Krishna Sangeeth

"What is an ocean, but a multitude of drops" youtube.com/watch?v=lxumQY…

Buffer charges $6 per channel. Hootsuite $199 a month. Sprout Social $249 a month. There's an open-source tool that replaces all of them. It's called Postiz. Not a basic scheduler — a full AI-powered social media command center across 25+ platforms from one dashboard. - Schedule posts to X, Instagram, LinkedIn, TikTok, YouTube, Reddit, Threads, Bluesky, Discord, Telegram, and more - AI generates post content and creates images with a built-in Canva-like editor - Full analytics dashboard across every platform - Auto-post, auto-like, auto-comment on engagement milestones - Team collaboration with comment, review, and approve workflows - Full public API - plug into n8n, Make, or Zapier - Self-host on your own server, zero monthly fees forever The wildest part: the self-hosted version has every single feature the paid version has. No feature gating. No premium tier lockout. Everything included. Buffer at $6/channel = $360/year for 5 channels. Hootsuite = $2,388/year. Sprout Social = $2,988/year. Postiz self-hosted = $0. Unlimited channels. Unlimited posts. Unlimited team members. Forever. 28,000 stars on GitHub. Product of the Day, Week, and Month on Product Hunt. AGPL-3.0 licensed. 100% open source.

We built our launch video in Claude Code using HyperFrames. Now it's yours. Open source, agent-native framework. HTML to MP4. $ npx skills add heygen-com/hyperframes RT + Comment "HyperFrames" to get the full source code of this launch video (must follow)

Judging by my tl there is a growing gap in understanding of AI capability. The first issue I think is around recency and tier of use. I think a lot of people tried the free tier of ChatGPT somewhere last year and allowed it to inform their views on AI a little too much. This is a group of reactions laughing at various quirks of the models, hallucinations, etc. Yes I also saw the viral videos of OpenAI's Advanced Voice mode fumbling simple queries like "should I drive or walk to the carwash". The thing is that these free and old/deprecated models don't reflect the capability in the latest round of state of the art agentic models of this year, especially OpenAI Codex and Claude Code. But that brings me to the second issue. Even if people paid $200/month to use the state of the art models, a lot of the capabilities are relatively "peaky" in highly technical areas. Typical queries around search, writing, advice, etc. are *not* the domain that has made the most noticeable and dramatic strides in capability. Partly, this is due to the technical details of reinforcement learning and its use of verifiable rewards. But partly, it's also because these use cases are not sufficiently prioritized by the companies in their hillclimbing because they don't lead to as much $$$ value. The goldmines are elsewhere, and the focus comes along. So that brings me to the second group of people, who *both* 1) pay for and use the state of the art frontier agentic models (OpenAI Codex / Claude Code) and 2) do so professionally in technical domains like programming, math and research. This group of people is subject to the highest amount of "AI Psychosis" because the recent improvements in these domains as of this year have been nothing short of staggering. When you hand a computer terminal to one of these models, you can now watch them melt programming problems that you'd normally expect to take days/weeks of work. It's this second group of people that assigns a much greater gravity to the capabilities, their slope, and various cyber-related repercussions. TLDR the people in these two groups are speaking past each other. It really is simultaneously the case that OpenAI's free and I think slightly orphaned (?) "Advanced Voice Mode" will fumble the dumbest questions in your Instagram's reels and *at the same time*, OpenAI's highest-tier and paid Codex model will go off for 1 hour to coherently restructure an entire code base, or find and exploit vulnerabilities in computer systems. This part really works and has made dramatic strides because 2 properties: 1) these domains offer explicit reward functions that are verifiable meaning they are easily amenable to reinforcement learning training (e.g. unit tests passed yes or no, in contrast to writing, which is much harder to explicitly judge), but also 2) they are a lot more valuable in b2b settings, meaning that the biggest fraction of the team is focused on improving them. So here we are.

North Korean intelligence agents built an entire fake company to compromise one JavaScript developer. And it worked. UNC1069 didn't hack Axios. They befriended its maintainer. They cloned a real company founder's identity, built a branded Slack workspace with fake employee profiles and LinkedIn post channels, then scheduled a Microsoft Teams call with what appeared to be a full team. During the call, a fake error message said his system needed an update. He installed it. That update was the RAT. From one developer's laptop, they had everything: npm credentials, publishing access, the keys to a package installed in 80% of cloud environments. Axios gets 100 million downloads per week. The attackers published two poisoned versions at 12:21 AM UTC on a Sunday night, tagging both the latest and legacy branches within 39 minutes. The malicious dependency had been pre-staged 18 hours earlier with a clean decoy version to build registry history. Three separate RAT payloads were pre-built for macOS, Windows, and Linux. The malware self-deleted after execution to erase forensic evidence. The poisoned versions were live for about three hours before npm pulled them. Huntress observed 135 endpoints across all operating systems calling the attacker's command-and-control server during that window. Wiz found the malicious versions in roughly 3% of environments scanned. Every affected machine needs full credential rotation: npm tokens, AWS keys, SSH keys, CI/CD secrets, everything in .env files. The part that keeps getting worse: this isn't isolated. The same threat cluster compromised Trivy (a security scanner), KICS, LiteLLM, and multiple GitHub Actions in the two weeks before Axios. Google estimates hundreds of thousands of stolen secrets are now circulating from these combined attacks. The maintainer had 2FA enabled. He said himself: "I have 2FA/MFA on practically everything." The exact method of token compromise is still undetermined. One person. One fake Teams call. 100 million weekly downloads weaponized in under three hours. The npm ecosystem runs on mass trust in individual maintainers who volunteer their time, and North Korean intelligence now has a repeatable playbook for turning that trust into a delivery mechanism.

