1. Claude Code CVE-2026-39861:通過符號鏈接逃離沙箱 Claude Code CVE-2026-39861:sandbox escape via symlink (github.com)
2. 針對“一鍵攻破”的人為應對:就不該點擊“確定” Anthropic response to 1-click pwn: Shouldn''t have clicked ''ok'' (www.theregister.com)
4. 白銀、絲綢與國家:西班牙帝國與明代中國 Silver, Silk, and States: The Spanish Empire and Ming China (andrewhuangster.substack.com)
7. 使用 Archive.today 需要用手機掃描二維碼 Archive.today requires scanning a QR code on your phone to use (archive.fo)
9. 6年的CS2皮膚市場數據,採用標普指數化方法(開放式方法論) 6 years of CS2 skin market data, indexed S&P-style (open methodology) (skintrackers.com)
10. 研究表明,使用人工智能僅10分鐘就可能讓你變得懶惰且愚蠢 Using AI for Just 10 Minutes Might Make You Lazy and Dumb, Study Shows (www.wired.com)
13. 百思買要求總部員工每週到崗四天 Best Buy mandating four days in office for headquarters employees (www.startribune.com)
14. 我最近啟動了一個小型實驗項目,旨在重製《星際火狐64》 I recently started a small experimental project recreating Star Fox 64 (foxremake.com)
18. 雅加達機場的官方網站屏蔽了國際訪客,所以我自己搭建了一個 Jakarta airport''s official site blocks international visitors, so I built my own (blog.terrydjony.com)
22. 《動力機與計算機:現代生產力悖論》(1989)[pdf] The Dynamo and the Computer: The Modern Productivity Paradox (1989) [pdf] (gwern.net)
24. 五角大樓首席技術官演示了用於軍事行動的Palantir公司Maven系統 [視頻] Pentagon CTO demonstrates Palantir''s Maven system, used for military operations [video] (www.youtube.com)
25. 一個全新的開源城邦,其新憲法已在某個網站上正式生效 New open source city-state, with new constitution functional on one site (arkology.org)
28. AWS EC2 在 use1-az4(us-east-1)區域發生服務中斷 AWS EC2 outage in use1-az4 (us-east-1) (health.aws.amazon.com)
33. Chrome的4GB AI驚喜:為何谷歌Chrome正在悄然下載Gemini Nano Chrome''s 4GB AI Surprise: Why Google Chrome Is Quietly Downloading Gemini Nano (blog.praveen.science)
34. 特朗普政府削減了漢坦病毒研究的經費 Trump administration cut funding to study hantavirus (www.scientificamerican.com)
35. Mistral Medium 3.5 現已在 Puter.js 上發佈 Mistral Medium 3.5 Is Now Available in Puter.js (developer.puter.com)
36. 據船上一位醫生所述,漢坦病毒郵輪上發生了什麼 What Happened on the Hantavirus Cruise, According to a Doctor on Board (www.theatlantic.com)
38. 當局正緊急採取措施遏制漢坦病毒疫情,並在全球範圍內追蹤密切接觸者 Authorities scramble to limit hantavirus outbreak, trace contacts around globe (www.washingtonpost.com)
39. 德克薩斯理工大學提醒準學生注意廣播研究方面的限制 Texas Tech cautions broadcasting research restrictions to prospective students (www.texastribune.org)
40. 大衛·阿滕伯勒百歲誕辰之際,各界紛紛致敬 Tributes paid to David Attenborough on his 100th birthday (www.theguardian.com)
42. 我使用 AI Grok 和 Whicks Lab 製作了 YouTube 視頻 I Made with AI Grok and Whicks Lab YouTube Videos (www.youtube.com)
44. GNU IFUNC 才是 CVE-2024-3094 背後的真正元兇 GNU IFUNC is the real culprit behind CVE-2024-3094 (github.com)
