惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Apple Machine Learning Research
Apple Machine Learning Research
The GitHub Blog
The GitHub Blog
Hugging Face - Blog
Hugging Face - Blog
阮一峰的网络日志
阮一峰的网络日志
爱范儿
爱范儿
量子位
宝玉的分享
宝玉的分享
人人都是产品经理
人人都是产品经理
博客园_首页
博客园 - 【当耐特】
Last Week in AI
Last Week in AI
Martin Fowler
Martin Fowler
Microsoft Azure Blog
Microsoft Azure Blog
美团技术团队
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
aimingoo的专栏
aimingoo的专栏
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
GbyAI
GbyAI
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
腾讯CDC

TestingCatalog

Google unveils 24/7 Gemini Spark AI Agent for advanced tasks Google launches Gemini 3.5 Flash AI model to all users Google rolls out Gemini Omni AI for video generation Anthropic launches secure sandboxes and private MCPs How to watch Google I/O 2026 and what to expect Cursor released Composer 2.5 with up to 10x cost efficiency Manus released Scheduled Tasks 2.0 upgrade for all users Exclusive: Early look at the next Gemini desktop upgrade Codex can now control other desktop devices via Computer Use OpenAI launches personal finance on ChatGPT for Pro users Perplexity connects Computer to Snowflake and Databricks OpenAI brings Codex to ChatGPT mobile apps Microsoft expands Copilot in Edge with new AI tools OpenSquilla launches open-source AI agent to cut token costs Google prepares Gemini Spark AI Agent ahead of I/O launch Meta releases Incognito AI Chat in WhatsApp and Meta AI holaOS 0.1 launches as AI Workstream Management Layer Cline releases open-source agent runtime SDK thehype launches 24/7 AI-powered radio for founders Google brings Gemini Intelligence automation to Android Meta announced Muse Spark in Voice Mode and Meta Glasses Gemini Omni Agent will launch along with Avatars support Thinking Machines announced new SOTA Realtime Voice model OpenAI announces Daybreak initiative around Codex Security Anthropic adds Agent View to Claude Code CLI interface Google’s Gemini Omni video model surfaces ahead of I/O debut OpenAI set to add remote Codex control to ChatGPT mobile app OpenAI adds Chrome plugin and tests Remote control for Codex Google shipped Gemini 3.1 Flash-Lite in General Availability Google unveils Google Health app, Health Coach, Fitbit Air Telegram ships major update for AI bots and automations OpenAI launches new realtime voice and translation AI models SpaceXAI prepares Grok Build desktop app for release Scale Labs debuts new Refactoring Leaderboard for AI Meta prepares Hatch AI Agent with waitlist and social skills Google tests Agent Mode on Flow to automate video production Google prepares Agent Mode on Gemini to tackle complex tasks Anthropic partners with SpaceXAI and doubles 5h rate limits Anthropic debuts Dreams for Claude Managed Agents Google made Gemma 4 models 3x faster with MTP Drafters Maket opens Draw from Scratch tool to all users for free Google tests screen sharing and custom agents in Antigravity OpenAI launches GPT-5.5 Instant as new ChatGPT default Manus adds connector suggestions based on task needs Inworld AI launches Realtime TTS-2 for live conversations Google prepares new upgrades for Gemini Flash model Gemini mobile app redesign leaks show upcoming look Anthropic working on Orbit, its upcoming proactive assistant Perplexity prepares Digest tool for personalized summaries TinyFish makes Search and Fetch APIs free for all developers OpenAI adds animated Pets and config imports to Codex Google is testing new Omni model for video generation ahead of I/O Anthropic tests Jupiter-v1-p ahead of its developer conference OpenAI updates Codex and prepares Remote Control feature Manus launches Cloud Computer with service hosting feature xAI debuts Imagine Agent in Grok with open Canvas workspace Mistral AI unveils Medium 3.5 model and Work Mode for Le Chat Meta invests in space solar and storage to power US data centers Anthropic rolls out Claude connectors for creative platforms Microsoft Copilot in Outlook adds AI to manage inbox and calendar Mistral AI launches Workflows public preview for Enterprises NotebookLM tests Mind Map controls and Play Books sources SenseTime releases SenseNova U1 models on HuggingFace Base44 allows instant data migration from other platforms xAI rolling out custom, shareable Imagine templates for Grok ElevenLabs launches Agent Templates for faster bootstrapping OpenAI can now host models with other cloud providers, like AWS GitHub Copilot moves to usage-based billing for all plans Anthropic tests new Bugcrawl tool for Claude Code bug detection Google tests Catalog and Website generation for Pomelli Google prepares credits system for Gemini and new image tools Anthropic launches Memory in Claude Agents for enterprise xAI launches Grok Voice Think Fast 1.0 for voice agents DeepSeek released 3 new open-source V4 models Maket AI can now edit your floor plans in real-time OpenAI launches GPT-5.5 on ChatGPT and Codex OpenAI launched 24/7, always-on Workspace Agents in ChatGPT ICYMI: OpenAI launches Images 2.0 on ChatGPT, Codex, and API Google debuts Workspace Intelligence for Gemini Workspace Google launches new Agent Platform for Gemini Enterprise Atomic Bot adds one-click Hermes Agent setup on desktop Google debuts Deep Research agents on AI Studio and APIs OpenAI develops platform for always-on Agents on ChatGPT Anthropics works on its always-on agent with UI extensions OpenAI prepares 8 interactive Avatars for its Codex app Moonshot AI launches Kimi K2.6 on Kimi Chat and APIs Anthropic likely preparing Claude Security for broader release Google tests Google AI subscription support for AI Studio Anthropic launches Claude Design AI tool for paid plans Perplexity released Personal Computer to all Max subscribers Exclusive: Early look at Grok Computer and Grok Build OpenAI Codex transformed into Superapp with Computer Use Anthropic launches Claude Opus 4.7 model on apps, and APIs Opera adds Browser Connector to pass tabs and content to AI Windsurf 2.0 adds Devin and Agent Command Center Perplexity tests new Workflows tab for Perplexity Computer Google tests Live Mode with screen sharing for Gemini desktop Meta partners with Broadcom for custom AI chip development Google DeepMind releases Gemini Robotics-ER 1.6 OpenAI expands Trusted Access for GPT-5.4-Cyber
Perplexity open-sources Bumblebee security scanner
Alexey Shaba · 2026-05-23 · via TestingCatalog

