In a new paper published Thursday titled “Auditing language models for hidden objectives,”
Anthropic researchers described how custom AI models trained to deliberately conceal certain
“motivations” from evaluators could still inadvertently reveal secrets, due to their ability
to adopt different contextual roles they call “personas.” The researchers were initially
astonished by how effectively some of their interpretability methods seemed to uncover these
hidden training objectives, although the methods are still under research.
After significant research and testing on dozens of actual SNES units, the TASBot team now
thinks that a cheap ceramic resonator used in the system’s Audio Processing Unit (APU) is to
blame for much of this inconsistency. While Nintendo’s own documentation says the APU should
run at a consistent rate of 24.576 Mhz (and the associated Digital Signal Processor sample
rate at a flat 32,000 Hz), in practice, that rate can vary just a bit based on heat, system
age, and minor physical variations that develop in different console units over time.
Time for me to write this blog post and prepare everyone for the implementation blitz that
needs to happen to make defer a success for the C programming language.
Solution files have been a part of the .NET and Visual Studio experience for many years now,
and they’ve had the same custom format the whole time. Recently, the Visual Studio solution
team has begun previewing a new, XML-based solution file format called SLNX. Starting in .NET
SDK 9.0.200, the dotnet CLI supports building and interacting with these files in the same
way as it does with existing solution files.
HybridCache is a new .NET 9 library available via the Microsoft.Extensions.Caching.Hybrid
package and is now generally available! HybridCache, named for its ability to leverage both
in-memory and distributed caches like Redis, ensures that data storage and retrieval is
optimized for performance and security, regardless of the scale or complexity of your
application.
Like sorting algorithms, hash table data structures continue to see improvements. In
2017, Sam Benzaquen, Alkis Evlogimenos, Matt Kulukundis, and Roman Perepelitsa at Google
presented a new C++ hash table design, dubbed “Swiss Tables”. In 2018, their
implementation was open sourced in the Abseil C++ library.
Go 1.24 includes a completely new implementation of the built-in map type, based on the Swiss Table design.
We are investigating a critical security incident involving the popular tj-actions/changed-files
GitHub Action. We want to alert you immediately so that you can take prompt action. This post
will be updated as new information becomes available.
A header-only C++ library that offers exceptionless error handling and type-safe enums, bringing
Rust-inspired error propagation with the ? operator and the match operator to C++.
Two years into the generative AI revolution, the LLMs that power tools like ChatGPT and Claude
have become startlingly powerful. However, according to Salesforce CEO Marc Benioff, they may be
reaching their limits. Per Benioff, the next evolution is not necessarily more intelligent LLMs
but autonomous AI agents that leverage LLMs to execute tasks independently.
About a month ago, the CPython project merged a new implementation strategy for their bytecode interpreter. The
initial headline results were very impressive, showing a 10-15% performance improvement on average across a wide
range of benchmarks across a variety of platforms.
Unfortunately, as I will document in this post, these impressive performance gains turned out to be primarily
due to inadvertently working around a regression in LLVM 19.
MCP is an open protocol that standardizes how applications provide context to LLMs. Think of MCP like a USB-C
port for AI applications. Just as USB-C provides a standardized way to connect your devices to various
peripherals and accessories, MCP provides a standardized way to connect AI models to different data sources
and tools.
A path traversal vulnerability arises when an attacker can trick a program into opening a file other than
the one it intended. This post explains this class of vulnerability, some existing defenses against it, and
describes how the new os.Root API added in Go 1.24 provides a simple and robust defense against unintentional
path traversal.
Monitoring Apache Spark structured streaming data workloads is challenging because the data
is continuously processed as it arrives. Because of this always-on nature of stream processing,
it is harder to troubleshoot problems during development and production without real-time
metrics, alerting and dashboards. Traces complement metrics, and since Spark doesn’t include
them by default, we integrate them using OpenTelemetry.
Meta’s Anti Scraping team focuses on preventing unauthorized scraping as part of our ongoing
work to combat data misuse. In order to protect Meta’s changing codebase from scraping attacks,
we have introduced static analysis tools into our workflow. These tools allow us to detect
potential scraping vectors at scale across our Facebook, Instagram, and even parts of our Reality
Labs codebases.
Campàs and his team drew inspiration from processes called fluidization and convergent extension—mechanisms
that cells in embryos use to coordinate their behavior when forming tissues and organs in a developing
organism. The team built a robotic collective where each robotic unit behaved like an embryonic cell. As a
collective, the robots behaved like a material that could change shape and switch between solid and liquid
states, just like the T-1000.
With its ability to simultaneously process different data types (think text, image, audio, video and more),
the continuing development of multimodal AI represents the next step that would help to further enhance a
wide range of tools — including those for generative AI and autonomous agentic AI.
Most applications rely on cloud SDKs to connect to services like message brokers, queues, databases, APIs
and more.
Rather than working directly with cloud SDKs, a better approach is to introduce a standardized layer between
applications and cloud services. This allows developers to interact with essential resources without being
tightly coupled to a specific provider’s SDKs. A framework like Dapr helps achieve this by providing a uniform
API for interacting with cloud resources.