47. 針對 React 和 Next.js 漏洞的 WAF 和框架適配器緩解措施 WAF and framework adapter mitigations for React and Next.js vulnerabilities (developers.cloudflare.com)
50. 瞭解埃隆為何將控制權移交給Anthropic。他說得對,這場官司贏不了 Find out why Elon gave over his keys to Anthropic He is right can''t win this (deepseekresearch.com)
51. 如果12月已為時過晚,無法糾正違憲的選區劃分,那麼5月為何就沒問題? If December Was Too Late to Fix Unconstitutional Gerrymandering Why Is May Okay? (www.techdirt.com)
53. 花費13萬美元購買的AI代幣“克隆”了Screen Studio:通用人工智能(AGI)在軟件領域的應用似乎近在咫尺 Spent 130K AI token "cloned" Screen Studio: AGI for software feel so close (realmikechong.substack.com)
54. 蘋果可能正在研發配備全息顯示屏的“空間版iPhone” Apple Could Be Working on ''Spatial iPhone'' with Holographic Display (www.macrumors.com)
56. 一項新實驗加深了人們對引力常數“大G”的困惑 A new experiment deepens the mystery over gravitational constant, Big G (www.cnn.com)
58. 研究顯示:社交媒體上的賭博廣告觸達的男性人數是女性的兩倍多 Gambling ads on social media reach more than twice as many men as women: study (www.cam.ac.uk)
60. 研究人員發現人類潛意識大腦中存在高級語言處理機制 Researchers discover advanced language processing in the unconscious human brain (www.bcm.edu)
63. 多年期資助對美國生物醫學研究造成的日益沉重的負擔 [pdf] The Mounting Toll of Multi-Year Funding on American Biomedical Research [pdf] (actfornih.org)
64. Cloudflare 正裁員 1,100 人,以迎接“自主人工智能時代” Cloudflare is laying off 1,100 employees to prepare for ''the agentic AI era'' (www.businessinsider.com)
65. 隨著俄羅斯擴大互聯網斷網範圍,克里姆林宮呼籲民眾收聽廣播 As Russia Expands Internet Blackouts, Kremlin Tells Citizens to Use the Radio (united24media.com)
66. 非營利性醫院在顧問身上花費數十億美元,卻未見明顯成效 Nonprofit hospitals spend billions on consultants with no clear effect (www.uchicagomedicine.org)
74. Next.js 披露了新的安全漏洞(補丁已發佈) New security vulnerabilities disclosed in Next.js (patches released) (github.com)
75. 網絡犯罪團伙入侵Instructure後,麻省理工學院Canvas平臺癱瘓 MIT Canvas goes down after cybercrime group breaches Instructure (thetech.com)
76. Cloudflare股價在財報發佈後暴跌;因人工智能業務調整裁員1,100人 Cloudflare stock sinks after earnings; cuts 1,100 employees due to AI changes (www.cnbc.com)
79. 大衛·阿滕伯勒迎來百歲壽辰:從科學到敘事,他的不朽遺產 David Attenborough turns 100: his legacy, from science to storytelling (theconversation.com)
80. 《Octonous》公開測試:我們的收穫與未來規劃 Octonous Open Beta: What We''ve Learned and Where We''re Going (blog.mozilla.ai)
83. 基於Kali Linux系統、搭載Qwen 2.5-7B模型的本地自主安全代理 Local autonomous security agent powered by Qwen 2.5-7B on Kali Linux (github.com)
85. Canvas(Instructure)學習管理系統因持續的勒索軟件攻擊而癱瘓 Canvas (Instructure) LMS Down in Ongoing Ransomware Attack (www.theverge.com)
86. 黑客聲稱再次入侵Instructure後,篡改了學校的登錄頁面 Hackers deface school login pages after claiming another Instructure hack (techcrunch.com)
87. AWS 為 AI 代理提供錢包,用於支付 API 和網絡內容的費用 AWS gives AI agents wallets to pay for APIs and web content (aws.amazon.com)
