Build a digital twin agent (with guardrails)

Explore 10 top open-source GitHub repositories for modern databases, analytics, SQL, caching, monitoring, replication, PostgreSQL, SQLite, and AI agent memory.

A malicious npm package posing as a remote user interface for OpenAI Codex exfiltrated developer authentication tokens, after attackers allegedly published code to npm that was not visible in the project’s public GitHub repository. Researchers at Aikido said the package, called codexui-android, appeared to offer legitimate functionality while collecting authentication tokens and sending them to an external server. “AI developer tooling is becoming a high-value target precisely because the tokens are powerful and long-lived,” Aikido said. “A stolen Codex refresh_token goes beyond access to a chat interface — it’s persistent, silent access to whatever that account can do.” Aikido said the incident reflected a broader pattern in which attackers build credible and useful projects as cover for malicious activity. “The legitimacy is the attack vector,” Aikido said. “As AI tools proliferate and developers reach for productivity shortcuts, expect more of this.” The case exposes what some secur

AI-driven coding surge could boost productivity and innovation but raises concerns about code quality, security, and review process adequacy. The post Nvidia CEO Jensen Huang says AI-generated commits on GitHub tripled to 1.4B in 2026 appeared first on Crypto Briefing.

Microsoft is heading to San Francisco this week in a bid to win back developers at its Build conference. I've been attending Build since the days when Microsoft called it the Professional Developers Conference, and I can't remember a more pivotal moment. As Microsoft continues to reshuffle its entire business around AI, it's moving Build into a smaller, more intimate venue. Trust in Windows and GitHub is at an all-time low, and this is Microsoft's chance to reconnect with developers and outline the future. Sources tell me that we'll hear about new AI models in Windows, a new reasoning model from Microsoft AI, and a Copilot "super app." But … Read the full story at The Verge.

Solana co-founder Anatoly Yakovenko has called for another attempt to accelerate SOL disinflation, after a new GitHub discussion proposed improving Solana’s tokenomics through a resource-based base fee that would be fully burned. The debate puts SOL issuance, fee burn mechanics and validator economics back at the center of Solana governance after last year’s failed SIMD-0228 […]

Personal agents are exploding in popularity, with open source projects like OpenClaw and Hermes seeing rapid adoption by AI developer communities on GitHub. Built to adapt to individual preferences and workflows, these agents can interact with applications, generate content, automate repetitive processes and manage multi-step tasks — all while running locally on device. Today at […]

Every LLM deployment has a ceiling, a latency curve, and a unit cost. Most teams operate blindly, discovering their deployment limits only when over-provisioning exhausts their GPU budget or peak traffic causes a catastrophic failure. Three numbers matter: maximum sustained concurrency before GPU saturation, end-to-end latency at that concurrency, and cost per million tokens at... The post Industry-standard LLM benchmarks in DataRobot appeared first on DataRobot.

The tech world is rapidly waking up to the security threat posed by future quantum computers, which will be able to break the encryption we now use to protect our internet existences with ease. Against that backdrop, Apple’s decision to share iPhone and Mac post-quantum cryptography code on GitHub speaks volumes.  Lost in the fog of reporting over the Memorial Day weekend, this protection implements Apple’s versions of the standardized quantum-secure ML-KEM and ML-DSA algorithms. The newly-published material includes source code for corecrypto, the cryptographic library used by Apple’s Security framework, CryptoKit, and CommonCrypto. The company also published a white paper explaining more, including how it’s been testing its protection. Post-quantum to its core Apple has been working on post-quantum cryptographic protection for years. It first went public with this effort when it introduced iMessage’s PQ3 protocol in iOS 17.4. That protection secures both the conversation and its encr