LEO R

LISTENING IN: Privacy Researcher Finds Anthropic’s Claude Desktop App Installs Undisclosed Native Messaging Bridge DO YOU HEAR ME NOW? A detailed technical analysis published by privacy and security researcher Alexander Hanff has raised serious concerns about Anthropic’s Claude Desktop application for macOS. Hanff, whose work is frequently referenced by Chief Privacy Officers and cybersecurity professionals, discovered the issue while auditing Native Messaging helpers on his own MacBook. According to the blog post, installing the Claude Desktop app automatically deploys a Native Messaging manifest file named com.anthropic.claude_browser_extension.json into the support directories of multiple Chromium-based browsers. This occurs even for browsers the user has never installed or does not use! The manifest file references a local binary located inside the Claude.app bundle at /Applications/Claude.app/Contents/Helpers/chrome-native-host. This binary functions as a bridge that allows pre-authorized browser extensions to communicate directly with the Claude Desktop app outside the browser’s sandbox, operating at full user privilege level via standard input/output. Key technical findings include: •The bridge pre-authorizes three specific Chrome extension IDs. •It is designed to remain dormant until activated by one of those extensions. •The manifest files are automatically recreated every time the Claude Desktop app launches, making permanent removal difficult. •Installation activity is logged in ~/Library/Logs/Claude/main.log, with timestamps confirming the files were written regardless of whether the browsers were present or supported. Hanff notes that the silent installation without user disclosure or consent is the central issue. Privacy, Security, and Potential Legal Implications. Corporations should not only note this but assume this is taking place. The researcher characterizes the behavior as “pre-installed spyware capability” for several reasons: •No clear notification or opt-in is provided to users during installation. •The process modifies configuration files across multiple browser vendors and creates directories for non-existent browsers. •Once active, the bridge could potentially expose authenticated web sessions (e.g., banking, email, or health portals), read decrypted page content, or enable automation. •The generic naming and automatic re-creation obscure the mechanism, resembling “dark patterns.” Hanff further contends that the practice may violate Article 5(3) of the EU’s ePrivacy Directive, which requires explicit consent before storing or accessing information on a user’s device. In response, he has issued a formal Cease and Desist letter to Anthropic, demanding that the company update the app to require explicit user opt-in (for example, only after the corresponding Chrome extension is installed) within 72 hours, or face further legal action. This revelation highlights ongoing challenges in the AI industry as companies develop increasingly “agentic” tools that require deep system and browser access. While such technical bridges are sometimes necessary for advanced functionality, transparency, documentation, and user control are considered essential by privacy advocates. Anthropic as expected has not issued a public statement addressing the specific allegations. Users who have installed Claude Desktop on macOS are advised be sure they like this idea. I sure don’t. 
Alexander Hanff’s full technical analysis: thatprivacyguy.com/blog/anthropic…

Introducing Grok Voice Think Fast 1.0 A state-of-the-art voice model built for complex, multi-step workflows with snappy responses and high accuracy. It takes the top spot on the Tau Voice Bench and handles real-world messiness like noise, accents, and interruptions better than any other model in the world. x.ai/news/grok-voic…

If you want to learn game development fundamentals, here's a fun course for you. You'll build your own 2D pixel art tower defense game using the popular Unity game dev framework. Along the way, you'll set up 2D tilemap levels, animate pixel-art characters, build towers, and spawn enemy waves. freecodecamp.org/news/create-a-…

Advanced AI agents don’t just respond. They plan, reason, act, and adapt over multiple steps. In this video tutorial, you'll use Cerebras to build voice agents, deep research tools, multi-agent workflows, and more. freecodecamp.org/news/how-to-bu…

OPENAI 🚨: GPT-5.5 AND GPT-5.5 PRO HAVE BEEN SPOTTED ON OPENROUTER! - gpt-5.5-20260423 - gpt-5.5-pro-20260423 Soon 👀

Interactive charts and diagrams are now in Claude Cowork. Available in beta on all paid plans.

Why is no one talking about this? @nvidia is offering around 80 AI models via hosted APIs absolutely for free. You get access to MiniMax M2.7, GLM 5.1, Kimi 2.5, DeepSeek 3.2, GPT-OSS-120B, Sarvam-M etc. This plugs straight into OpenClaude, OpenCode, Zed IDE, Hermes agent and even with Cursor IDE. Setup: – Grab API key: build.nvidia.com/models – base_url = "integrate.api.nvidia.com/v1" – api_key = "$NVIDIA_API_KEY" – select model (e.g. minimaxai/minimax-m2.7) If you’re building or experimenting, this is basically free inference. Lock in and start building today anon. Thank me later.