The root cause of the EntrySign vulnerability is that the AMD Zen microcode signature verification algorithm uses
the CMAC function as a hash function; however, CMAC is a message authentication code and does not necessarily provide
the same security guarantees as a cryptographic hash function.
The weakness of using CMAC as a hash function is that anyone who has the encryption key is able to observe the
intermediate values of the encryption and calculate a way to “correct” the difference so that the final output
remains the same, even if the inputs are completely different.
While analyzing threats targeting WordPress frameworks, we found an attack where a single 3rd party JavaScript
file was used to inject four separate backdoors into 1,000 compromised websites using cdn.csyndication[.]com/.
Creating four backdoors facilitates the attackers having multiple points of re-entry should one be detected and
removed. A unique case we haven’t seen before. Which introduces another type of attack made possibly by abusing
websites that don’t monitor 3rd party dependencies in the browser of their users.
GitHub Copilot can streamline your debugging process by troubleshooting in your IDE, analyzing pull requests,
and more, helping you tackle issues faster and more robustly.
Passwords are notoriously difficult to detect with conventional programming approaches. AI can help us find
passwords better because it understands context. This blog post will explore the technical challenges we faced
with building the feature and the novel and creative ways we solved them.
Want to get started with AI development, but not sure where to start? I’ve got a treat for you –
we have a new AI Chat Web App template now in preview.
With eBPF, we can process, filter, and act on data as it flows through the system — directly at the
kernel level. This architecture approach flips the centralized model on its head by embedding
decision-making directly into the system at the point where data is generated. This means that instead
of forwarding vast amounts of raw data for centralized processing, we can use intelligent,
kernel-embedded programs to analyze, process, and act on data exactly where it was generated in
real-time. By doing this, eBPF enables a shift from centralized, reactive decision-making to
distributed, proactive intelligence.
When sensing defeat in a match against a skilled chess bot, [advanced AI models] don’t always concede,
instead sometimes opting to cheat by hacking their opponent so that the bot automatically forfeits the game.
The Microsoft.Extensions.AI.Evaluations library is designed to simplify the integration of AI evaluation
processes into your applications. It provides a robust framework for evaluating your AI applications and
automating the assessment of their performance.
NVMe-oF is a network protocol that extends the parallel access and low latency features of Nonvolatile Memory Express (NVMe) protocol
across networked storage. Originally designed for local storage and common in direct-attached storage (DAS) architectures, NVMe
delivers high-speed data access and low latency by directly interfacing with solid-state disks. NVMe-oF allows these same advantages
to be achieved in distributed and clustered environments by enabling external storage to perform as if it were local.
Many enterprises generate terabytes of log data every day, resulting in high costs to ingest, store and analyze that data. Even
worse, many observability platforms are walled gardens, making it hard to use log data for use cases beyond observability, such
as business intelligence, data science and machine learning.
To solve both of these problems, it’s time for headless observability, a fresh approach that decouples the frontend (visualization,
querying and analytics) from the backend (data ingestion and storage) — all while keeping operations simple.
We’re sharing details about Strobelight, Meta’s profiling orchestrator.
Strobelight combines several technologies, many open source, into a single service that helps engineers at Meta improve
efficiency and utilization across our fleet.
Using Strobelight, we’ve seen significant efficiency wins, including one that has resulted in an estimated 15,000 servers'
worth of annual capacity savings.
A sandbox is a lightweight, isolated, production-like testing setup created dynamically from a shared baseline
environment. Designed to replicate production conditions at a fraction of the cost and complexity, sandboxes
effectively transform a single staging environment into multiple independent environments. By multiplexing the
baseline staging setup, sandboxes provide tailored environments for individual engineers or QA teams without
adding compliance risks or increasing maintenance burdens, as they inherit the same compliance and configuration
frameworks as production.
With data federation, you can query data across many different sources without moving it. With this approach,
no additional pipeline is needed; there are no egress costs and none of the security risks that come with
migrating data.
We created data logs as a solution to provide users who want more granular information with access to data
stored in Hive. In this context, an individual data log entry is a formatted version of a single row of data
from Hive that has been processed to make the underlying data transparent and easy to understand.
CubeFS is an open source distributed storage system that supports access protocols such as POSIX, HDFS, S3,
and its own REST API. It can be used in many scenarios, including big data, AI/LLMs, container platforms,
separation of storage and computing for databases and middleware, data sharing, and more. Key features of
CubeFS include a highly scalable metadata service with strong consistency and multi-tenancy support for
better resource utilization and tenant isolation.
A telemetry pipeline is a system that collects, processes and routes telemetry data (logs, metrics and traces)
from various sources to the right monitoring and analysis tools. Instead of managing separate agents or collectors
for different signals, a telemetry pipeline unifies data handling, making observability more efficient and scalable.
Namespaces restrict resources that a containerized process can see so that one process can’t see the resources
being used by another. This feature is crucial to the likes of containers and orchestration tools such as Kubernetes
because, otherwise, one deployed container would be able to access or view resources used by another.
Earth’s rotation, for thousands of years, has mostly slowed, the biggest driver being the changing tides that
come with the gravitational tug of the moon. Currents in the planet’s outer core, which scientists are still
trying to figure out, also have slowed the spin. But the core can speed up the spin, too, which may be what’s
been happening recently. Additional leap seconds have become a lot less frequent in the past two decades.
