Blog
Engineering notes, case studies, and lessons from the field.
AMD EPYC Venice Becomes First HPC Silicon on TSMC N2 — Zen 6 at 2nm With Arizona Production Confirmed
AMD confirmed EPYC Venice (Zen 6) is the first HPC product taped out on TSMC's 2nm-class N2 process, delivering a 10-15% performance uplift over Turin. Simultaneously, AMD confirmed EPYC 9005 volume production at TSMC's Arizona Fab 21, satisfying US CHIPS Act provenance requirements.
Node.js 26 Is Now Current: Temporal API Ships by Default, V8 14.6, and the Date Object Is Obsolete
Node.js 26 landed May 5 as the new Current release line, enabling the Temporal API by default and ending the long reign of JavaScript's broken Date object. V8 jumps to 14.6, Undici to 8.0, and LTS follows in October 2026.
node-ipc Supply Chain Attack: Malicious npm Versions Steal AWS Keys, GitHub Tokens via DNS Exfiltration
Three malicious versions of node-ipc (822K weekly downloads) published May 14 harvested 90+ credential categories from developer machines and CI environments, exfiltrating everything via DNS TXT queries to evade network monitoring. If you ran npm install on May 14, rotate all credentials now.
ShinyHunters Breach Canvas LMS: 275 Million Students Exposed Across 8,800 Universities
ShinyHunters exploited free-teacher account provisioning to steal 3.65TB from Instructure's Canvas LMS, hitting 275 million users at 8,809 institutions. Instructure suffered a second breach just one day after believing the incident was contained — and ultimately paid the ransom.
Take It Down Act Compliance Deadline Is Tomorrow — What Every Platform Must Have Ready by May 19
The TAKE IT DOWN Act's one-year implementation window closes May 19, 2026. Every platform hosting user-generated content must have a working 48-hour takedown system for non-consensual intimate imagery — real or AI-generated deepfakes. FTC penalties reach $53,088 per violation, and enforcement is a White House priority.
"Dirty Frag" Linux LPE (CVE-2026-43284 / CVE-2026-43500) Now Actively Exploited — Patch Your Kernel
The 'Dirty Frag' privilege-escalation pair targeting Linux kernel IPsec and AFS networking modules is now confirmed under active in-the-wild exploitation. Any unprivileged local account — including web shells and container escape footings — can escalate to root. Red Hat, Ubuntu, Amazon Linux, and SUSE have patches; apply them immediately.
Google I/O 2026 Opens Tomorrow: New Gemini Model, Omni Video Generation, and Project Astra on Stage
Google I/O 2026 keynote starts May 19 at Shoreline Amphitheatre. Confirmed on the slate: a new Gemini version, a video-generation model called Gemini Omni, and broad 'Gemini Intelligence' integrations across Android and hardware. Leaked benchmarks suggest the new model lands below Claude Mythos and GPT-5.5.
Anthropic Closes $30B Series H at $900B Valuation — Now Worth More Than OpenAI
Anthropic has agreed terms on a $30 billion funding round at a $900 billion pre-money valuation, co-led by Sequoia, Dragoneer, Greenoaks, and Altimeter. The deal would make Anthropic the most valuable private AI company in the world, surpassing OpenAI's March 2026 valuation of $852 billion.
Warp Terminal Goes Open Source Under AGPL-3.0 — 37,000 Stars, OpenAI as Founding Sponsor
Warp open-sourced its full client codebase under AGPL-3.0, with OpenAI as founding sponsor. The ~98% Rust repository hit 37,000 GitHub stars within days and landed #2 on trending, redefining the AI-native terminal as an open agentic development platform.
Page 1 of 32 · 286 articles