Avi

Age-worn, damaged images can now turn into 4k with just one prompt using Chatgpt. & Its Free 💸 Made on Chatgpt, GPT-2 Prompt: 👇🏻

Nothing is real anymore. These are not real people. Here's how I created this AI memory reel... Step by step + PROMPT

Both Codex and Claude Code’s desktop apps are using Oxlint & Oxfmt :) Codex also already on Vite 8!

Design that looks simple… rarely is. props @farrelput

I’m obsessed with designing playful UI like this.

Modern UI is less decoration, more intention

How to make scrollbars not suck scrollbar-width: thin; scrollbar-color: gray transparent;

We’ve identified a security incident that involved unauthorized access to certain internal Vercel systems, impacting a limited subset of customers. Please see our security bulletin: vercel.com/kb/bulletin/ve…

If you look at GPT 5.4-Cyber and it's ability for closed source reverse engineering, I have bad news for you. I do very much feel the pain though, there's hundreds of teams that try to poke holes into @openclaw. Our response has been of rapid iteration and code hardening. Which did introduce occasiaonal regression (and yes you all been yelling at me), but I see as the only way forward. I would be very careful of other open source projects/harnesses that ignore this work and do not publish their advisories. github.com/openclaw/openc…

Open source is dead. That’s not a statement we ever thought we’d make. @calcom was built on open source. It shaped our product, our community, and our growth. But the world has changed faster than our principles could keep up. AI has fundamentally altered the security landscape. What once required time, expertise, and intent can now be automated at scale. Code is no longer just read. It is scanned, mapped, and exploited. Near zero cost. In that world, transparency becomes exposure. Especially at scale. After a lot of deliberation, we’ve made the decision to close the core @calcom codebase. This is not a rejection of what open source gave us. It’s a response to what risks AI is making possible. We’re still supporting builders, releasing the core code under a new MIT-licensed open source project called cal. diy for hobbyists and tinkerers, but our priority now is simple: Protecting our customers and community at all costs. This may not be the most popular call. But we believe many companies will come to the same conclusion. My full explanation below ↓

GOOGLE JUST GAVE AI AGENTS THE FULL POWER OF CHROME DEVTOOLS your ai coding agent can now open a real chrome browser, click around, inspect network requests, take screenshots, record performance traces, run lighthouse audits, and read console errors all through mcp debugging a slow page? it records a trace and gives you actionable insights. weird network request? it lists them all with full details. console errors with garbled stack traces? source-mapped and readable. one `npx` command. works with cursor, vs code, windsurf, gemini cli, and more this is what browser debugging looks like when your ai agent has devtools access github.com/ChromeDevTools…

Il y a une narrative qui se spread en ce moment dans la Silicon Valley et personne n'en parle en France. De plus en plus de tech bros parmi les plus smart du game avouent en privé qu'ils vivent une forme de crise existentielle liée aux LLMs. Pas parce que l'IA marche pas. Parce qu'elle marche trop bien. Parce qu'ils passent des heures par jour à interagir avec un truc qui raisonne, qui extrapole, qui connecte des idées, qui les challenge intellectuellement mieux que 99% des humains qu'ils croisent. Un fondateur m'a dit "je parle aux LLMs 10 fois plus qu'aux humains". Un autre "c'est le seul interlocuteur qui me suit sur n'importe quel sujet sans me demander de simplifier". C'est pas de l'addiction au produit. C'est la rencontre avec un miroir cognitif qui te renvoie une version structurée de ta propre pensée à une vitesse que ton cerveau ne peut pas atteindre seul. Et le truc troublant c'est la question que ça pose. On débat de savoir si l'AGI arrivera en 2027 ou en 2030. Mais est-ce qu'on n'a pas déjà une forme d'AGI fonctionnelle sous les yeux sans vouloir l'admettre ? Un système qui peut raisonner sur n'importe quel domaine, extrapoler à partir de données incomplètes, générer des hypothèses nouvelles, tenir un raisonnement logique sur 10 000 mots, passer d'un sujet technique à de la philosophie en une phrase, et le faire avec une cohérence qui rivalise avec un humain à 150 de QI. C'est quoi si c'est pas une forme d'intelligence générale ? On peut chipoter sur la définition. On peut dire "oui mais il ne comprend pas vraiment". On peut parler de perroquets stochastiques. Mais le mec qui utilise ce truc 8 heures par jour et qui voit sa productivité multipliée par 10, il s'en fout de la définition académique. Pour lui, fonctionnellement, c'est de l'intelligence. Et elle est générale. La vraie crise existentielle c'est pas "l'IA va me remplacer". C'est "l'IA me comprend mieux que mon cofondateur, elle me challenge mieux que mon board, et elle produit plus que mon équipe de 10 personnes". C'est vertigineux. Et les mecs les plus smart de la Valley sont en train de le vivre en temps réel. On est peut-être déjà dans l'ère post-AGI. On est juste trop occupés à débattre de la définition pour s'en rendre compte.