GPT-Image-2 is insanely good at making brand kits. You can give it a URL or a logo + color guide, and it will pull together everything for you. I think it’s fun to ask for some swag, too 😉

@BlendiByl @fal And its also available on lookmybio.com thanks to @fal 😌❤️

To celebrate GPT Image 2 launching on @fal, I've made some BIG improvements to the sprite sheet creator! What's new: → GPT Image 2 support (low/medium/high quality) → Sprite size sliders to fix scale without regenerating → Map size + position sliders for quick alignment fixes Full side-scroller flow on GPT Image 2 low ≈ $0.08

SpaceXAI and @cursor_ai are now working closely together to create the world’s best coding and knowledge work AI. The combination of Cursor’s leading product and distribution to expert software engineers with SpaceX’s million H100 equivalent Colossus training supercomputer will allow us to build the world’s most useful models. Cursor has also given SpaceX the right to acquire Cursor later this year for $60 billion or pay $10 billion for our work together.

Introducing ChatGPT Images 2.0 A state-of-the-art image model that can take on complex visual tasks and produce precise, immediately usable visuals, with sharper editing, richer layouts, and thinking-level intelligence. Video made with ChatGPT Images

CS50 is launching a new-and-improved course — CS50’s Introduction to 2D Game Development, or simply CS50 2D! This course, previously known as CS50 Games, picks up where CS50x leaves off and lets you explore the design and mechanics of such childhood games as Pong, Flappy Bird, Breakout, Match 3, Super Mario Bros., Legend of Zelda, Angry Birds, and Pokémon in a quest to understand how video games more broadly are implemented. The lectures will air on YouTube every day, starting on Tuesday, April 21, at 9am EDT. To take the course for a certificate, register at cs50.edx.org/2d. And for now — a word of introduction from Professor @davidjmalan and CS50’s own Colton Ogden! youtu.be/4oaN94oOdTM

Mike Stonebraker is a Turing award winner famous for his fundamental contributions to databases (e.g. Postgres, C-Store and much more). I interviewed him recently about: • The story behind Postgres & the hardest technical challenge in building it • Where he disagreed with Google's technical decisions • Future problems in databases • Literature recommendations to learn databases • Why LLMs score 0% on his text-SQL benchmark • What if you replaced all state in an OS with a DB Timestamps: 0:00 - Intro 1:03 - How he got into databases 6:43 - Competing with Oracle 9:07 - What made Postgres special 15:55 - One size fits none 21:37 - Why he disagreed with Google 29:14 - Why he chose academia over big tech 30:58 - Replacing state in an OS with a DB 42:02 - Future problems in databases 51:36 - Technical book recommendations to learn databases 52:20 - Advice for younger self 55:52 - Outro Where to watch: • YouTube: youtu.be/YPObBOwIrHk • Spotify: open.spotify.com/episode/1zxBGj… • Apple Podcasts: podcasts.apple.com/us/podcast/the… • Transcript: developing.dev/p/turing-award…

The 10 Best Doctors in the World 1. Sun ☀️ 2. Sleep 😴 3. Great Sex 💕 4. Exercise 🏋️‍♂️ 5. Good Diet 🥗 6. Water 💧 7. Air 🌬️ 8. Laughter 😂 9. Friends 👥 10. Gratitude 🙏

Someone just built a Claude Code for electronics. It's called Blueprint. Type what you want to build and it generates wiring diagrams, bills of materials, and step-by-step assembly guides for your Arduino or Raspberry Pi project. 100% Free.

Check out github.com/unclebob/swarm…. I forked this from my son Justin and modified it a lot. This is a neat little agent control system based on tmux. It is really cool to see the agents talk to each other, give each other tasks, and manage their individual git worktrees and merge each others changes. I sometimes just sit back in awe as the agents do massive amounts of work, write hundreds of tests, build gherkins, refactor based on crap and mutate tests. All under my watchful eye.

Nossa, eu tive esse mesmo problema recentemente. Eu gosto de usar uma CLI que chama beads, e como se fosse um linear local, mas só com CLI. O opus 4.7 fica querendo jogar algumas tasks pra outros beads de follow-up, mesmo sendo correções simples. Ai tenho que ficar pedindo pra ele largar de ser vagabundo e fazer tudo num PR só. Geralmente isso acontece depois de completar uma task, aí geralmente rodo algumas skills de code-review, e ele fica querendo jogar pra frente.

You might think graphs are just something you learned about in math class - but they're everywhere. Think Google Maps, friend connections on social media, visualizing Git branches, etc. In this guide, @b_eautifulchaos explains how we use graphs in real-world systems, different types of graphs, how to traverse them, & more. freecodecamp.org/news/a-beginne…