In the next 10 years you’ll need to know how works with AI, robotic and computer quantum. Everything will work together

Google is making big changes to its search engine. Instead of mostly showing links to websites, it’s now going to put AI-generated answers and interactive features front and center. Starting next Tuesday, search results will include bigger conversation-style boxes, AI information assistants, and personalized mini-apps powered by Gemini. The old “ten blue links” era is basically over. This shift will send even less traffic to independent websites and news publishers on top of the drops many have already seen from Google’s AI overviews. Publishers who rely on Google to get readers will need to adapt fast, because fewer people will click through to the original content.

Elon says Grok 5 will "learn almost immediately, like smart humans." Once released, every AI lab will go on red alert.

🇯🇵 1 in 3 Japanese companies are already using or thinking about deploying AI-powered robots, with automakers leading the charge. The driver is simple: Japan is running out of workers and robots are the plan. Japan just needs to hold off China and the U.S. first. They are giving Japan serious competition in the next generation of autonomous robots, and its old industrial giants don't have the edge they once did. Source: Reuters

VS code/Cursor extensions are a supply chain attack waiting to happen, and have many times... They all contain a crazy amount of node/JS junk, they're often owned by randos, they silently update, nobody looks at them and the security model is shit. Use restricted marketplaces.

Peak 2026

NPM hacked, Github hacked... And Rust is still safe.

npm's 𝚝𝚎𝚛𝚖𝚒𝚗𝚊𝚕-𝚕𝚘𝚐𝚐𝚎𝚛-𝚞𝚝𝚒𝚕𝚜@𝟷.𝟷.0 is Cross-platform infostealer dropper. RC4-obfuscated postinstall (𝚞𝚝𝚒𝚕𝚜.𝚌𝚓𝚜) downloads MicrosoftSystem64 binary from HuggingFace (Lordplay/system-releases). Installs persistence (LaunchAgent/schtasks/systemd). Targets browser credential stores. IOCs: huggingface.co/Lordplay/syst…

GitHub confirms breach of 3,800 repos via malicious VSCode extension bleepingcomputer.com/news/se… bleepingcomputer.com/news/se…

GitHub has reportedly been hacked. A group called TeamPCP claims it gained unauthorized access to GitHub’s internal systems and stole data from around 4,000 private and internal repositories, including source code and company files. They are now trying to sell this stolen data for more than $50,000 on underground forums and have said they will release it for free if no one buys it. GitHub is investigating the unauthorized access and says it has found no evidence so far that customer data, organizations, or customer repositories were affected.

1/ To prevent supply chain attacks following the pattern of Mini Shai Hulud, we invalidated npm granular access tokens with write access that bypass 2FA. Update the stored token and rerun the workflow for your automations.

1/ We are sharing additional details regarding our investigation into unauthorized access to GitHub's internal repositories. Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately.

We are investigating unauthorized access to GitHub’s internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’ enterprises, organizations, and repositories), we are closely monitoring our infrastructure for follow-on activity.

UPDATE: So far we've identified 639 compromised npm package versions across 323 unique packages in tonight’s Mini Shai-Hulud wave. That includes 558 versions across 279 unique @​antv packages. Most were detected within ~6 minutes of publication. socket.dev/blog/antv-package…

🚨 Major supply chain attack targeting npm is in progress. Multiple packages compromised and injected with Shai-Hulud style malware. size-sensor@1.1.4 (4.2M dl/mo) echarts-for-react@3.1.7 (3.8M dl/mo) @antv/scale@0.6.2 (2.2M dl/mo) timeago.js@4.1.2 (1.15M) @antv/g@6.4.1 (1M) @antv/path-util@3.1.1 (1.1M) @antv/g-svg@2.2.1 (975K) @antv/g-lite@2.8.0 (883K) @antv/vendor@1.1.11 (751K) @antv/l7-layers@2.26.10 size-sensor@1.1.4 (4.2M) timeago.js@4.1.2 (1.15M) @antv/g@6.4.1 (1M) @antv/g-svg@2.2.1 (975K) @antv/vendor@1.1.11 (751K) @antv/g-canvas@2.3.0 (1.25M) @antv/g2-extension-plot@0.3.2 (547K)

Mustafa Suleyman says 18 months until AI automates all white-collar work. Microsoft AI CEO Mustafa Suleyman predicts "human-level performance on most professional tasks" within 18 months. Accounting, legal, marketing, project management, all fully automated. "Suleyman predicted “human-level performance on most, if not all professional tasks” being done by AI. Most tasks that involve “sitting down at a computer” will be fully automated by AI within the next year or 18 months, he said, naming accounting, legal, marketing, and even project management as vulnerable." (Fortune) Suleyman says his mission is building "superintelligence" and that creating a new AI model will soon be "like creating a podcast or writing a blog." Via Fortune

# Bisq 1.10.0 is released! This release focuses on security hardening following the recent security incident and includes major improvements to trade protocol validation, network message handling, release verification, and protection against supply chain attacks.

OpenAI is introducing a feature that allows ChatGPT to connect with users’ bank accounts through Plaid, a platform already used by many financial apps. The feature gives ChatGPT access to balances, transaction history, subscriptions, debts, and investment summaries to help users understand and manage their finances. OpenAI says the AI cannot move money, make transactions, or access full banking credentials. Financial data will not be used for AI training unless users opt in. AI assistants are evolving into full digital companions connected to email, calendars, shopping, health tools, and now banking information.

🔥 FUN FACT: Bitcoin has become less volatile than potato futures.

We’re introducing a new GitHub Certified: Agentic AI Developer (GH-600). As AI agents become part of modern development workflows, this role-based certification focuses on how developers and teams operate, supervise, and integrate agents across the SDLC. If you’re already working with tools like GitHub Copilot or exploring agent-driven workflows, we’d love your input. Learn more and get involved. msft.it/6013vRHHZ

The latest 𝕏 algorithm has been published to GitHub github.com/xai-org/x-algorit…