Valid certificates, stolen accounts: how attackers broke npm's last trust signal

Stolen credentials produced valid Sigstore certificates, clearing 633 malicious npm packages — one of seven developer tool ...
InfoQ

Designing AI Platforms for Reliability: Tools for Certainty, Agents for Discovery

Aaron Erickson discusses the evolution of AI workflows, shifting from "vibe checking" to building reliable, multi-agent frameworks. He explains how to combine deterministic software guardrails with ...

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...
BMJ Evidence-Based Medicine

Impact of prompt engineering on large language models for risk of bias assessment: a comparative study

Objectives To evaluate the performance of large language models (LLMs) in risk of bias assessment and to examine whether ...
GitHub

Enterprise Data Cleaning & ETL Orchestration Framework using Python

A modular ETL (Extract–Transform–Load) framework built using Python to design, execute, and monitor reliable data pipelines. This project focuses on clean separation of concerns, configuration-driven ...
GitHub

SE1 — LLM Safety Eval Framework

A systematic safety evaluation framework for LLMs deployed in financial services. Sends adversarial test prompts across five risk categories, judges each response using Claude-as-evaluator, scores ...