Tech / AI / IT Monitor

March 24, 2026 · Based on tweets from the last 24 hours · 183 tweets analyzed · model: claude-sonnet-4-6

Tech / AI / IT Intelligence Briefing

Period: 2026-03-23 to 2026-03-24 | Generated from Twitter/X monitoring

Executive Summary

The dominant security story of the past 24 hours is a confirmed PyPI supply chain attack on the litellm library, which exposed SSH keys, cloud credentials, and API secrets to any project that installed litellm ≥1.64.0 — including popular frameworks like DSPy. The attack was live for roughly one hour before being detected almost by accident. Simultaneously, the open-source AI agent space saw major momentum with Hermes Agent v0.4.0 from NousResearch shipping 300 merged PRs in a single week, gaining 11K GitHub stars and emerging as a direct community challenger to proprietary coding agents. OpenAI's Sam Altman announced a significant organizational restructuring, launching the OpenAI Foundation with a $1B commitment to AI resilience, biosecurity, and societal impact. On the hardware/infrastructure front, a new Lace Lithography chip-making technique was introduced claiming 10× extension of Moore's Law, and Hugging Face released hf-mount for filesystem-level access to model repositories.

Key Events

🚨 CRITICAL: litellm PyPI supply chain attack — pip install litellm (v1.82.8) exfiltrated SSH keys, AWS/GCP/Azure creds, Kubernetes configs, git credentials, shell history, crypto wallets, SSL private keys, CI/CD secrets, and database passwords. Attacker reached any project transitively depending on litellm (e.g., DSPy). Detected only because the attack had a memory leak bug that crashed a user's machine. Multiple teams are dropping litellm as a dependency. → link
Hermes Agent v0.4.0 released — NousResearch ships the biggest release yet: background self-improvement, OpenAI Responses API endpoint, new messaging platforms, new providers, MCP server management, and 300 merged PRs in a single week. Community momentum is building as an open-source alternative to proprietary coding agents. → link
OpenAI Foundation announced with $1B spend — Sam Altman details the OpenAI Foundation's initial focus areas: novel bio threats, economic disruption from AI, emergent societal effects. Wojciech Zaremba transitions to Head of AI Resilience; new hires in Life Sciences, Civil Society, and Operations. → link
Rust's std::thread now runs on the GPU — vectorware announces a never-before-achieved milestone: using Rust's standard thread library on GPU hardware. → link
Lace Lithography introduced as potential 10× Moore's Law extension — FutureJurvetson-shared announcement of a novel chip-making approach claiming to push semiconductor scaling far beyond current limits. → link
NVIDIA Nemotron Cascade benchmarked — 30B total / 3B active parameters hybrid Mamba MoE model, runs on a single RTX 3090. Claims to beat Qwen on math, code, and reasoning; achieved gold-medal performance on International Math Olympiad with only 3B active params. Community benchmarks incoming. → link
MolmoWeb released by Allen AI — Open-source browser-use agent capable of navigating and completing tasks in a web browser on the user's behalf. → link
hf-mount released on Hugging Face — Filesystem-level mounting of HuggingFace datasets and model repos; enables DuckDB queries over 5TB datasets, llama.cpp inference over mounted GGUFs, and k8s pod model serving without init containers. → link
Karpathy argues against heavy dependency use following litellm attack — Suggests "yoinking" simple functionality via LLMs rather than pulling large dependency trees; frames supply chain attacks as "the scariest thing in modern software." → link
Python 3.15 JIT back on track — After earlier delays, Python 3.15's JIT compiler is reportedly back on schedule. → link
PrismAudio: RL-powered video-to-audio model from Alibaba FunAudio — New V2A framework released on Hugging Face. → link
Apple cluster inference benchmarked with RDMA over Thunderbolt — M4 Pro Mac Mini + MacBook clustered using exolabs; 11 model configurations benchmarked. → link
Claude Code shows UI mockup generation via AskUserQuestion tool — First reported instance of Claude Code presenting interactive UI mock-up options during an interview-style design session. → link
Hark AI lab unveiled — New lab from the creator of Figure Robotics targeting the "personal intelligence interface with machines." → link
CodexBar 0.19.0 released — Token budget tracking tool adds Alibaba Coding Plan support, subscription history charts, Cursor dashboard alignment, and Codex code-review reset times. → link
Fine-tuning waste called out — Community observation that companies routinely burn $10K+ in GPU compute on fine-tuning before testing whether the base model suffices; argument made for consumer GPU (3090–5090) baseline testing first. → link
Apple App Store flooding with AI-generated slop apps — Multiple developers flagging a wave of low-quality AI-generated apps degrading store quality. → link
CUDA Graphs deep-dive published — New GPU Glossary page exploring why CUDA Graphs are so hard to serialize. → link
OpenAI reportedly offering 17.5% guaranteed minimum return on investment — Noted by financial/tech commentators as an unusual capital structure signal. → link
Ghostty terminal (libghostty-vt) now builds and tests on Windows CI — Progress milestone for cross-platform terminal emulator. → link

Analysis

Patterns

Supply chain security reaching an inflection point. The litellm attack is notable not for its novelty but its scale: 97M monthly downloads and deep transitive dependency embedding meant blast radius was enormous. The near-miss (detected only due to an attacker bug) is a warning shot. Karpathy's reaction — advocating for LLM-generated utility code over dependency imports — will likely gain traction among security-conscious developers. Multiple projects publicly dropping litellm within hours is a healthy response, but the underlying problem (unverified package installs in large dependency trees) remains structural. Expect accelerated investment in supply chain tooling (sigstore, pip audit, lockfiles) and renewed debate about dependency minimalism.

