Introducing Claude Fable 5: a Mythos-class model that we’ve made safe for general use. Its capabilities exceed those of any model we’ve ever made generally available.

Be warned, the ultracode workflow in claude code with Opus 4.8 will use ~70% of your 5-hour window in around 30 minutes on an $100 plan

🚨 UPDATE: Mini Shai-Hulud has crossed from @npmjs into @pypi and is still spreading. Newly confirmed compromised artifacts: @​opensearch-project/opensearch: 3.5.3, 3.6.2, 3.7.0, 3.8.0 (1.3M weekly downloads) mistralai: 2.4.6 on PyPI guardrails-ai: 0.10.1 on PyPI additional @​squawk/* packages on npm guardrails-ai 0.10.1 executes malicious code on import. On Linux, it downloads git-tanstack[.]com/transformers.​pyz, writes it to /tmp/transformers.​pyz, and runs it with python3 without integrity verification. The git-tanstack.​com domain displayed a message signed “With Love TeamPCP,” along with: “We've been online over 2 hours now stealing creds Regardless I just came to say hello :^)” The page also linked to a YouTube video and you can probably guess which one.

Vercel breach: a step-by-step response guide rotate secrets: > go to Vercel dashboard → Environment Variables > rotate every token, key, DB credential > especially NPM GitHub tokens check if your Google Workspace was hit too: > admin.google.com → Security → Access and Data Control → API Controls → Manage app access → Accessed Apps > filter by: `110671459871-30f1spbu0hptbs6…` > if the app shows up... you're in the blast radius > revoke access immediately long-term fixes: > migrate ALL env vars to Sensitive Variables > use dynamic secrets (short-lived DB creds) > pull secrets at runtime via SDK - not stored in Vercel > set up audit logs > use `vercel activity` in CLI to check your logs programmatically this wasn't just Vercel. a compromised third-party AI tool's OAuth app potentially hit hundreds of orgs

Most annoying part of vibe coding? Re-explaining the entire context to your IDE after switching chats

LiteLLM HAS BEEN COMPROMISED, DO NOT UPDATE. We just discovered that LiteLLM pypi release 1.82.8. It has been compromised, it contains litellm_init.pth with base64 encoded instructions to send all the credentials it can find to remote server self-replicate. link below

Dreamina Seedance 2.0 is LIVE on CapCut app, desktop & web, starting gradually in Indonesia, Philippines, Thailand, Vietnam, Malaysia, Brazil and Mexico with expansion over time. Generate and edit with industry-leading quality in one seamless workflow. Built to unlock new possibilities in visual storytelling with CapCut: - SOTA long-form coherence, up to 15s videos with multi-shot storytelling and exceptional text prompt adherence - Built-in dialogue, lipsync, and immersive spatial sound - Multimodal reference for greater creative control and precision Find Dreamina Seedance 2.0 in the following CapCut features: - Quick try: AI Lab & AI Generator (app, v17.1.0) - Generate edit workflow: Media → AI Video (app & desktop) - AI-native workflow with omni reference: Video Studio (our latest canvas-based ai production workspace built for everyone from beginners to pro, access via CapCut web)

Not yet I think m8, this is partnership program access which capcut allow us to post, hopefully soon though 👍

Vibe coders are cooked 😂

Your AI forgets everything when you close the chat Every. Single. Time. Built Kratos MCP to fix this Now your AI remembers your codebase, your decisions, your context Forever 🚀 github.com/ceorkm/kratos-mcp #buildinpublic #AI #MCP

1 million context window: Now generally available for Claude Opus 4.6 and Claude Sonnet 4.6.

I reverse-engineered @claudeai Code's binary to add a feature I always wanted: When context fills up - instead of nuking everything with /compact - I can now surgically strip tool calls/results and thinking blocks while keeping all actual messages intact.