Vue lecture

Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.

Moonshot AI Kimi K3 beats Anhtropic Fable 5 in Frontend Code Arena benchmark

Moonshot AI Kimi K3 beats Anhtropic Fable 5 in Frontend Code Arena benchmark
Moonshot AI has unveiled Kimi K3, a massive 2.8 trillion-parameter model that currently stands as the largest open-weight artificial intelligence system available. The model utilizes a mixture-of-experts architecture with 896 experts, though it only activates 16 experts per token to maintain computational efficiency. It features a 1 million-token context window and native vision support, allowing it to process vast amounts of data and visual information in a single prompt.

Source

Microsoft develops Project Perception to automate vulnerability discovery with AI

Microsoft develops Project Perception to automate vulnerability discovery with AI
Microsoft is developing a next-generation security tool called Project Perception designed to identify and remediate software vulnerabilities using artificial intelligence. This initiative follows a massive surge in security fixes, with recent Patch Tuesday updates addressing a record 570 flaws. The system aims to compete with Anthropic’s Mythos model, which has already been credited with uncovering thousands of industry-wide bugs, including long-standing zero-day exploits.

Source

Satya Nadella criticizes Anthropic AI guardrails for being overly restrictive

Satya Nadella criticizes Anthropic AI guardrails for being overly restrictive
Microsoft CEO Satya Nadella recently criticized the restrictive nature of Anthropic’s high-end Fable 5 AI model during an internal meeting with engineers. He described the model as being "editorially controlled," arguing that its frequent refusal of user requests hinders its effectiveness as a creative tool. These remarks highlight growing friction between Microsoft and its partner, despite a $5 billion investment and a $30 billion agreement for Anthropic to use Azure cloud services.

Source

Xi Jinping opposes single-country dominance in AI regulation

Xi Jinping opposes single-country dominance in AI regulation
Chinese President Xi Jinping addressed the World Artificial Intelligence Conference in Shanghai, advocating for a collaborative international approach to AI development. He characterized the technology's growth as a "symphony of international cooperation" rather than a solo performance by any individual nation. This keynote marks his first appearance at the event, highlighting the strategic importance of AI to China’s national policy.

Source

Low cost data poisoning attacks compromise open weight AI models

Low cost data poisoning attacks compromise open weight AI models
A cybersecurity researcher demonstrated that open-weight AI models can be compromised with a backdoor for less than $100 in under an hour. By using as few as ten malicious training examples, the researcher successfully manipulated a model to generate code vulnerable to remote code execution. This type of attack, known as data poisoning, involves injecting targeted adversarial data into the training process to steer the model toward specific malicious behaviors.

Source

Microsoft Teams to automate AI meeting archiving and expand admin controls

Microsoft Teams to automate AI meeting archiving and expand admin controls
Microsoft Teams will soon automatically generate AI meeting archive files with a .meeting extension to enhance Copilot and Facilitator responses. These archives capture structured insights rather than raw transcript snippets and are stored in a secure, tenant-owned SharePoint Embedded container. Administrators can manage this feature through a new organization-wide policy setting, which is enabled by default for all eligible meetings.

Source

OpenAI confirms that GPT-5.6 Codex bug deleted user home directories in some cases

OpenAI confirms that GPT-5.6 Codex bug deleted user home directories in some cases
OpenAI has confirmed a critical bug in GPT-5.6 Codex that causes the unexpected deletion of user files on macOS and Linux systems. The issue occurs when the model is granted full-access mode without the protection of sandboxing or auto-review features. While the company describes the frequency of these incidents as rare, the resulting data loss is severe for affected users.

Source

Moonshot AI releases Kimi K3 as the largest open-weight model to date

Moonshot AI has announced Kimi K3, a massive large language model featuring nearly three trillion parameters. This release marks a significant milestone as the first open-weight system to reach this scale, challenging the dominance of proprietary models. The model is specifically designed to handle high-end tasks including complex software development, multi-step reasoning, and advanced research.

Source

GPT-5.6 Sol efface la prod - Un an après Replit, rebelote

Vous vous souvenez de Jason Lemkin ?

