Ever since ChatGPT (and arguably before), the pace of innovation in machine learning / AI has been quite impressive.

This post is my attempt to:

• Consolidate the many recent applications of AI to cybersecurity in one place

• Tie together trends

• And reason about where things may be headed.

Given the pace at which things are moving, this will likely be an incomplete list.

If there are meaningful blog posts, talks, or tools I should be aware of, please reach out and let me know! 🙏 

Table of Contents

• Changelog

• Themes and Where Things are Headed

  • Reverse Engineering

    • Current Applications

    • Future Work

• References

  • Web Security

  • AppSec

  • Penetration Testing

  • Overview Articles

  • Phishing / Disinformation

  • Malicious Dependencies / Supply Chain Security

  • Red Team

  • Content Moderation

  • Reverse Engineering

  • Who will AI help more, attackers or Defenders?

• To Organize

Changelog

• 2023/07/03 - Wrote section on current applications/future work on AI in reverse engineering and added a number of relevant tools to the References section.

Themes and Where Things are Headed

Reverse Engineering

Current Applications

At the time of this writing, applications of AI in reverse engineering seem to fall into a very finite set of buckets.

Nearly all tools leverage LLMs to aid in program understanding:

• Generate a plain text description of this {assembly or decompiled code}

• Help me rename this {variable or function}

And less frequently:

• Audit this code for vulnerabilities

• Validate another tool’s security findings (Semgrep, in Callisto’s case)

See the “Reverse Engineering” subsection in the References section for a summary of ~8 tools you can review.

Future Work

Here are a few applications I find promising that do not yet seem to be explored.

Lower the barrier to entry for complex tools

IDA Pro, Ghidra, Binary Ninja, and the like are awesome, powerful tools, but they can be complex to learn how to use and have a high learning curve.

Instead of having to navigate many menus or read separate documentation, what if all of that info was indexed and there was helpful chat box in which you could simply ask, “How do I do ?” and it would give you a response right there, without interrupting your flow.

Personal Assistant

What if your tool was observing your behavior over time, after reversing many samples, and if you get stuck, perhaps offered advice like, “Last time you were in {situation}, you did {actions}, what if you tried that?”

And perhaps even automatically takes those actions for you, especially if, for example, there are a set of things you always do when starting a new reversing project.

Personal Expert Mentor

Building on the personal assistant idea, what if there was a model trained on the reversing behaviors and workflows of the best reversers in the world?

And as you were reversing, you’d see a little pop-up, kind of like auto-complete in GMail or a Hacker Clippy, that’d recommend (and maybe even do for you) what an expert would do.

You could imagine a solid implementation of this enabling junior reversers to perform at an intermediate level much more quickly, and maybe even make intermediate or advanced reversers even more effective.

An ideal implementation would not just say, “Do this,” but rather additionally provide the reasoning and context, the why behind it, to upskill the user’s thought processes, not just actions.

Lastly, I’m not sure if this would be as useful as the above, but it would be interesting for the expert bot to even get down to as specific as understanding a particular reverser’s style, like “In this situation, Rolf Rolles would do {this} or Malware Unicorn or Azeria would do {that}.”

Perhaps this could even fund a creator-economy / expert-model-as-a-service income stream for skilled reversers where they could bundle that knowledge and expertise and license the model, which individuals or companies could subscribe to.

Index and make available relevant context

There are a number of sources of information that could be indexed (for example, in a vector DB) and made available to a local model in your reversing platform of choice that would save you time providing context and preempting duplicate work.

For example:

• Hashes, instruction sequences, and other IoCs of known malware, from VirusTotal, company blog write-ups, threat intel companies, and more.

  • This would make it easy to know if you're reversing something similar or identical to known malware, so rather than reversing from scratch, you could leverage (and maybe programmatically import) the work others have already done.

• Indicators for common packers and obfuscators, as well as how to handle them.