Perplexity is releasing Bumblebee, an open-source security scanner for developer machines, and making an internal supply-chain response tool publicly available. The tool is built for macOS and Linux and is designed to scan local developer environments for risky packages, browser extensions, editor extensions, and AI tool configurations without modifying the machine.

Today we're open-sourcing Bumblebee, a read-only scanner for macOS and Linux.

It checks developer machines for risky packages, extensions, and AI tool configs.

Connected to Computer, it can trigger deeper scans whenever a new supply-chain risk emerges.https://t.co/FOaWnF1yQy pic.twitter.com/wXauD4wDOT

— Perplexity (@perplexity_ai) May 22, 2026

Bumblebee focuses on a specific security problem: when a new compromised package, extension, or developer tool risk appears, teams need to know which machines may be exposed right now. Instead of checking only shipped software via SBOMs or runtime behavior via EDR tools, Bumblebee reads local metadata from lockfiles, package manager records, extension manifests, and supported MCP configuration files. It then emits structured NDJSON records that security teams can compare against exposure catalogs.

The scanner covers common developer ecosystems, including:

  1. npm, pnpm, Yarn, Bun
  2. PyPI
  3. Go modules
  4. RubyGems
  5. Composer
  6. VS Code-family editor extensions such as Cursor, Windsurf, and VSCodium
  7. Chromium-family browser extensions
  8. Firefox extensions
  9. Several MCP host configuration files

It is distributed as a Go-based static binary with no non-standard-library dependencies, and its first tagged release is v0.1.1.

Perplexity is positioning Bumblebee as a read-only tool, meaning it does not run package managers such as npm, pip, or go commands, nor does it read source files. That matters because the target use case is fast detection of inventory and exposure across developer endpoints, not code auditing or malware removal. The tool supports baseline, project, and deep scan profiles, allowing security teams to run lightweight, recurring scans or broader incident-response checks when a known advisory is issued.

The release is aimed mainly at security engineers, DevSecOps teams, and organizations with developers working across many local tools and package ecosystems. Its value is clearest during supply-chain incidents, where response speed depends on quickly identifying which endpoints contain a specific risky package or extension version. For Perplexity, the move also supports its enterprise narrative around safer AI agent deployment, especially as tools like Computer become more deeply connected to developer and business workflows.

Source

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。