Beautiful .

Very bullish on open source and local models Imagine running near-Opus-level model locally on that $600, 16GB Mac Mini you bought last month This 27B Qwen3.5 distill was trained on Claude 4.6 Opus reasoning traces and is putting up real numbers: - beats Claude Sonnet 4.5 on SWE-bench - keeps 96.91% HumanEval - cuts CoT (chain of thought) bloat by 24% - runs in 4-bit quantization Why this matters: local agent loops get a lot cheaper, faster, and more usable. frontier models aren’t going to keep subsidizing cheap tokens on subscriptions forever 300K+ downloads already on HF Link below 👇🏻 We’re early

github.com/instructkr/cla… README in this repo is like a movie plot.

Got around to sinners quite late, whattay great movie. And this 5 minutes right here is great cinema. youtube.com/watch?v=S7jo5C…

Hey @RevenueCat , would be nice to get user since through sdk.

@chennaipolice_ received a fraud call claiming my “brother” took a loan from Kotak Egmore & I must repay. I have no brother. Caller had my Aadhaar, address & father’s name, spoke in Tamil, very convincing. Ex-Chennai resident (2012–2020). Likely scam targeting Chennai numbers.

LiteLLM HAS BEEN COMPROMISED, DO NOT UPDATE. We just discovered that LiteLLM pypi release 1.82.8. It has been compromised, it contains litellm_init.pth with base64 encoded instructions to send all the credentials it can find to remote server + self-replicate. link below

If you use Xcode, this is how you can clean up the junk. I cleaned 60GB+ recently Here are the commands. rm -rf ~/Library/Developer/Xcode/DerivedData rm -rf ~/Library/Developer/Xcode/iOS\ DeviceSupport rm -rf ~/Library/Developer/Xcode/watchOS\ DeviceSupport rm -rf ~/Library/Developer/CoreSimulator/Caches rm -rf ~/Library/Caches/com.apple.dt.Xcode xcrun simctl delete unavailable You can try the commands that you actually want to delete.

Introducing Unsloth Studio ✨ A new open-source web UI to train and run LLMs. • Run models locally on Mac, Windows, Linux • Train 500+ models 2x faster with 70% less VRAM • Supports GGUF, vision, audio, embedding models • Auto-create datasets from PDF, CSV, DOCX • Self-healing tool calling and code execution • Compare models side by side + export to GGUF GitHub: github.com/unslothai/unsl… Blog and Guide: unsloth.ai/docs/new/studio Available now on Hugging Face, NVIDIA, Docker and Colab.

Song of the day music.amazon.in/albums/B0D3LSV…

Geez i really like codex.

📢 Open-sourcing the Sarvam 30B and 105B models! Trained from scratch with all data, model research and inference optimisation done in-house, these models punch above their weight in most global benchmarks plus excel in Indian languages. Get the weights at Hugging Face and AIKosh. Thanks to the good folks at SGLang for day 0 support, vLLM support coming soon. Links, benchmark scores, examples, and more in our blog - sarvam.ai/blogs/sarvam-3…

Introducing the Google Workspace CLI: github.com/googleworkspac… - built for humans and agents. Google Drive, Gmail, Calendar, and every Workspace API. 40+ agent skills included.

🚨 BREAKING: Someone just rebuilt the entire AI assistant stack in Zig. It's called NullClaw. The binary is 678 KB. It uses ~1 MB of RAM. It boots in under 2 milliseconds. No runtime. No VM. No framework. No garbage collector. Just raw Zig. Here's why this is absurd: → OpenClaw needs a $599 Mac Mini and 1 GB+ RAM → NanoBot needs 100 MB+ RAM and Python → PicoClaw needs 10 MB RAM and Go NullClaw runs on a $5 board with 1 MB of RAM. Same functionality. 0.1% of the resources. Here's what's packed into that 678 KB: → 22+ AI providers (OpenAI, Anthropic, Ollama, DeepSeek, Groq, etc.) → 13 chat channels (Telegram, Discord, Slack, WhatsApp, iMessage, IRC) → 18+ built-in tools → Hybrid vector + keyword memory search → Multi-layer sandboxing (Landlock, Firejail, Docker) → Hardware peripheral support (Arduino, Raspberry Pi, STM32) → MCP, subagents, streaming, voice, the full stack Here's the wildest part: Every subsystem is a vtable interface. Swap any provider, channel, tool, memory backend, or runtime with a config change. Zero code changes. It even encrypts your API keys with ChaCha20-Poly1305 by default. 2,738 tests. ~45,000 lines of Zig. Zero dependencies beyond libc. 100% Open Source. MIT License.

Introducing SimRecorderX 🎉 A simple way to record Xcode Simulators using ScreenCaptureKit. Record, trim, add backgrounds, and export with ease! For More👇 apple.co/4bgW8FG The app is completely free, so feel free to try it out. Please let me know if you encounter any problems.

Introducing Unsloth-MLX 🦥 Fine-tune LLMs on your Mac with Apple Silicon.   Same API as Unsloth - just change the import line. Prototype locally → Scale to cloud with real Unsloth. This is NOT trying to replace Unsloth (which is amazing). It's for Mac users who want to experiment locally before paying for cloud GPUs. Still early days - would really appreciate feedback, bug reports, or feature requests. @danielhanchen @awnihannun GitHub: github.com/ARahim3/unslot…