• Sharing proprietary data from your colleagues who may have done similar work.

• Indexing known/popular functions or libraries so you’re wasting time reversing “known” functionality.

If you have feedback on any of these ideas or have other ideas I haven’t listed, I’d love to hear them! Happy to add them to this list if you’d like and credit you.

References

Web Security

/

AppSec

Penetration Testing

Overview Articles

Phishing / Disinformation

Malicious Dependencies / Supply Chain Security

Google brings generative AI to cybersecurity
Google announces Cloud Security AI Workbench, a cybersecurity suite powered by a specialized “security” AI language model called Sec-PaLM. Applications:

• Mandiant’s Threat Intelligence AI, which will leverage Sec-PaLM to find, summarize and act on security threats.

• VirusTotal: use Sec-PaLM to help subscribers analyze and explain the behavior of malicious scripts.

• Chronicle search security events and interact “conversationally” with the results.

• Security Command Center AI: “human-readable” explanations of attack exposure, including impacted assets, recommended mitigations and risk summaries for security, compliance and privacy findings.

That Escalated Quickly: An ML Framework for Alert Prioritization

fabric/create_investigation_visualization
Neat new prompt by my friend Daniel Miessler that creates a nice overview image of an investigation. See UL 426 for examples of images generated based on a recent John Hammond video on the Apex Legends tournament hack, and the Havana Syndrome investigation.

Applying LLMs to Threat Intelligence
Thomas Roccia walks through prompt engineering, few shot prompting (e.g. output Mermaid mindmap), using Retrieval Augmented Generation (RAG) to ask questions of MITRE ATT&CK Groups information, and building a ReAct Agent that wraps a number of functions from MSTICpy (a Python library dedicated to threat intelligence investigations) as Tools, enabling the Agent to autonomously do things like query VirusTotal for a specific IP address, fetch samples from VirusTotal that communicate with a given IP address, and more.

Thomas has also launched The Intel Brief, a weekly newsletter that gives you an LLM-distilled summary of the top five threat intel reports and a mind map summary. He has kindly shared a Jupyter notebook that uses few-shot learning to automatically generate the summary and visualization.

Red Team

jiep/offensive-ai-compilation
Great list of useful resources on attacking AI models and using AI for offensive purposes (pentesting, malware, OSINT, phishing, generative AI, etc.) by José Escribano and Miguel Boza.

Content Moderation

• Using GPT-4 for content moderation - By including a detailed policy in your prompt.

Reverse Engineering

Down the Rabbit Hole: Unusual Applications of OpenAI in Cybersecurity Tooling
Eugene Lim discusses his experiments with using OpenAI not just for human-based attacks like phishing and misinformation, specifically: reverse engineering assembly, analyzing Metasploit payloads, code reviews (e.g finding XSS), etc.

moyix/gpt-wpre:
Tool by Brendan Dolan-Gavitt that utilizes the text-davinci-003 model to generate a summary of an entire binary using decompiled code from Ghidra. It employs a recursive approach to create natural language summaries of a function's dependencies, providing them as contextual information for the function itself in an attempt to get around token limitations.

JusticeRage/Gepetto
A Python script by Ivan Kwiatkowski which uses OpenAI's gpt-3.5-turbo and GPT-4 models to provide meaning to functions decompiled by IDA Pro and rename variables.

MayerDaniel/ida_gpt
IDAPython script by Daniel Mayer that uses the unofficial ChatGPT API to generate a plain-text description of a targeted routine. The script then leverages ChatGPT again to obtain suggestions for variable and function names.

ant4g0nist/polar
A LLDB plugin that queries OpenAI's davinci-003 language model to explain the disassembly, by Chaitanya.

