Keep up with tech in 5 minutes

TeamPCP claims access to around 3,800 internal GitHub repositories after compromising an employee device with a poisoned VS Code extension, leading GitHub to rotate secrets and investigate scope. The same group trojanized Microsoft's durabletask PyPI package to drop a Linux-only infostealer that steals cloud, vault, SSH, and Kubernetes credentials and propagates across AWS and clusters. LAPSUS$ is now co-selling the leaked internal projects, including Actions, Copilot, CodeQL, and Dependabot components, raising concern over source exposure and supply chain abuse.

New scaling studies reveal that using no data filtering may be optimal for large model pretraining in high compute, data-scarce settings. Large parameter models not only tolerate but benefit from including low-quality and distractor data. Contrary to prevailing beliefs, filtering out low-quality data may not be necessary with ample compute resources.

Linus Torvalds, the creator of Git and Linux, says that overly complex or abstracted code, like unnecessary helper functions, makes code maintainability and understanding worse. It increases cognitive burden and, in some cases, it makes sense to repeat code to reduce human and LLM context switching. Code should be optimized for readability and ease of iteration.