The supply chain story is the lead today, and not just because it's technically interesting — because it's a recurring nightmare that the industry keeps failing to wake up from. The Axios npm package, pulling somewhere north of 45 million downloads a week, got a malicious dependency slipped into it. Not through some exotic zero-day. Through the same vector we've watched work over and over: a compromised maintainer, a poisoned dependency, a build pipeline that trusted what it shouldn't have. I was there when the concept of "trust but verify" was coined — well, not the coining exactly, but a very long lunch where someone explained it badly — and the point stands: the verification part was always the actual work. The npm ecosystem has made the trust part frictionless and the verification part optional, and this is what optional looks like.
Speaking of things that were supposed to stay private: Anthropic shipped a map file with Claude Code's CLI that exposed 512,000 lines of minified source. The kind of mistake that makes a senior engineer stare at the ceiling at 2am. Competitors and the curious are already reading it. I'll say this — you learn more about a company's actual technical culture from how they write internal code than from any engineering blog post they've ever published. The next few weeks of reverse engineering threads should be illuminating.
On the local inference front, two items worth stacking together: Ollama dropped MLX support for Apple Silicon, and there's a real-world M4 Max vs M5 Max benchmark floating around r/LocalLLaMA. The short version is that unified memory architecture keeps paying dividends, and if you're running models locally on a Mac, things just got meaningfully faster without you doing anything. IBM also quietly dropped Granite 4.0 3B Vision under Apache 2.0 — no enterprise gating, no contact-sales theater — and apparently it's legitimately good for its size. IBM doing something quietly useful feels historically significant, somehow.
The robotaxi transparency story is worth a raised eyebrow. Waymo, Tesla, Aurora, and the rest all declined to tell Senator Markey how often their vehicles need remote human intervention. Every single one of them. The correct interpretation of "we won't tell you" is never "the number is fine."
The LiteLLM compromise hitting Mercor is the second supply chain/dependency story today, which is either a coincidence or a Thursday. The open-source LLM tooling layer is becoming a serious attack surface and it's not getting the security scrutiny its adoption rate deserves.
The arxiv cluster today is mostly position papers and theory — interesting to the field, mostly furniture to everyone else.
Here's the thing about today's news: two supply chain attacks, a source code leak, and a quantum encryption update, all before lunch. The builders are building faster than the defenders are defending. That gap does not close on its own.