G-3PO: A Protocol Droid for Ghidra
Tenable's Olivia Lucca discusses using large language models to assist reverse engineers and introduces G-3PO, a Ghidra script that offers high-level explanatory comments for decompiled function code.

trailofbits/Codex-Decompiler:
A Ghidra plugin by Akshat Parikh that utilizes OpenAI's models to improve the decompilation and reverse engineering experience. It can:

• Take the disassembly from Ghidra and feed it to OpenAI's codex model to decompile the code

• Attempt to find vulnerabilities, generate a description, or decompile the Ghidra pseudocode using OpenAI

mahaloz/DAILA:
A decompiler-unified plugin by Zion Basque that leverages the OpenAI API to enhance your decompilation process by offering function identification, function summarisation and vulnerability detection. The plugin currently supports IDA, Binja and Ghidra.

JetP1ane/Callisto:
Callisto is an automated binary vulnerability analysis tool created by James B. It utilizes Ghidra for decompiling the binary, Semgrep for scanning the resulting C code, and GPT-3.5-Turbo to validate Semgrep's findings and potentially identify additional vulnerabilities.

Who will AI help more, attackers or Defenders?

To Organize

A.I. and the Next Generation of Drone Warfare
The Pentagon’s Replicator initiative envisions swarms of low-cost autonomous machines that could remake the American arsenal.

OpenAI Red Teaming Network
OpenAI is looking for people to help red team new models before they’re published.

projectdiscovery/openrisk
Tool by Project Discovery that reads nuclei (an OSS vulnerability scanner) output and generates a risk score for the host using GPT-3.

Self-enhancing pattern detection with LLMs: Our answer to uncovering malicious packages at scale
Apiiro’s Eli Shalom and Gil David describe how they combine a representation of a target package’s logic, capability analysis (e.g. does the package write files, perform HTTP requests, …), comparison to known malicious packages, clustering, and more to detect malicious packages at scale. Examples of malicious PyPi packages found.

mrwadams/attackgen
By Santander’s Matthew Adams: A tool that leverages LLMs and MITRE ATT&CK to generate tailored incident response scenarios based on user-selected threat actor groups and your organization's details.

How to automate API Specifications for Continuous Security Testing
Escape’s Younes Haddou describes a project in automatically generating an OpenAPI specification from source code, using Semgrep to extract routes and parameters and an LLM to infer the types of parameters.

CI Spark: LLM-Powered AI-Assistant for Creating Tests 15x Faster
Code Intelligence’s Khaled Yakdan describes CI Spark, a new product feature that leverages LLMs (optionally augmented by existing test code) to auto-generate test cases so their fuzzer gets higher code coverage. It can automatically identify fuzzing candidates (public functions that can be entry points) and generate code in JS/TypeScript, Java, and C/C++.

• Stable Audio - Create music with AI.

• Sounds.Studio - A modern music production platform, powered by machine learning.

• Summit - Your AI powered life coach.

• Why Open Source AI Will Win

• Delphi - Creators, Coaches, & Experts can use Delphi to create a digital copy of themselves to talk with their fans 24/7/365 on any platform.

• Google DeepMind testing ‘personal life coach’ AI tool - “The project will use generative AI to perform at least 21 different types of personal and professional tasks, including life advice, ideas, planning instructions and tutoring tips.”

• DeepMind’s cofounder Mustafa Suleyman: Generative AI is just a phase. What’s next is interactive AI - “bots that can carry out tasks you set for them by calling on other software and other people to get stuff done.”

• Instagraph - Convert text or URL into a visualized knowledge graph, by Yohei.

• Salesforce AI’s Chain of Destiny prompt has the AI recursively go through the same task and attempt to improve it.

• NExT-GPT: Any-to-Any Multimodal LLM

k8sgpt-ai/k8sgpt
A tool for scanning your Kubernetes clusters, diagnosing, and triaging issues in simple English.

• NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats

• CIA Builds Its Own AI Tool in Rivalry With China

• Now that GPT-4 with vision is here, rez0 on prompt injection via image. And also Chat History Exfiltration via Image-Based Prompt Injection

pruzko/hakuin
By Jakub Pruzinec: A blind SQL Injection optimization and automation framework that uses pre-trained and adaptive language models to efficiently extract textual data from databases.mlbr3it

dropbox/llm-security
By Dropbox’s Mark Breitenbach and Adrian Wood: Scripts and related documentation that demonstrate attacks against large language models using repeated character sequences.

Do Not Give Away My Secrets: Uncovering the Privacy Issue of Neural Code Completion Tools
Academic paper in which they searched GitHub for code containing hard-coded secrets, removed the secrets, and then prompted GitHub Copilot and Amazon CodeWhisperer to complete the code, thus seeing if the models would “leak” secrets from code they were trained on. The Register’s overview.

Note: this happens at a fairly low percentage of the prompt attempts, and many of the generated secrets are not valid (wrong structure), so I’d read this paper for the details.

• SeaGOAT - A local search tool that leverages vector embeddings to enable to search your codebase semantically, by Dániel Kántor.

• Magentic - Add the @prompt decorator to create Python functions that return structured output from an LLM.

• OpenAI Cookbook - Guides on how to do common tasks with LLMs.

• Podcast about AI podcasting (text → audio, other languages, …), featuring Wondercraft.ai.

• Introducing Mozilla.ai: Investing in trustworthy AI

• ChatGPT can now browse the Internet

• ChatGPT can now see, hear, and speak - “Snap a picture of a landmark while traveling and have a live conversation about what’s interesting about it.”

  • It can also convert Figma designs into working React components.

AutoGen: Enabling next-generation large language model applications
This open source project by Microsoft looks potentially hugely powerful. “AutoGen enables complex LLM-based workflows using multi-agent conversations. AutoGen agents are customizable and can be based on LLMs, tools, humans, and even a combination of them.”

Siqi Chen: How to get GPT4 to teach you anything
"Teach me how works by asking questions about my level of understanding of necessary concepts. With each response, fill in gaps in my understanding, then recursively ask me more questions to check my understanding."

Mike Crittenden: Atomic habit building with ChatGPT
“Imagine I want to develop the habit of [insert the desired habit here]. Can you provide creative ideas for each of the Four Laws of Behavior Change? Specifically, suggest a cue that will remind me to start the habit, a way to make the habit attractive and create a craving, a method to make the habit easy to perform as a response, and a reward that will make the habit satisfying.“

LinkedIn thread: On ChatGPT doing code review/SAST
This post by Chris Romeo has some interesting discussion.

• Sequoia argues that GPU capacity is getting overbuilt, with some napkin math around the cost of GPUs, the energy cost of running them, data center spend, etc.

• John Hwang argues that vector database is not a separate database category, and that all incumbent databases will add this functionality, which will also be good for end users (use the same software, don’t need to move data around).

• Sam Altman Is the Oppenheimer of Our Age - Fascinating long profile on Sam Altman, his career, his family, and more.

• Video: RT-X and the Dawn of Large Multimodal Models: Google Breakthrough and 160-page Report Highlights

• 10 ChatGPT Vision examples: SaaS dashboard screenshot → code, explain this workflow diagram, break down human cell diagram for a 9th grader, …

• CommandBar Copilot - AI assistant that can walk users through workflows on your app and even complete them automatically.

• DeepUnitAi - Automatically generate Jest (TypeScript) unit tests.

  • Google and others have been doing this for writing fuzzing test harnesses, but I think auto-generating security-related unit tests and similar seems promising.

memgraph/odin
By Katarina Supe et al: A plugin that integrates Large Language Models (LLMs) into Obsidian using LangChain, enabling users to generate knowledge graphs and questions from Markdown files, among other features.

Cloudflare launches new AI tools to help customers deploy and run models
“Build, deploy and run AI models at the network edge.” They’re also partnering with Hugging Face, and Cloudflare will become the first serverless GPU partner for deploying Hugging Face models. Products:

• Workers AI - Access physically nearby GPUs hosted by Cloudflare partners to run AI models on a pay-as-you-go basis.

