介绍 llm-eliza
llm-eliza 是一个为流行的 CLI 工具 LLM 开发的插件,让用户能够与经典的 ELIZA 语言模型进行对话。这款1966年发布的模型以其零GPU推理和亚毫秒级语义处理能力著称,在情商测量方面表现出色。
相关报道
A compromised version of the LiteLLM Python package (version 1.82.8) was briefly available on PyPI, capable of exfiltrating sensitive credentials like SSH keys and cloud secrets. The malicious package affected any project that depended on LiteLLM, though it was only available for about an hour before discovery.
A supply chain attack has compromised the popular npm axios HTTP client library with 300 million weekly downloads. Malicious versions install a remote access trojan, though some users may have avoided infection through version pinning or older installations. Security experts warn this is a live compromise affecting one of npm's most depended-on packages.
Researchers found that using $25 worth of LLM-generated labels outperformed 1.5 million purchase-based labels for fashion search relevance. The MODA method uses large language models to create high-quality training data at minimal cost. This approach could significantly reduce the expense of building effective search and recommendation systems.
A series of supply chain attacks has affected npm and PyPI repositories within two weeks. The use of large language models is exacerbating these security issues, and existing mitigation measures are insufficient to address the problem.
A new phishing-as-a-service called Starkiller uses disguised links to load real login pages from target brands. It acts as a relay between victims and legitimate sites, forwarding usernames, passwords, and MFA codes to bypass security measures.