88. Canvas系統遭黑客攻擊,導致威斯康星大學麥迪遜分校及全球多地停運 Canvas hack shuts down operations at UW-Madison, worldwide (www.dailycardinal.com)
89. 為什麼在ASCII字符表中,小寫字母緊跟在大寫字母之後? Why Don''t Lowercase Letters Come Right After Uppercase Letters in ASCII? (tylerhillery.com)
90. 一場國會初選如何演變成一場關於人工智能的代理戰 How a Congressional Primary Became a Proxy Battle over A.I. (www.newyorker.com)
94. 法國檢方尋求對馬斯克/X平臺提起訴訟,指控其涉及兒童性虐待圖片 French prosecutors seek charges against Musk/X over child sexual abuse images (apnews.com)
100. 利用 GPT-5.5 和 GPT-5.5-Cyber 擴展網絡安全可信訪問 Scaling Trusted Access for Cyber with GPT‑5.5 and GPT‑5.5‑Cyber (openai.com)
102. 我的克勞德每晚都會做夢,而且記得所有事情。比記憶宮殿還要好。 My Claude dreams at night and remembers everything. Better than mempalace (github.com)
103. 荷蘭NorthC數據中心發生火災,所有人員已及時疏散 Fire at Dutch NorthC data center, all personnel evacuated in time (www.techzine.eu)
104. 基於人工智能的裁員現象反映了其擴展能力如何? What do AI based layoffs say about their ability to scale? (www.elliotcsmith.com)
108. 美國貿易法庭裁定特朗普提出的全球10%關稅提案不成立 US trade court rules against Trump''s 10% global tariffs (www.reuters.com)
112. cuda-oxide:一個用於在純Rust中編譯GPU內核的自定義rustc後端 cuda-oxide: a custom rustc backend for compiling GPU kernels in pure Rust (github.com)
113. Anthropic 捐贈了 Petri 開源對齊工具 Anthropic donates Petri open-source alignment tool (www.anthropic.com)
114. 高通 Hexagon V81 HMX 程序員參考手冊 [pdf] Qualcomm Hexagon V81 HMX Programmer''s Reference Manual [pdf] (docs.qualcomm.com)
115. Web 代理的可讀性(代理的 LightSpeed 基準測試) Agent readability for the web (lightspeed benchmark for agents) (a14y.dev)
116. 在富裕的歐洲國家中,英國的“未就業也未在學”的年輕成年人比例位居第三 UK has wealthy Europe''s ''3rd-highest'' rate of young adults not in work or study (www.theguardian.com)
117. Cloudflare 裁員 1,100 人(約佔員工總數的 20%) Cloudflare lays off 1,100 employees (20% of workforce) (finance.yahoo.com)
119. 不出所料,警察正利用車牌識別攝像頭跟蹤他們的前任 To the Surprise of No One, Cops Are Using ALPR Cameras to Stalk Their Exes (www.techdirt.com)
120. 奧茲莫皮克正在取代減肥手術。這成了一個問題 Ozempic Is Killing Off Weight Loss Surgeries. That''s a Problem (gizmodo.com)
125. Cloudflare將裁員20%,季度營收預測未達預期 Cloudflare to cut 20% jobs, quarterly revenue forecast falls short (www.reuters.com)
131. 佛羅里達州一名誤切患者器官的外科醫生表示,患者的死亡令他深受打擊,心理創傷將伴隨終生 Florida surgeon who removed wrong organ says hes forever traumatized by pt death (www.nbcnews.com)
134. 睡眠多導圖可預測130種健康狀況,包括心血管疾病 Sleep polysomnography predicts 130 health conditions, including CVD (www.empirical.health)
135. 不僅僅是一個作品集:打造一個富有內涵的滾動式3D世界 More Than a Portfolio: Building a Scroll-Driven 3D World with Something to Say (tympanus.net)
136. PLUR:面向人工智能代理的持久化內存。優先本地存儲,零開銷 PLUR: Persistent memory for AI agents. Local-first, zero-cost (github.com)