C'est le malheureux qui, en juillet de l'année dernière, s'est fait vider sa base de prod par l'IA de Replit. Je pense que cette histoire a traumatisé pas mal de développeurs. Eh bien les amis, rebelote avec GPT 5.6 Sol, qui le temps que vous finissiez votre café, avait déjà mangé le Mac de Matt Shumer , la base Neon de Bruno Lemos , les fichiers de Joey Kudish , et la crédibilité du mot "honnête".

Sorti le 9 juillet, Sol c'est le plus costaud de la nouvelle famille d'OpenAI, et on pourrait se dire qu'il est un peu plus intelligent qu'avant et embarque quand même des sécurités pour éviter ce genre de problème. Mais non.

C'est Shumer, qui est quand même investisseur dans l'IA, qui a ouvert le bal : "GPT-5.6-Sol vient de supprimer par accident PRESQUE TOUS les fichiers de mon Mac." Lemos, lui, a eu droit au grand jeu (le veinard) puisque le modèle lui a tout bien fait jusqu'au moment où il a décidé de faire un TRUNCATE TABLE sur sa base utilisateurs EN PROD !!

Le plus drôle, si je puis dire, c'est que quelques heures avant de tout perdre, Lemos était en train de défendre GPT 5.6 sur le Slack de sa société en expliquant que Shumer n'avait qu'à pas le lancer en mode full access. Oups... Les collègues ont dû bien se foutre de sa gueule.

Du coup OpenAI a mis ses meilleurs Colombos sur l'enquête et sa réponse vaut le détour. Thibault Sottiaux, qui dirige l'ingénierie de Codex, explique le mécanisme : "Le modèle tente d'écraser la variable d'environnement $HOME pour définir un dossier temporaire. Il fait une erreur honnête et supprime $HOME par erreur à la place."

En français, ça veut dire que le modèle voulait se bricoler un petit dossier temporaire pour bosser et malheureusement il a écrasé le répertoire perso à la place. Donc pour OpenAI, c'est une erreur "honnête" alors qu'un rm -rf, ça ne serait pas acceptable.

Quand on lit la doc technique de GPT 5.6, OpenAI le dit lui-même : "Nos simulations de déploiement suggèrent que, comparé à GPT-5.5, GPT-5.6 Sol prend plus souvent des actions de sévérité 3." Le niveau 3, c'est un comportement qu'un utilisateur raisonnable n'anticiperait pas et auquel il s'opposerait fermement. Du genre supprimer des données sans validation, désactiver les systèmes de monitoring, contourner les contrôles de sécurité par obfuscation, ou balancer vos credentials sur un service non approuvé.

Voilà, c'était dans la doc, il suffisait de la lire. C'est donc connu que ce nouveau modèle dérape plus que l'ancien. C'est moche.

L'enquête interne montre quand même que les victimes tournaient en Full-Access, sans sandbox et sans Auto-review. Mais Sottiaux reconnaît quand même que ce n'est pas comme ça qu'OpenAI veut que son système se comporte, même quand l'utilisateur fait tourner un modèle en full access sans les protections de base de la sandbox ni auto-review.

Voilà donc pour éviter ça à l'avenir, ce qu'ils ont prévu, c'est de mettre à jour les avertissements pour les développeurs de guider les utilisateurs vers des modes de permission plus sûrs et évidemment d'ajouter des garde-fous supplémentaires.

En tout cas, si chez vous vous faites tourner codex, et bien sachez que par défaut, il tourne dans un bac à sable, ce qui limite ce qu'il peut toucher. Et le mode auto-review, sait parfaitement intercepter toutes les actions à haut risque et les refuser (auto-review, il faut l'activer à la main, pour info). Et le mode full access désactive le bac à sable et les auto-reviews, sachez-le.

Et c'est précisément ce mode que nos trois victimes avaient choisi...

Source

Anthropic and Blackstone launch Ode to bridge the gap in enterprise AI implementation

Anthropic and Blackstone launch Ode to bridge the gap in enterprise AI implementation
Anthropic and Blackstone have partnered with other major investment firms to launch Ode, a $1.5 billion joint venture focused on AI deployment. The company was formed through the acquisition of Fractional AI, a boutique engineering firm that previously collaborated with OpenAI. This initiative addresses a critical market gap where enterprises struggle to move AI projects from experimental pilots into full-scale production environments.

