新课程:使用SGLang进行高效推理:文本与图像生成,与LMSys @lmsysorg 和 RadixArk @radixark 合作开发,由RadixArk技术团队成员Richard Chen @richardczl 主讲
这门短期课程教授如何使用开源推理框架SGLang消除LLM生产环境中的冗余计算成本。通过实现KV缓存和RadixAttention技术,SGLang能跨用户和请求共享已处理的计算,显著提升文本和图像生成的推理速度与成本效率。
这门短期课程教授如何使用开源推理框架SGLang消除LLM生产环境中的冗余计算成本。通过实现KV缓存和RadixAttention技术,SGLang能跨用户和请求共享已处理的计算,显著提升文本和图像生成的推理速度与成本效率。
A compromised version of the LiteLLM Python package (version 1.82.8) was briefly available on PyPI, capable of exfiltrating sensitive credentials like SSH keys and cloud secrets. The malicious package affected any project that depended on LiteLLM, though it was only available for about an hour before discovery.
A supply chain attack has compromised the popular npm axios HTTP client library with 300 million weekly downloads. Malicious versions install a remote access trojan, though some users may have avoided infection through version pinning or older installations. Security experts warn this is a live compromise affecting one of npm's most depended-on packages.
A series of supply chain attacks has affected npm and PyPI repositories within two weeks. The use of large language models is exacerbating these security issues, and existing mitigation measures are insufficient to address the problem.
A new phishing-as-a-service called Starkiller uses disguised links to load real login pages from target brands. It acts as a relay between victims and legitimate sites, forwarding usernames, passwords, and MFA codes to bypass security measures.
A security researcher discovered a vulnerability that allowed obtaining full administrator rights in a Replit clone. The vulnerability stemmed from running untrusted code in an insecure manner. This highlights the importance of proper security practices when executing external code.