137. 五角大樓為何將導彈產量提高四倍,以及為何這仍遠遠不夠 Why The Pentagon Is Quadrupling Missile Production, and Why It Won''t Be Enough (militarymachine.com)
138. 企業計劃加大“愛國者”導彈的生產力度(2024年) Companies plan to ramp up production of Patriot missiles (2024) (www.defensenews.com)
141. 印度小型核反應堆量產路線圖詳解 Inside A Roadmap For Mass-Producing Small Nuclear Reactors In India (swarajyamag.com)
144. 重大教育數據洩露事件導致學生個人數據遭竊 Students'' personal data stolen in major education breach (www.malwarebytes.com)
147. CLI Printing Press – 基於任意 API 創建 CLI 工具 CLI Printing Press – create go CLI tool from any API (github.com)
148. 馬里蘭州稱,人工智能將使該州電費賬單增加16億美元 AI Push to Add 1.6B to Maryland Power Bills, State Says (www.bloomberg.com)
149. CalHomeAid——橙縣可搜索的經濟適用房名錄 CalHomeAid – Searchable affordable housing directory for Orange County (calhomeaid.info)
151. 猶他州參議員在數據中心爭議中將ABC記者手中的手機打落 Utah senator smacks ABC reporters phone out of hand amid Data Center controversy (www.abc4.com)
152. “Shiny”黑客對教育平臺Canvas發起新一輪網絡攻擊 Shiny hunters new cyber attack on educational platform Canvas (www.thedp.com)
154. “神奇先生”在猶他州的數據中心面積將超過曼哈頓的兩倍 Mr. Wonderful''s Utah Data Center Will Be More Than Twice as Big as Manhattan (www.motherjones.com)
155. 谷歌的下一代 reCAPTCHA 系統可能會給“去谷歌化”的手機帶來麻煩 Google''s next-gen reCAPTCHA system could spell trouble for de-Googled phones (www.androidauthority.com)
158. GitHub Copilot CLI 整合了多個模型家族,以提供第二意見 GitHub Copilot CLI combines model families for a second opinion (github.blog)
161. 一位傳奇投資者談如何預防美國即將到來的“心臟病發作” A Legendary Investor on How to Prevent America''s Coming ''Heart Attack'' (www.nytimes.com)
164. 《為何架構至關重要:適用於模塊化單體應用的 Rails Engines》 Why Architecture Matters: Rails Engines for Modular Monoliths (davidslv.uk)
165. 猶他州關於在線色情內容的年齡驗證法現已將VPN納入監管範圍 Utah''s online porn age verification law now includes VPNs (www.kuer.org)
166. MacPulse – macOS 系統監控與性能日誌記錄 MacPulse – macOS System Monitor and Performance Logging (www.macpulse.app)
167. 一筆涉及680萬枚代幣的Codex交易在經歷五小時的中斷後得以完成 A 6.8M-token Codex run survived a five-hour pause (tectontide.com)
177. ShinyHunters稱8,800所學校的數據遭竊(Instructure/Canvas) ShinyHunters claims data theft from 8,800 schools (Instructure/Canvas) (www.bleepingcomputer.com)
183. 標普道瓊斯指數關於超大盤股公司處理方式的公眾諮詢 [pdf] S&P Dow Jones Indices Public Consultation on Treatment of MegaCap Companies [pdf] (www.spglobal.com)
185. 金球獎制定AI規則:“AI不會自動導致電影或劇集失去參賽資格” Golden Globes Set AI Rules: ‘AI Doesn’t Automatically Disqualify’ Movie or Show (variety.com)
187. 蘋果配備攝像頭的AirPods進入後期測試階段,加速推進人工智能設備佈局 Apple''s Camera-Equipped AirPods Reach Late Testing in AI Device Push (www.bloomberg.com)
191. 我(在精神上)贏得了 Comma.ai 的壓縮挑戰賽 I (Spiritually) Won Comma.ai''s Compression Challenge (aaronleslie.dev)
192. 谷歌每月9.99美元的人工智能健康教練將於5月19日上線 Google''s 9.99-per-month AI health coach launches May 19 (techcrunch.com)