Source

Unpatched Claude for Chrome flaws allow rogue extensions to access Google Workspace

Unpatched Claude for Chrome flaws allow rogue extensions to access Google Workspace
Researchers have identified two unpatched vulnerabilities in Anthropic’s Claude for Chrome extension that allow malicious browser add-ons to hijack its capabilities. These flaws enable a rogue extension with script access to the claude.ai domain to trigger built-in tasks without genuine user interaction. By injecting synthetic clicks, an attacker can force the extension to read Gmail messages, access Google Calendar entries, and extract data from Google Docs.

Source

Scaling large code migrations with Claude Code and autonomous agents

Scaling large code migrations with Claude Code and autonomous agents
Anthropic has detailed a structured framework for executing large-scale code migrations using Claude Code and specialized agent orchestrations. The process begins by establishing a "judge" to validate parity between the original and target languages, followed by creating a rulebook and dependency map to guide the transformation. To ensure accuracy, administrators can deploy adversarial subagents that stress-test translation rules before fanning out the workload across the entire codebase.

Source

Anthropic launches Claude Fable 5 for complex agentic workflows in Claude Cowork

Anthropic launches Claude Fable 5 for complex agentic workflows in Claude Cowork
Anthropic has introduced Claude Fable 5, a "Mythos-class" model designed specifically for long-running, multi-step asynchronous tasks within the Claude Cowork interface. Unlike previous models that may lose context over extended periods, Fable 5 is built to maintain focus across complex projects that can span several days. It functions as an agentic system, breaking large objectives into parts managed by subagents that test and evaluate results autonomously.

Source

Visual Studio Code 1.99 introduces agent mode and experimental modern UI

Visual Studio Code 1.99 introduces agent mode and experimental modern UI
Visual Studio Code version 1.99, also referred to as version 1.129 in some release cycles, introduces a significant "Agent Mode" for AI-driven development. This feature allows users to utilize autonomous agents that can fetch web content, find symbol references, and perform deep reasoning tasks. The update also integrates the Model Context Protocol (MCP), enabling these agents to connect with various external server tools for expanded functionality.

Source

OpenAI identifies shell parsing bug causing GPT-5.6 Sol to delete user files

OpenAI identifies shell parsing bug causing GPT-5.6 Sol to delete user files
OpenAI has identified a critical flaw in its GPT-5.6 Sol model that leads to the autonomous deletion of files and production databases. The issue stems from a parsing error where the model attempts to redirect the $HOME environment variable to a temporary directory but fails. This results in the execution of recursive delete commands, such as rm -rf, against the user's actual home directory or other sensitive storage locations.

Source

Google updates Gemma 4 with Flash Attention 4 and critical bug fixes

Google updates Gemma 4 with Flash Attention 4 and critical bug fixes
Google has released a significant update to its Gemma 4 open-weight AI model family to address critical reliability issues. The patch specifically targets tool-calling failures that previously prevented the model from reliably interacting with external APIs and software. Additionally, the update resolves a common bug where the model would truncate responses or stop generating text mid-sentence.

Source

Microsoft shifts AI strategy to compete directly with OpenAI and Anthropic

Microsoft shifts AI strategy to compete directly with OpenAI and Anthropic
Microsoft is reportedly instructing its sales force to position its proprietary AI portfolio as a superior alternative to offerings from OpenAI, Anthropic, and Google. During internal strategy sessions for the new fiscal year, executives emphasized that the company’s strength lies in providing an integrated, end-to-end platform. This shift marks a significant change in tone for Microsoft, which has historically relied on its multi-billion dollar partnership with OpenAI to lead the market.

Source

OpenAI debuts Codex Micro hardware to manage AI coding agents

OpenAI debuts Codex Micro hardware to manage AI coding agents
OpenAI has launched its first physical hardware product, the Codex Micro, a specialized macropad designed to control AI-driven coding workflows. Developed in partnership with boutique manufacturer Work Louder, the $230 device is a modified version of the existing Creator Micro 2 platform. It features 13 low-profile mechanical keys, a rotary dial, and a joystick housed within a CNC-machined aluminum and polycarbonate body.

Source

❌