RT Lex Fridman:回复 Same,我有类似的设置。混合使用 Obsidian、Cursor(用于 md)和 vibe-coded web terminals 作为前端。
Lex Fridman 分享了他的知识管理设置:结合使用 Obsidian、Cursor 和 vibe-coded web terminals。由于制作播客,研究兴趣广泛,知识库方法效果显著。他常让系统生成动态 HTML 进行数据交互,并为特定主题创建临时知识库,在长跑时通过语音模式与 LLM 互动学习。
Lex Fridman 分享了他的知识管理设置:结合使用 Obsidian、Cursor 和 vibe-coded web terminals。由于制作播客,研究兴趣广泛,知识库方法效果显著。他常让系统生成动态 HTML 进行数据交互,并为特定主题创建临时知识库,在长跑时通过语音模式与 LLM 互动学习。
A compromised version of the LiteLLM Python package (version 1.82.8) was briefly available on PyPI, capable of exfiltrating sensitive credentials like SSH keys and cloud secrets. The malicious package affected any project that depended on LiteLLM, though it was only available for about an hour before discovery.
A supply chain attack has compromised the popular npm axios HTTP client library with 300 million weekly downloads. Malicious versions install a remote access trojan, though some users may have avoided infection through version pinning or older installations. Security experts warn this is a live compromise affecting one of npm's most depended-on packages.
Researchers found that using $25 worth of LLM-generated labels outperformed 1.5 million purchase-based labels for fashion search relevance. The MODA method uses large language models to create high-quality training data at minimal cost. This approach could significantly reduce the expense of building effective search and recommendation systems.
A series of supply chain attacks has affected npm and PyPI repositories within two weeks. The use of large language models is exacerbating these security issues, and existing mitigation measures are insufficient to address the problem.
A new phishing-as-a-service called Starkiller uses disguised links to load real login pages from target brands. It acts as a relay between victims and legitimate sites, forwarding usernames, passwords, and MFA codes to bypass security measures.