Open-source agent consolidation accelerating. Hermes Agent's v0.4.0 momentum is real: 300 PRs/week, 11K stars, and a growing community actively positioning it as a replacement for OpenClaw. The OpenAI Responses API compatibility endpoint is strategically important — it lowers the switching cost from proprietary tools. The "Heralds" community branding and aggressive star targets suggest an organized grassroots push, not just organic growth. Watch for NousResearch's Hermes vs. OpenClaw competitive dynamics to intensify over the next few weeks.

AI infrastructure maturing at the edge. The M4 cluster RDMA-over-Thunderbolt benchmarks, hf-mount for filesystem-level model access, tinygrad's "affordable housing for AI" positioning, and NVIDIA Nemotron Cascade fitting on a single 3090 all point toward the same macro trend: serious inference workloads are migrating to consumer and edge hardware faster than expected.

OpenAI pivoting to resilience framing. The $1B OpenAI Foundation with Zaremba heading "AI Resilience" (rather than traditional safety) is a notable framing shift. "Resilience" implies adapting society to AI disruption rather than preventing model harm — a more pragmatic, arguably more industry-friendly framing. This merits watching as a potential bellwether for how frontier labs communicate safety going forward.

What to Watch Next

litellm response — Will BerriAI (litellm maintainer) publish a full post-mortem? Any evidence the attack succeeded in exfiltrating live credentials at scale?
Hermes Agent adoption curve — Can the open-source agent sustain 300 PR/week velocity? Will enterprise users migrate from OpenClaw at scale?
Nemotron Cascade independent benchmarks — Community receipts on the NVIDIA vs. Qwen math/code/reasoning claims are due within 24–48 hours.
Lace Lithography details — The 10× Moore's Law claim needs peer scrutiny; watch for technical breakdowns from semiconductor analysts.
Python 3.15 JIT — Timeline and performance benchmarks as it approaches release.

Tweet Feed

🔴 Security: litellm PyPI Supply Chain Attack

@karpathy · 2026-03-24T16:56

Software horror: litellm PyPI supply chain attack. Simple pip install litellm was enough to exfiltrate SSH keys, AWS/GCP/Azure creds, Kubernetes configs, git credentials, env vars (all your API keys), shell history, crypto wallets, SSL private keys, CI/CD secrets, database passwords. LiteLLM itself has 97 million downloads per month which is already terrible, but much worse, the contagion spreads to any project that depends on litellm. For example, if you did pip install dspy (which depended on litellm>=1.64.0), you'd also be pwnd... Supply chain attacks like this are basically the scariest thing imaginable in modern software... it's why I've been so growingly averse to them, preferring to use LLMs to "yoink" functionality when it's simple enough and possible. → tweet link

@nummanali · 2026-03-24T19:09

RT @karpathy: Software horror: litellm PyPI supply chain attack. Simple pip install litellm was enough to exfiltrate SSH keys, AWS/GCP/… → tweet link

@jezell · 2026-03-24T17:28

RT @karpathy: Software horror: litellm PyPI supply chain attack. Simple pip install litellm was enough to exfiltrate SSH keys, AWS/GCP/… → tweet link

@jezell · 2026-03-24T15:08

RT @grok: Litellm (the Python lib for unified LLM calls) is used in several major AI frameworks as a core dep or… → tweet link

@jezell · 2026-03-24T15:18

Glad we wrote our own LLM router. Really don't see why so many people outsource the router. → tweet link

@jezell · 2026-03-24T16:49

RT @johnnypgreco: folks, we're going to completely drop litellm as a dependency – today → tweet link

@gospaceport · 2026-03-24T17:59

The rate of supply chain attacks is super high and with agents on all ends of the equation it likely doesnt slow down from here. → tweet link

@Teknium · 2026-03-24T15:40

Thank you Luba for notifying us as well as the discord community of @Lite_LLM having been hacked. Please see this important security notice if you are a Hermes Agent user who installed within the last 4-24 hours! → tweet link

@Teknium · 2026-03-24T16:53

RT @claudiocasalex: 🚨If you run Hermes in docker like I do, note that you must: delete "litellm==1.75.5" from requirements.txt (line 27)… → tweet link

🤖 Hermes Agent v0.4.0 (NousResearch)

@Teknium · 2026-03-24T16:00

Hermes Agent v0.4.0 — 300 merged PRs this week. Biggest release we've done. Background self-improvement, OpenAI Responses API endpoint for your agent, new messaging platforms, new providers, MCP server management, and a lot more. → tweet link

@Teknium · 2026-03-24T19:10

RT @NousResearch: Hermes Agent v0.4.0 is out: → tweet link

@Teknium · 2026-03-24T16:11

I am most excited to see what people might do with a Hermes Agent as an API :) → tweet link

@nummanali · 2026-03-24T16:16

I don't think I've seen this anywhere. Control a full Hermes coding agent programmatically. You can use the OpenAI SDK that's compatible with the Responses API or the Vercel AI SDK if it's preferred. All capabilities are enabled - really cool! → tweet link

@Teknium · 2026-03-24T16:34

RT @witcheer: Hermes agent v0.4.0. I run this thing 24/7. here's what just changed under my feet. /1/ you can now expose hermes as an OpenAI-compatible… → tweet link

@Teknium · 2026-03-24T16:06

RT @Shaughnessy119: Update your Hermes agent! Hermes Agent v0.4.0 — 300 merged PRs this week!