• Vectorize - A vector database.

• AI Gateway - Provides metrics to enable customers to better manage the costs of running AI apps.

• Deep fakes of Tom Hanks are being used to scam people. Is nothing sacred?!

• From AI with love: Scammers integrate ChatGPT into dating-app tool - Fake dating profiles are being created on Tinder, Bumble, and a dozen other dating apps. They can send likes, read replies from potential matches, and create varied believable profiles. Deep dive.

Researchers Tested AI Watermarks—and Broke All of Them
A research team found it’s easy to evade current methods of watermarking—and even add fake watermarks to real images.

Chatbot Hallucinations Are Poisoning Web Search
Chatbot’s hallucinate things → that text is published online → search engines index it and serve it up as facts. GenAI could make search harder to trust.

• Extreme Parkour with Legged Robots - Definitely not going to be used for military purposes, right? 😅 

Language models can explain neurons in language models
OpenAI has used GPT-4 to automatically write explanations for the behavior of neurons in LLMs and have released a dataset for every neuron in GPT-2.

Explainability is key for alignment - as models get smarter/more capable, this will help us ensure they’re doing what we want them to do, and aren’t intentionally deceiving us. Basically this is like doing a brain scan of an LLM.

Charity Major’s 🧵 on leveraging LLMs
Charity argues that modern apps are very complex, with nondeterministic outputs and emergent properties, so that you need to debug code by instrumenting and observing in production.

Multi-modal prompt injection image attacks against GPT-4V
Simon Willison walks through several image-based prompt injection attacks on GPT-4 Vision, including visible written instructions, exfiltrating data, and visually hiding the prompt injection.

A framework to securely use LLMs in companies Part 3: Securing ChatGPT and GitHub Copilot
Sandesh Anand and Ashwath Kumar discuss both broad principles and specific guidelines in using ChatGPT and GitHub Copilot securely in a business.

• Like Microsoft, Google Cloud will assume responsibility for any legal risks, if you’re challenged on copyright grounds due to using Duet AI or Vertex AI.

• New: Terraform can now auto-generate test files for private modules using generative AI

• Harvard and University of Oxford researchers are harnessing AI to predict threatening new strains of COVID-19 and other viruses. It successfully predicted the most frequent mutations and dangerous variants of SARS-CoV-2.

Open questions for AI engineering
Blog post version of Simon Willison's AI Engineer Summit keynote. I liked the two questions he likes to ask himself of any new technology:

• What does this let me do that was previously impossible?

• What does this let me build faster?

Simon argues that ChatGPT ultimately helps programmers by flattening the learning curve and rapidly getting you to an 80% solution, even if you’re not familiar with the language.

Also, TIL you can extend ChatGPT Code Interpreter by uploading Python dependencies (that it can then use), or a JavaScript or Lua interpreter, for example. 🤯 

Ukrainian AI attack drones may be killing without human oversight
Ruh oh.

berylliumsec/nebula
By @berylliumsec_: An AI-Powered ethical hacking assistant that lets you provide testing instructions in natural language (e.g. “scan the top 10 ports of this IP”). In autonomous mode, you can provide a list of targets and it will automatically scan then try to exploit any discovered vulnerabilities. Currently integrates nmap, OWASP ZAP, Crackmapexec, and nuclei.

Daniel Miessler and Rez0: Hacking with AI (Ep. 24)
Great discussion with Justin Gardner, rez0, and Daniel Miessler on using LLMs and Agents for: code review, code understanding, web app pen testing and bug bounty, integrating them into tools like Burp or Caido, and more.

Deezer: Streaming service to detect and delete 'deepfake' AI songs
Deezer has developed tech that allows it to identify and potentially delete songs that clone pop stars' voices.

