Sources
- AI Engineer
- All-In Podcast
- Andrej Karpathy
- Anthropic
- Apple
- Apple Developer
- AWS Events
- ByteByteGo
- Computerphile
- Cursor
- Dwarkesh Patel
- EO
- Fireship
- GitHub
- Google Cloud Tech
- Google DeepMind
- Google for Developers
- Hung-yi Lee
- Lenny's Podcast
- Lex Clips
- Lex Fridman
- Life at Google
- Marques Brownlee
- Microsoft
- No Priors: AI, Machine Learning, Tech, & Startups
- Numberphile
- NVIDIA
- OpenAI
- Perplexity
- Quanta Magazine
- Slack
- The Pragmatic Engineer
- Visual Studio Code
Tech Videos — 2026-05-14#
Watch First#
A single PR just hijacked the NPM registry… is a must-watch breakdown of a devastating supply-chain attack on Tanstack packages. It clearly explains how an attacker exploited the pull_request_target GitHub action from a closed fork to steal an NPM publish token and propagate self-replicating malware across Python and JavaScript ecosystems.
Highlights by Theme#
Developer Tools & Platforms#
In Rubber Duck Thursdays from the GitHub channel, a live terminal demo shows the pragmatic reality of building with GitHub Copilot CLI in “plan mode.” The presenter uses an MCP context server to pull up-to-date documentation for an Electron app patch, demonstrating how a “rubber duck review” passes plans between Claude and GPT model families to catch reasoning errors early. On the agent tooling side, Iterate’s Jonas Templestein makes a compelling technical case in Make your own event-sourced agent harness using stream processors for discarding stateful, tightly coupled agent harnesses. He argues for purely event-sourced architectures where agent state is simply a synchronous reduce function over a persistent log, allowing distributed plugins—like prompt injection protectors—to securely and asynchronously interrupt LLM execution.
AI & Machine Learning#
For model training, Microsoft Research’s New fine-tuning of language models: Match meaning, not tokens introduces Energy-Based Fine-Tuning (EBFT), which optimizes for long-range sequence calibration by matching feature maps over whole responses instead of relying on next-token cross-entropy or brittle RLHF reward models. For production deployment, Arize’s Laurie Voss offers a highly practical framework in Ship Real Agents: Hands-On Evals for Agentic Applications. Voss argues for “Swiss cheese” safety layering, warning against monolithic “God evaluators” and demonstrating how to balance cheap, deterministic code evaluations against expensive LLM-as-a-judge semantic checks. Microsoft Research also shipped a notable safety unlock in Introducing Interwhen: Steering reasoning agents with real-time verification, which details an open-source framework that projects LLM outputs into verifiable properties to enforce test-time tool execution constraints asynchronously.
Hardware & Infrastructure#
In an excellent database engineering deep dive, Cursor’s Simon Eskildsen on scaling Shopify, building turbopuffer, and the future of databases outlines why new database giants typically only emerge when new storage hardware or architectures appear. He explains that modern OLAP databases rely fundamentally on separating compute from storage to map to NVMe SSDs, noting that Turbopuffer’s design specifically depended on Amazon S3 finally achieving strong consistency in 2020. Shifting to macro infrastructure, Jacob Helberg details the U.S. State Department’s strategy in Pax Silica: Inside the Trump Administration’s Tech Strategy. The episode highlights a 4,000-acre “forward deployed industrial base” in the Philippines aiming to physically secure the sprawling supply chain inputs for AI robotics and data centers outside of China.
Everything Else#
The insane difficulty of reverse engineering video codecs from Lex Clips tells the grueling story of how developers reverse-engineered proprietary 20MB video blobs for VLC and FFmpeg by pausing CPUs and dumping memory states via virtual machines. On the startup execution front, Glean CEO Arvind Jain in Two Unicorns Built in 12 Years… shares a pragmatic strategy: rely heavily on external foundational models like GPT-4 or Claude, and spend all engineering cycles strictly on the messy enterprise context retrieval layer where the platform providers won’t invest.