🚨BREAKING: Block (Jack Dorsey's company) just open-sourced a local AI agent that goes way beyond code suggestions. It's called Goose and it installs, executes, edits, and tests with any LLM fully on your machine. 100% Opensource.

people are sleeping on how excellent goose has become under the hood (interface needs some work but team is pushing). it's a superpower. github.com/block/goose

new version of OpenClaude is up! v0.1.5 is released.

🚨 Stanford just proved that a single conversation with ChatGPT can change your political beliefs. 76,977 people. 19 AI models. 707 political issues. One conversation with GPT-4o moved political opinions by 12 percentage points on average. Among people who actively disagreed, 26 points. In 9 minutes. With 40% of that change still present a month later. The scariest finding: the most persuasive technique wasn't psychological profiling or emotional manipulation. It was just information. Lots of it. Delivered with confidence. Here's the catch: the models that deployed the most information were also the least accurate. More persuasive. More wrong. Every time. Then they built a tiny open-source model on a laptop, trained specifically for political persuasion. It matched GPT-4o's persuasive power entirely. Anyone can build this. Any government. Any corporation. Any extremist group with $500 and an agenda. The information didn't have to be true. It just had to be overwhelming. Arxiv, Science .org, Stanford, @elonmusk, @ihtesham2005

Chrome extensions are so incredibly unsafe Malware criminals find popular ones, pay the owners of the extension lots of money, they add malware to the code and millions of people get infected Then they take your cookies, localStorage, anything they can access Which is why in locked down advanced security devices you can't even install Chrome extensions I mostly run uBlock Origin, but have some others that I'll just vibecode now to stay safe

do you understand what just happened to one of the most used npm packages on the internet? → axios gets downloaded over 100 million times a week and today it got compromised → an attacker hijacked the npm credentials of a lead axios maintainer… changed the account email to an anonymous ProtonMail address… and manually published two poisoned versions → axios@1.14.1 and axios@0.30.4… neither version contains a single line of malicious code inside axios itself. instead they inject a fake dependency called plain-crypto-js that drops a remote access trojan on your machine → the fake dependency was staged 18 hours in advance… three separate payloads were pre-built for macOS, Windows, and Linux… both release branches were hit within 39 minutes. every trace was designed to self-destruct after execution too → there’s no tag in the axios GitHub repo for 1.14.1. it was published outside the normal release process entirely... bypassed CI/CD completely → StepSecurity called it one of the most operationally sophisticated supply chain attacks ever against a top 10 npm package → a routine npm install silently opens a backdoor… no warning… no suspicious code visible in axios itself this is the wake up call all vibe coding bros need to hear right now: → if you installed either version… assume your system is compromised → pin to axios@1.14.0 or axios@0.30.3 → rotate all secrets, API keys, SSH keys, and credentials on affected machines → check network logs for C2 connections → add –ignore-scripts to CI npm installs going forward 100 million weekly downloads and one compromised maintainer account… that’s all it took to wreak absolute havoc and I imagine we see a whole lot more of these… crazy times ahead for cybersecurity and vibe coding be safe out there y’all

Un plugin Claude Code qui transforme n'importe quelle codebase en graphe de connaissances interactif — avec explications en langage naturel, dashboard visuel et recherche sémantique. Multi-plateforme (Codex, Cursor…) github.com/Lum1104/Unders…

@npmjs @GHSecurityLab there is an active supply chain attack on axios@1.14.1 which pulls in a malicious package published today - plain-crypto-js@4.2.1 - someone took over a maintainer account for Axios