITIAayog

Depends on your perspective. Neither is it free labor, nor is it exploitation. She's paying for the services she's expecting. So this is fair. The Snabbit person is getting paid for the work she's doing as well. Nothing wrong with being rich and spending it to buy time/peace. If you've earned it, you deserve to spend it.

Indian elites make my blood boil more than anything.

@AbhinavXJ If you like this, then you'd love @opencode

I love the open source community

Ever wonder what happened to hyperloop in India? Now that tech is being adapted and refined to move shipping containers for port automation.

A major reason (not the main one) why I quit my job is that after busting my ass for 7 years I got 3/5 during a performance review. Not because I wanted a raise/bonus/promotion. Not because I was unsatisfied with the job. Because of a fucking number on a PDF that they didn't want to give me. Imagine being so mindbogglingly retarted that you're willing to piss off your best talent over a number on a PDF.

Wall-E is the future.

@elonmusk Has anyone watched Wall-E? That.

True