Today's digest · Wednesday, June 24

The 19 things in AI/dev today.

LiveNext issue at 7:00 CET

Stories

#1 / TODAY

Simon Willison·1 min·37h agoFREE

Prompt Injection as Role Confusion

Researchers Charles Ye, Jasmine Cui, and Dylan Hadfield-Menell found that LLMs can be confused by text styled like internal role tags (e.g., <system>, <think>), overriding training. 'Destyling' text to look less like role formats reduced attack success from 61% to 10%. They call this 'role confusion' and warn that injection defense may remain a whack-a-mole game.

Role confusion undermines current prompt injection defenses, making LLM security a perpetual whack-a-mole game.

prompt-injectionllm-securityjailbreakingrole-confusion

simonwillison.net

Porting the Moebius 0.2B image inpainting model to run in the browser with Claude Code

#2 / TOP STORY

Simon WillisonFREE

Porting the Moebius 0.2B image inpainting model to run in the browser with Claude Code

Simon Willison ported the Moebius 0.2B image inpainting model to run in a browser using WebGPU, with help from Claude Code. The model, originally requiring PyTorch and NVIDIA CUDA, was converted to ONNX and deployed on Hugging Face. The demo is available at simonw.github.io/moebius-web/. The project was a side effort while working on a Datasette feature.

Build real agentic apps using CUGA: two dozen working examples on a lightweight harness

#3 / TOP STORY

Hugging FaceFREE

Build real agentic apps using CUGA: two dozen working examples on a lightweight harness

IBM Research introduced CUGA, a lightweight harness designed to simplify the development of agentic AI applications. CUGA provides a structured environment with two dozen working examples covering various agentic patterns, from task automation to multi-agent collaborations. This toolkit aims to lower the barrier to entry for developers, enabling quicker prototyping and deployment of agentic solutions.

aigest · daily

Get this every morning.

One email. The signal. Built for builders.

Free · Unsubscribe in one click · No trackers

// Worth acting on7 stories

Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents

Highlights security gaps in AI agent ecosystems that could lead to widespread compromise.

ai-agentssecuritysupply-chain

The Hacker News22h ago1mFREE

I built a tool that cuts Anthropic API costs by 67% and it finds the waste before you spend

Developers using Anthropic APIs can significantly reduce costs by identifying wasteful spending patterns.

anthropicapicost-optimizationtool

DEV Community5h ago1mFREE

GitHub Updates actions/checkout to Block Common Pwn Request Attack Patterns

This update helps protect CI/CD pipelines from common pwn request attacks.

githubactionssecuritydevops

The Hacker News23h ago1mFREE

Build a protein research copilot with Amazon Bedrock AgentCore

This guide helps developers build specialized AI tools for scientific research using Amazon Bedrock AgentCore.

amazonbedrockagentcoreproteinresearchai

AWS ML Blog20h ago1mFREE

FFmpeg fixes PixelSmash flaw in widely used video decoder

Developers using FFmpeg should update to patch a decoder vulnerability that could be exploited.

ffmpegsecurityvulnerabilitypixelsmash

BleepingComputer40h ago1mFREE

New macOS ClickFix attack silently mounts DMGs to push infostealer

macOS users face stealthy malware delivery that bypasses standard security warnings.

macossecurityinfostealerclickfix

BleepingComputer19h ago1mFREE

Fetch Code Quality findings via REST API

Developers can now automate code quality workflows by fetching scanning results via API.

githubapicode-qualitysecurity-scanning

GitHub Changelog18h ago1mFREE

// Worth knowing8 stories

[AINews] Claude Tag: Multiplayer, Proactive, Persistent Agents in Slack

Claude Tag enables persistent, proactive AI agents in Slack, shifting from reactive chatbots to autonomous team collaborators.

claudeagentsslackmultiplayer

Latent Space6h ago1mFREE

Semantic Search with PostgreSQL: Pragmatism Beats Hype - Most of the Time

Developers can implement semantic search without adding new infrastructure, leveraging PostgreSQL's existing capabilities.

postgresqlsemantic-searchpgvectorfull-text-search

DEV Community5h ago1mFREE

Shared infrastructure, isolated tenants: Pool model multi-tenancy with Amazon Bedrock AgentCore

Pool model multi-tenancy reduces costs by sharing infrastructure while keeping tenant data isolated.

awsbedrockmulti-tenancyagents

AWS ML Blog21h ago1mFREE

Kubernetes teams trust automation to ship code but not to touch CPU, and AI is raising the stakes

For developers, AI is raising the stakes in how Kubernetes teams approach automation for code deployment versus CPU management.

kubernetesautomationaidevops

The New Stack16h ago1mFREE

OPFS + Pyodide test harness

The provided source text does not detail any specific consequences for developers regarding the OPFS and Pyodide test harness.

opfspyodideweb-developmentpython

Simon Willison18h ago1mFREE

Deploy Node servers with zero configuration

Node.js developers can now deploy servers on Vercel without any configuration.

vercelnodejsdeploymentserverless

Vercel30h ago1mFREE

Deploy from Claude Design to Vercel

Developers can now deploy AI-generated designs from Claude to Vercel in one step.

claudeverceldeploymentai-design

Vercel37h ago1mFREE

Shipping huggingface_hub every week with AI, open tools, and a human in the loop

Developers using huggingface_hub get faster access to new features and fixes through a weekly release cycle.

huggingfacehuggingface-hubrelease-processai-assisted

Hugging Face37h ago1mFREE

More selected · 1

Workflows - Workflows rollback handlers now include step context

Developers gain finer control over workflow rollbacks with step-specific context.

cloudflareworkflowsrollbackdeveloper-tools

Cloudflare Developer Platform25h ago1mFREE

// Yesterday2 stories