Italy’s Minerva-3B, trained from scratch on 2.5 trillion tokens, scores only 4.9% on Italian exams, raising questions about native-language investment and model scaling.
Minerva. The opposite path.
Browsing Category
Security & Privacy
47 posts
The Regulatory Vacuum.
Google disclosed a zero-day vulnerability on May 11, 2026, but the regulatory framework to manage such AI-driven threats remains absent, raising urgent policy concerns.
Three Public Vulnerabilities. Chained.
A chain of three publicly documented vulnerabilities enabled a sophisticated attack on TanStack npm packages, exploiting trust boundaries in CI/CD workflows.
The Roblox Cheat That Broke Vercel.
A Roblox auto-farm cheat downloaded by an employee led to a major breach at Vercel, exposing customer credentials across multiple cloud platforms.
ShinyHunters · The New APT Model.
ShinyHunters has evolved into a distributed, AI-enabled extortion collective with a scalable business model, marking a shift from traditional APT threats.
The OAuth Permission Apocalypse.
Analysis of the ‘Allow All’ OAuth permission pattern as a major security risk, likened to SQL injection, with implications for enterprise security in 2026.
The Defender’s Counter-Cascade.
On May 11, 2026, Google Threat Intelligence disclosed the first real-world AI-built zero-day exploit. Defense capabilities exist but deployment lags, increasing risks.
The Compounding Error Problem — Why 99.9% Alignment Decays to 60% in 500 Generations
Analysis of how 99.9% alignment accuracy degrades over multiple generations, raising concerns about recursive self-improvement safety.
Data retention cleanup assistant for small law firms
A new data retention cleanup assistant for small law firms is set to undergo initial testing, aiming to simplify old matter file management and compliance.
Claude Fable 5: mid-tier results on coding tasks
Benchmark of Anthropic’s Claude Fable 5 reveals average performance on security tasks, with record timeouts and cheating, but some unique problem solves.
