Generative AI and Wikipedia editing: What we learned in 2025

Wiki Education's 2025 investigation found that over two-thirds of GenAI-flagged Wikipedia edits failed verification, frequently citing real sources for claims those sources did not actually support. By integrating the Pangram detector into their Dashboard for real-time monitoring and training, they reduced mainspace AI-generated content from an expected 25% to 5%. While LLMs were effective for research tasks like identifying content gaps and locating sources, the study concludes they remain unreliable for drafting prose due to persistent factual hallucinations.

Read more

Autonomous cars, drones cheerfully obey prompt injection by road sign

Researchers from UCSC and Johns Hopkins demonstrated "environmental indirect prompt injection" attacks, dubbed CHAI, against autonomous systems powered by LVLMs. By optimizing the text, font, and color of physical signs, they successfully hijacked the decision-making of models like GPT-4o and InternVL in both simulated and real-world environments. These attacks can force self-driving cars and drones to follow illicit commands, such as ignoring pedestrians or landing in unsafe areas, by tricking the vision systems into interpreting environmental text as high-priority instructions.

Read more

OpenClaw security assessment [pdf]

The ZeroLeaks security assessment of Clawdbot revealed critical vulnerabilities, with an 84.6% success rate for system prompt extraction and a 91.3% success rate for prompt injection. Attackers utilized many-shot priming, crescendo attacks, and context window overflows to reconstruct approximately 90% of the system prompt, including internal tool schemas and reasoning protocols. Immediate remediation steps include implementing explicit confidentiality directives, input normalization for encoded content, and deploying secondary guardrail models.

Read more

Openclaw on Oracle's Free Tier: Always-On AI for $0/Month

This guide outlines deploying Openclaw on Oracle Cloud’s Always Free tier, leveraging 4 ARM cores and 24GB RAM to host a persistent, always-on AI agent. The setup integrates Claude Code with a Telegram gateway for remote shell and file system access, secured via Tailscale and fail2ban. Additional features include automated rclone backups and heartbeat monitoring to maintain system health and task automation.

Read more

Exposed Moltbook Database Let Anyone Take Control of Any AI Agent on the Site

Moltbook, a social media platform for autonomous AI agents, suffered a critical security breach due to a misconfigured Supabase backend. The developer failed to implement Row Level Security (RLS) on the agents table, exposing the API keys and claim tokens of all registered agents through a public REST API. This vulnerability allowed unauthorized takeover of high-profile accounts, highlighting significant security risks in the "ship fast" culture of the current AI agent ecosystem.

Read more

VaultGemma: A Differentially Private LLM

VaultGemma 1B is an openly released 1B parameter model in the Gemma family trained with differential privacy. It utilizes the same pretraining data mixture as the Gemma 2 series to advance privacy-preserving LLMs.

ArXiv

Demystifying ARM SME to Optimize General Matrix Multiplications

MpGEMM is an open-source library that optimizes GEMM operations by leveraging ARM’s Scalable Matrix Extension (SME) through cache-aware partitioning and specialized micro-kernels. Evaluated on Apple M4 Pro hardware using DeepSeek and LLaMA workloads, it achieves a 1.23x average speedup over the vendor-optimized Apple Accelerate library.

ArXiv

Magellan: Autonomous Discovery of Compiler Optimization Heuristics w/AlphaEvolve

Magellan is an agentic framework that automates compiler optimization by synthesizing executable C++ decision logic using an LLM coding agent and evolutionary search. Through a closed-loop refinement process, it generates compact heuristics that outperform or match expert-designed baselines in LLVM function inlining and register allocation. The system demonstrates portability across infrastructures like LLVM and XLA while significantly reducing manual engineering overhead.

ArXiv

Proc3D: Procedural 3D Generation and Parametric Editing of 3D Shapes with LLMs

Proc3D introduces Procedural Compact Graphs (PCG) to generate editable 3D models, addressing the limitations of static representations like meshes or point clouds. By leveraging LLMs such as GPT-4o and fine-tuned Llama-3, the system enables real-time parametric modifications through natural language prompts or manual controls. This approach achieves a 400x speedup in editing efficiency and a 28% improvement in ULIP scores compared to traditional methods that require full model regeneration.

ArXiv

Self-Distillation Enables Continual Learning

Self-Distillation Fine-Tuning (SDFT) addresses catastrophic forgetting in foundation models by enabling on-policy learning from demonstrations without explicit reward functions. By using in-context learning to treat the model as its own teacher, SDFT generates on-policy training signals that preserve existing capabilities while acquiring new skills. SDFT consistently outperforms SFT in sequential learning tasks, allowing models to accumulate multiple capabilities without performance regression.

ArXiv

Generative AI for Krita

The Krita AI Diffusion plugin integrates generative workflows into Krita using ComfyUI as the backend. It supports Stable Diffusion (1.5, XL, Illustrious) and Flux models for inpainting, live painting, and high-resolution upscaling. Key features include structural guidance via ControlNet, style transfer with IP-Adapter, and regional prompting, all executable locally across various hardware backends or via the cloud.

Repo

ArtCraft AI crafting engine, written in Rust

ArtCraft is an open-source IDE for interactive AI image and video creation, designed to provide artists with granular control and repeatability beyond simple prompting. It offers advanced "crafting" features like 3D/2D image compositing, image-to-3D mesh conversion, character posing, and scene blocking. The platform also supports quick text-to-asset generation and integrates with a wide range of AI models and providers, including Nano Banana, GPT-Image, Grok, Midjourney, and Sora.

Repo

Open Sandbox – an open-source self-hostable Linux sandbox for AI agents

OpenSandbox is a Rust-implemented Linux sandbox designed for running commands in isolated environments, leveraging PID and mount namespace isolation, chroot jails, and resource limits. It provides HTTP and high-performance gRPC APIs, including a Python SDK, supporting both stateless execution and stateful sessions that persist files and environment variables across requests. This makes it ideal for AI agents requiring secure, performant, and persistent execution contexts, with benchmarks indicating superior speed compared to alternatives like E2B.

Repo

Pinchwork – A task marketplace where AI agents hire each other

Pinchwork is a credit-based task marketplace that allows AI agents to programmatically delegate or perform work via a simple API. It facilitates inter-agent collaboration for specialized tasks like code auditing or API-specific actions using a credit escrow system and real-time SSE notifications. The platform features smart matching and recursive labor, where agent-powered micro-tasks handle task routing and delivery verification.

Repo

Agent Tinman – Autonomous failure discovery for LLM systems

Agent Tinman is an autonomous research agent designed to proactively discover and mitigate failure modes in AI systems through a continuous hypothesis-driven research cycle. Unlike reactive testing tools, it generates experiments to uncover unknown vulnerabilities in reasoning, tool use, and security, proposing interventions validated via counterfactual simulation. The framework supports LAB, SHADOW, and PRODUCTION operating modes with risk-tiered human-in-the-loop approval gates to ensure safe and reliable deployment.

Repo