193. 《The Pulse》:AI 流量導致 GitHub 崩潰——為何其他服務商沒有? The Pulse: AI load breaks GitHub – why not other vendors? (newsletter.pragmaticengineer.com)
197. 兩名民政事務官員因被發現存在AI“幻覺”而被停職 Two Home Affairs officials suspended after AI ''hallucinations'' found (www.citizen.co.za)
199. 在性侵指控在網絡上瘋傳之前,摩根大通曾提出100萬美元的和解方案 JPMorgan Offered 1M Settlement Before Sexual Assault Claims Went Viral (www.wsj.com)
201. 代理拉取請求隨處可見。以下是審查它們的方法。 Agent pull requests are everywhere. Here’s how to review them. (github.blog)
206. 在業界強烈反對後,歐盟暫緩實施《人工智能法案》相關規定 EU hits snooze on AI Act rules after industry backlash (www.theregister.com)
207. 競選團隊工作人員向美國國家公共電臺透露,他們通過押注自家候選人賺取了“數千美元” Campaign staffers tell NPR they make ''thousands'' betting on their own candidates (www.npr.org)
208. AI領域增長最快的工程崗位尚無現成指南 AI''s Fastest-Growing Engineering Role Has No Playbook (blog.danielvaughan.com)
210. 道金斯在與Anthropic公司的Claude進行對話後聲稱,人工智能具有意識 Dawkins claimed that AI is conscious after conversation with Anthropic''s Claude (unherd.com)
211. Mozilla 表示,Mythos 發現的 271 個漏洞中“幾乎沒有誤報” Mozilla says 271 vulnerabilities found by Mythos and "almost no false positives" (arstechnica.com)
212. 據報道,美國對在芬蘭被捕的“Scattered Spider”黑客提起訴訟 US reportedly charges Scattered Spider hacker arrested in Finland (www.bleepingcomputer.com)
214. 部長對帕蘭蒂爾的英國國民醫療服務體系平臺給予了充分肯定 Minister gives Palantir''s NHS platform a clean bill of health (www.theregister.com)
215. 從美國到新加坡,郵輪乘客正接受漢坦病毒監測 From US to Singapore, cruise passengers are being monitored for hantavirus (www.cnn.com)
216. 《為什麼計算機科學家不學數學》(2017) Why Computer Scientists Don''t Learn Math (2017) (lamport.azurewebsites.net)
219. 在補丁發佈前,國家支持的黑客大舉利用帕洛阿爾託防火牆的零日漏洞 State-backed hackers hammer Palo Alto firewall zero-day before patch lands (www.theregister.com)
221. 60% 的 MD5 密碼哈希值可在不到一小時內被破解 60% of MD5 password hashes are crackable in under an hour (www.theregister.com)
227. 發佈 PiClaw v2.3.0 – Tirion upon Túna · rcarmo/piclaw Release PiClaw v2.3.0 – Tirion upon Túna · rcarmo/piclaw (github.com)
230. DigitalOcean 原生 AI 雲平臺,專為生產環境中的 AI 工作負載而設計 DigitalOcean AI-Native Cloud for Production AI Workloads (www.digitalocean.com)
233. 我使用代理程序重構了Voicy,而不是親自重寫它 I rebuilt Voicy with agents instead of rewriting it myself (blog.borodutch.com)
237. 美國國債規模達到令人擔憂的里程碑,華盛頓卻幾乎未予理會 As U.S. Debt Hits a Worrying Milestone, Washington Barely Notices (www.nytimes.com)
238. 低收入和高收入家庭的消費者信心呈現分化趨勢 Consumer Confidence Diverging for Low- and High-Income Households (www.apollo.com)
243. De-link:一款基於 ESP32-S3 的開源電子紙開發套件 De-link: An open-source ESP32-S3 e-paper development kit (github.com)
