AI Engineering Signal #26
Malicious dependency found in PyTorch Lightning
Signals
Malicious dependency found in PyTorch Lightning
supply chain attack targeting AI training pipelines, not a theoretical risk but an active one in a widely used library.
Web
OpenAI restricts Cyber model after GPT-5.5 cyber benchmark
GPT-5.5 solved a 12-hour expert task in 11 minutes for $1.73; both labs now gate their most capable cyber models.
TechCrunch
IBM Granite 4.1 8B matches 32B MoE models
meaningful efficiency gain; 8B weight class just got more competitive for on-device and cost-sensitive inference.
Web
Qwen 3.6 27B runs 218K context at 50-66 TPS on a single RTX 3090
local inference at this context length and speed on consumer hardware is a new bar.
Lilian Weng publishes "Why We Think"
OpenAI's head of safety research on reasoning mechanisms; required reading for anyone building on top of chain-of-thought.
Web
Topology-based neural training monitor proposed
collapse index derived from training dynamics topology could give early warning of training failures before loss curves show it.
ArXiv
ICML rejecting unanimous positive-rated papers
conference review process appears broken at scale; affects where to submit and how much weight to give acceptance signals.
The Take
The PyTorch Lightning supply chain hit and the dual model restrictions on cyber-capable models land in the same week — the attack surface for AI infrastructure is expanding faster than the defenses, and the labs themselves are acknowledging it by locking down their most capable models rather than shipping them openly.
Subscribe
Related Signals