Feed aggregator

There's Still Time to Earn Interest on Your Savings, But Time's Ticking. Today's Rates, Nov. 19, 2024

CNET Feed - Tue, 11/19/2024 - 10:06am
Don't wait too long, rates over 5% won't stick around forever.
Categories: CNET

I Switched From Melatonin Supplements to Sleep Patches for Two Weeks. These Are the Top Products That Get It Right.

CNET Feed - Tue, 11/19/2024 - 10:00am
I tested seven sleep patches from three top brands, but only a few lived up to the hype. Here's everything you need to know about the trending sleep product.
Categories: CNET

Best Nonstick Pan for 2024

CNET Feed - Tue, 11/19/2024 - 10:00am
No kitchen is complete without a reliable nonstick pan. CNET’s experts top options to help you find the best fit for your cooking needs.
Categories: CNET

Free AI editor lures in victims, installs information stealer instead on Windows and Mac

Malware Bytes Security - Tue, 11/19/2024 - 9:51am

A large social media campaign was launched to promote a free Artificial Intelligence (AI) video editor. If the “free” part of that campaign sounds too good to be true, then that’s because it was.

Instead of the video editor, users got information stealing malware. Lumma Stealer was installed on Windows machines and Atomic Stealer (AMOS) on Macs.

The campaign to promote the AI video editor was active on several social media platforms, like X, Facebook, and YouTube…

…and had been active for quite a while. as you can see from this tweet.

The criminals seem to have used a lot of accounts to promote their “product” as you can see from this search on X.

Some accounts were expressly created for this purpose, while others look like they may have been compromised accounts.

The campaign looks well organized, and looks so legitimate that it took quite a while before a researcher found out and tweeted about the threat.

When interested individuals follow the links, they’ll end up on a professional looking website—exactly what you would expect.

But if they click the “GET NOW” button, they’ll download the information stealer and infect their device. The file is called “Edit-ProAI-Setup-newest_release.exe” for Windows, and “EditProAi_v.4.36.dmg” for macOS.

Lumma is available through a Malware-as-a-Service (MaaS) model, where cybercriminals pay other cybercriminals for access to malicious software and its related infrastructure. Lumma steals information from cryptocurrency wallets and browser extensions, as well as two-factor authentication details. Lumma is often distributed via email campaigns, but nothing stops the cybercriminals from spreading it as a download for an AI editor, as they did here.

AMOS makes money for its operators by finding and stealing valuable information on the computers it infects, such as credit card details, authentication cookies, passwords and cryptocurrency. Besides stealing data from the web browsers themselves, AMOS can also steal data from browser extensions (plugins).

What if you installed one of these?

Both stealers are after login credentials and financial information, so there are a few things you’ll need to do.

  • Monitor your accounts. Banking and cryptocurrency information is a prime target for these information stealers, so check your accounts and monitor them closely.
  • Change all your passwords starting with the important ones, and if you’re not using a password manager already, now might be a good time to get one. It can help you create and store strong passwords.
  • Enable multi-factor-authentication (MFA) on all your important accounts.
  • Log out of all your important accounts on infected devices. These information stealers are capable of taking over some accounts by stealing cookies, even if you have MFA enabled.

Malwarebytes for Windows and Malwarebytes for Mac can detect the information stealers, and they block the EditProAI websites.

Categories: Malware Bytes

Google May Be Asked to Sell Chrome Browser by DOJ

CNET Feed - Tue, 11/19/2024 - 9:49am
Google is still under scrutiny for its search monopoly. Chrome may be a bargaining chip in the ongoing case.
Categories: CNET

Show HN: LlamaPReview – AI code reviewer trusted by 2000 repos, 40%+ effective

Hacker News - Tue, 11/19/2024 - 9:25am

Hi HN! A month ago, I shared LlamaPReview [1] in SHOW HN. Since then, we've grown to 2000+ repos (60%+ public) with 16k+ combined stars. More importantly, we've made significant improvements in both efficiency and review quality.

Key improvements:

1. ReAct-based Review Pipeline We implemented a ReAct (Reasoning + Acting) pattern that mimics how senior developers review code. Here's a simplified version:

```python def react_based_review(pr_context) -> Review: # Step 1: Initial Assessment - Understand the changes initial_analysis = initial_assessment(pr_context) # Step 2: Deep Technical Analysis deep_analysis = deep_analysis(pr_context, initial_analysis) # Step 3: Final Synthesis return synthesize_review(pr_context, initial_analysis, deep_analysis) ``` 2. Two-stage format alignment pipeline

```python def review_pipeline(pr) -> Review: # Stage 1: Deep analysis with large LLM review = react_based_review(pr_context) # Stage 2: Format standardization with small LLM return format_standardize(review) ``` This two-stage approach (large LLM for analysis + small LLM for format standardization) ensures both high-quality insights and consistent output format.

3. Intelligent Skip Analysis We now automatically identify PRs that don't need deep review (docs, dependencies, formatting), reducing token consumption by 40%. Implementation:

```python def intelligent_skip_analysis(pr_changes) -> Tuple[bool, str]: skip_conditions = { 'docs_only': check_documentation_changes, 'dependency_updates': check_dependency_files, 'formatting': check_formatting_only, 'configuration': check_config_files } for condition_name, checker in skip_conditions.items(): if checker(pr_changes): return True, f"Optimizing review: {condition_name}" return False, "Proceeding with full review" ``` Key metrics since launch: - 2000+ repos using LlamaPReview - 60% public, 40% private repositories - 40% reduction in token consumption - 30% faster PR processing - 25% higher user satisfaction

Privacy & Security: Many asked about code privacy in the last thread. Here's how we handle it: - All PR review processing happens in-memory - No permanent storage of repository code - Immediate cleanup after PR review - No training on user code

What's next: We are actively working on GraphRAG-based repository understanding for better in-depth code review analysis and pattern detection.

Links: [1] Previous Show HN discussion: [https://news.ycombinator.com/item?id=41996859] [2] Technical deep-dive: [https://github.com/JetXu-LLM/LlamaPReview-site/discussions/3] [3] Link for Install (free): [https://github.com/marketplace/llamapreview]

Happy to discuss our approach to privacy, technical implementation, or future plans!

Comments URL: https://news.ycombinator.com/item?id=42183760

Points: 1

# Comments: 0

Categories: Hacker News

Agent Toolkit Pay as you go. Any tool, any currency

Hacker News - Tue, 11/19/2024 - 9:23am

Article URL: https://agenttk.kevz.dev/

Comments URL: https://news.ycombinator.com/item?id=42183735

Points: 1

# Comments: 0

Categories: Hacker News

Hoto's Black Friday Sale Offers Helpful Tools at Up to 45% Off

CNET Feed - Tue, 11/19/2024 - 9:21am
Take advantage of massive discounts on electric screwdrivers, handheld vacuum cleaners and more.
Categories: CNET

Pages