As far as I can tell, we’re currently in a big grey area period re: copyright on AI writing, art, and music trained on and/or mimicking known artists. See also: Margaret Atwood Reviews a “Margaret Atwood” Story by AI.

Inject My PDF: Prompt Injection for your Resume
Some companies use automated screening tools to filter or rank resumes. Kai Greshake shares a tool that injects invisible text into your resume PDF to make any AI LLM that reads it think you are a perfect candidate. Honestly, for a security role, as the hiring manager I’d take this as positive signal 🤣 

Three key questions potential users/buyers of LLM-based apps should ask
Great LinkedIn post by Dropzone AI’s Edward Wu:

1. Is my private data being used to train a global model that the entire customer base would use?

2. What FMaaS (foundational model as a service) providers do you utilize? Do they see my private data? If yes, what's their data retention and privacy policy?

3. What data are you using to improve your offering?

• TabbyML/tabby - A self-hosted coding assistant. An open-source and on-premises alternative to GitHub Copilot.

• 7 examples + prompts of highly detailed DALL-E 3 images by Chase Lean.

• ReactAgent - An LLM Agent that uses GPT-4 to generate and compose React components from user stories.

NSA Director Rob Joyce shares a meme about NSA + AI
And it involves Taylor Swift 😂 Apparently it’s Meme-tober.

ARPSyndicate/puncia
By Ayush Singh: A subdomain & exploit hunter powered by AI. Basically a wrapper around two APIs: Subdomain Center (uses Apache's Nutch, Calidog's Certstream, OpenAI's Embedding Models) & Exploit Observer (also uses Apache Nutch, which is a scalable, production-ready Web crawler).

This new data poisoning tool lets artists fight back against generative AI
A tool called Nightshade lets artists add small, pixel-level changes to their art to poison models trained on it- e.g. cause images of “dogs” to have too many limbs or cartoonish faces or look like cats instead. This attack would require tech companies to painstakingly find and delete each corrupted sample.

Analyzing the Security of Machine Learning Research Code
NVIDIA’s Joe Lucas shares findings from analyzing the 140GB of source code released in the Meta Kaggle for Code dataset, using manual analysis, TruffleHog, and Semgrep.

Primary findings: plaintext credentials, insecure deserialization (using pickle instead of ONNX), typos (packages could be typosquatted), and lack of adversarial robustness (not using tools like Adversarial RobustnessToolbox (ART), Counterfit).

Joe also released lintML, which wraps TruffleHog and Semgrep, and does other checks.

• Greg Rutkowski is one of the most common names included in AI-generated art prompts due to his beautiful fantasy artwork.

• MonsterAPI: A new platform that allows users to fine-tune open source LLMs without writing any code.

• Air.ai: AI agents for sales and customer service reps. “Can have 10-40 minute long phone calls that sound like a real human, with infinite memory, perfect recall, and can autonomously take actions across 5,000 plus applications. It can do the entire job of a full time agent without having to be trained, managed or motivated. It just works 24/7/365.”

• Javi Lopez prototyped a working pumpkin-themed Angry Birds clone using only Midjourney/DALL-E 3 for art and GPT-4 for the code. He shares the prompts and code.

petrgazarov/salami
By Petr Gazarov: A declarative domain-specific language for cloud infrastructure based on natural language descriptions. Uses GPT-4 to convert the natural language to Terraform.

How to Get Samantha from Her or TARS from Interstellar on Your iPhone/Android
Daniel Miessler on how OpenAI added high quality voices to ChatGPT and how you can easily start a 2-way conversation with iOS shortcuts.

OpenAI Dev Day Announcement
OpenAI announced a truly epic amount of things at their recent conference.

• New GPT-4 Turbo model that is more capable and supports a 128K context window.

• GPT-4 and 3.5 are 2X - 3X cheaper.

• You can use GPT Vision, DALL-E 3 and text-to-speech via API.

• ChatGPT: knowledge cut-off is now April 2023, you can use all of the extensions (DALL·E, browsing, and data analysis) without switching between them.