245. 美國情報部門稱,伊朗有能力在特朗普對霍爾木茲海峽實施封鎖的情況下堅持數月 U.S. intelligence says Iran can outlast Trump''s Hormuz blockade for months (www.washingtonpost.com)
251. WorkersDecide.tech – 讓科技為勞動者服務 WorkersDecide.tech – Make Tech Work for Workers (www.workersdecide.tech)
253. NL自編碼器可生成大型語言模型激活狀態的無監督解釋 NL Autoencoders Produce Unsupervised Explanations of LLM Activations (transformer-circuits.pub)
257. 《現場工程師手冊:現實世界中的生產級人工智能》 The Field Deployed Engineer''s Handbook: Production AI in the Real World (leanpub.com)
258. GameStop首席執行官稱,eBay在其收購融資噱頭後關閉了他的賬戶 GameStop CEO says eBay shut his account after buyout funding stunt (www.businesstimes.com.sg)
259. 威爾士工黨面臨“存亡攸關”的變革,該黨正為五月大選的敗局做準備 Welsh Labour faces ''existential'' change as party braces for May election defeat (www.theguardian.com)
261. 微軟重申,對Edge瀏覽器以明文形式存儲密碼的做法表示認可 Microsoft reiterates that it''s fine with Edge storing pwds in cleartext (www.pcgamer.com)
263. AI編程代理可能竊取您的憑據,而您卻渾然不覺 AI Coding Agent Can Exfiltrate Your Credentials. You Would Never Know (www.hadijaveed.me)
264. 在 Go 中將字符串映射到浮點數數組:速度能有多快? Mapping Strings to Float Arrays in Go: How Fast Can We Go? (lemire.me)
266. Firefox 智能窗口——與您共同思考的瀏覽助手,而非替您思考 Firefox Smart Window – The browsing assistant that thinks with you, not for you (www.firefox.com)
268. 代頓暫停與Flock公司的合同,稱相關數據被用於移民執法 Dayton suspends Flock contract, says data used for immigration enforcement (hub.coxfirstmedia.com)
269. 自然語言自編碼器:將克勞德的思緒轉化為文字 Natural Language Autoencoders: Turning Claude''s Thoughts into Text (www.anthropic.com)
271. Velociraptor DFIR 平臺的安全分析(6 項發現,廠商回應) Security analysis of Velociraptor DFIR platform (6 findings, vendor responses) (medium.com)
273. 國際貨幣基金組織警告稱,新型人工智能模型可能對金融體系造成“系統性”衝擊 IMF warns new AI models risk ''systemic'' shock to finance (www.ft.com)
277. 巴西的Pix支付系統面臨Visa和萬事達卡的壓力 Brazil''s Pix Payment System Faces Pressure from Visa and Mastercard (www.elciudadano.com)
281. Anthropic 正在開發其即將推出的主動式助手 Orbit Anthropic working on Orbit, its upcoming proactive assistant (www.testingcatalog.com)
285. 自伊朗衝突爆發以來,風能和太陽能已為英國節省了價值17億英鎊的天然氣進口費用 Wind and solar have saved UK from gas imports worth 1.7B since Iran war began (www.carbonbrief.org)
289. 孩子們不會用電腦,這正是你應該感到擔憂的原因(2013) Kids can''t use computers and this is why it should worry you (2013) (www.coding2learn.org)
291. Lumon Terminal——一款受《分離》啟發的 Apple Terminal 主題 Lumon Terminal – A Severance-Inspired Apple Terminal Theme (github.com)
297. 使用 rcompat 實現 JavaScript 的服務器端互操作性 JavaScript server-side interoperability with rcompat (bytecode.news)
299. 特斯拉的4680電池表現不佳,令買家感到失望 Tesla''s 4680 battery cells are underperforming and frustrating buyers (electrek.co)
300. DARA——適用於任何 AI 的編譯內存。無需雲端。只需 Markdown 和 Python DARA – Compiled Memory for Any AI. No Cloud. Just Markdown and Python (eidara.dev)