• You can attach files to let ChatGPT search PDFs and other document types.

  • I feel a great disturbance in AI, as if millions of OpenAI thin wrapper start-ups suddenly cried out in terror and were suddenly silenced.

• New Assistants API - support for building agents that have goals and can call models and tools.

• They’ve launched GPTs, essentially an app marketplace for developers to build and charge for custom versions of ChatGPT that combine instructions, extra knowledge, and any combination of skills.

I highly recommend watching the keynote.

AI Cameras Took Over One Small American Town. Now They're Everywhere
404Media’s Joseph Cox describes how Fusus, a system for linking a town’s security cameras into one central hub and adding AI to them, has spread across the country. Fusus apparently allows integrating basically any camera feed, and then they overlay functionality on it. Surveillance state ftl 👎️ 

gblues/aws-ml-opt-out
A Terraform module to opt out of AWS AI/ML data collection.

fr0gger/Awesome-GPT-Agents
Thomas Roccia has compiled a list of >100 GPT agents focused on cybersecurity (offensive and defensive), created by the community.

The Offensive ML Playbook
A database of offensive ML TTP’s, broken down by supply chain attacks, offensive ML techniques and adversarial ML by Adrian Wood. It aims to simplify how to target ML in an organization, and includes examples like poisoning an LLM’s ground truths, how to put malware in a model and distribute it, and more.

Introducing AI-powered application security testing with GitHub Advanced Security
GitHub’s Asha Chakrabarty and Laura Paine announce previews for three AI-powered features:

• AI-generated fixes for JavaScript and TypeScript alerts within pull requests (only 7 months after Semgrep Assistant was launched that also auto-recommends fixes 😉).

• Detecting generic secrets that don’t follow a standard regex.

• English → regex to make writing custom secret detections easier.

• Grammarly’s new GenAI feature can learn your style and apply it to any text, which is it learns passively as you use their product.

• Is It Cheating If She’s a Sex Bot? GQ asking the important questions. Watch out for bots commenting on your posts who later try to scam you.

• depot/depot.ai: An open-source Docker registry that allows easy integration of the top 100 public machine learning models from Hugging Face into your Dockerfile, using tools like BuildKit and eStargz for optimal image building and lazy-loading support.

• PatentPal: “Generative AI for Intellectual Property. Automate mechanical writing in your patent applications.”

• Docus.ai: Talk to an AI Health Assistant, generate your health report, validate it with a doctor from the US & Europe.

• Postwise: “Your personal AI ghostwriter, trained on engaging, viral content.”

• Bulletpapers: AI papers, summarized by AI (yo dawg…)

• Morise.ai: Helps you come up with content ideas, titles, descriptions, tags, community posts.

• LinkedIn has launched an AI job coach that can help job seekers see if certain roles are a good fit, research companies, shape their profiles for the best shot at a position, and prepare for interviews.

• TikTok launched an AI “meme maker” that’s brutally roasting users. And that’s not even what the CCP officers are saying about your videos.

• continuedev/Awesome-DevAI: Repo with links to resources about using LLMs while building software.

• Pressure Testing GPT-4-128K With Long Context Recall - Great empirical testing by Greg Kamradt, who found that GPT-4’s recall performance started to degrade above 73K tokens, less context = more accuracy, and facts placed at the very beginning and 2nd half of the document seem to be recalled better.

Why We'll Have AGI by 2025-2028
Daniel Miessler argues that AGI won’t be a single model or component, but rather a system of agents that focus on different tasks and coordinate to achieve a goal, like an organization within a company.

Daniel predicts a 60% chance of AGI in 2025 and a 90% of AGI in 2028, where AGI is “An AI system capable of replacing a knowledge worker making the average salary in the United States.”

Thanks for reading to the end!

If there are other topics you’d like me to add to this list, please reach out, I’d love to hear from you 😃