News from the AI & ML world

DeeperML - #github

S.Dyema Zandria@The Tech Basic //

Microsoft and GitHub Partner on Anthropic's MCP - Microsoft and GitHub are joining forces to support Anthropic’s Model Context Protocol (MCP) standard, aiming to streamline the integration of AI models with applications and services across Windows and cloud platforms.
Microsoft and GitHub are joining forces to support Anthropic’s Model Context Protocol (MCP) standard. This collaboration aims to streamline the integration of AI models with applications and services across Windows and cloud platforms. The goal is to create a safer and more efficient environment for AI agents to access and utilize data. By joining the MCP steering committee, GitHub and Microsoft will contribute to the development and adoption of this open standard, which is already backed by major AI firms like OpenAI and Google.

Microsoft is adding native Model Context Protocol (MCP) support to Windows 11, empowering developers to build agentic AI experiences more easily. This includes introducing the MCP Registry, a secure and trustworthy source for AI agents to discover accessible MCP servers on Windows. The MCP Registry, along with MCP Servers, will enable AI agents to interact with Windows system functionalities such as the File System and Windows Subsystem for Linux, offering significant value to end-users. This move represents a big step towards more intelligent and context-aware applications on the Windows platform.

Windows is also introducing a Universal AI Connector through the new Windows AI Foundry platform. This platform allows developers to add and run AI models, leveraging resources from various sources like Ollama and Nvidia NIMs. The AI Foundry makes it possible to run AI locally on devices without relying on cloud connections. This new feature will be initially previewed with a small group of developers and security measures implemented which include a trusted registry for MCP servers and user permissions required before AI agents access Windows functions. These advancements aim to bring AI capabilities closer to users, with greater control and security.

Recommended read:
References :
  • The Tech Basic: GitHub and Microsoft Join Forces on Anthropic’s MCP Standard
  • www.windowscentral.com: Microsoft takes big step towards agentic Windows AI experiences with native Model Context Protocol support
  • www.zdnet.com: Microsoft goes all in on Anthropic's MCP standard for safer AI agent deployments
  • thetechbasic.com: Windows Adds Universal AI Connector for Smarter Apps
Ross Kelly@Latest from ITPro //

GitHub Launches AI Coding Agent and Embraces MCP Standard - GitHub is launching a coding agent for Copilot and embracing Anthropic’s MCP standard for safer AI agent deployments, automating tasks and enhancing developer workflows.
GitHub has launched a new AI coding agent for Copilot, designed to automate tasks and enhance developer workflows. Unveiled at Microsoft Build 2025, the coding agent is available to Copilot Enterprise and Copilot Pro+ users and is designed to handle "low-to-medium complexity tasks" such as adding features, fixing bugs, refactoring code, and improving documentation. CEO Thomas Dohmke highlighted that the agent is embedded directly within GitHub, activated by assigning a GitHub issue to Copilot.

The coding agent operates within a secure and customizable development environment powered by GitHub Actions. Once a task is assigned, the agent boots a virtual machine, clones the relevant repository, sets up the development environment, analyzes the codebase, and pushes changes to a draft pull request. Developers can monitor the agent's progress through session logs, ensuring transparency throughout the process. Crucially, all pull requests require human approval before CI/CD workflows are executed, adding an extra layer of security.

In related news, GitHub and Microsoft are joining forces with Anthropic on the Model Context Protocol (MCP) standard. This move aims to create safer AI agent deployments by establishing a universal protocol for AI models to access data from apps and services. MCP allows AI clients to discover servers and call their functions without extra coding. Microsoft and GitHub will add first-party support across Azure and Windows to help developers expose app features as MCP servers, improve security, and add a registry to list trusted MCP servers.

Recommended read:
References :
@analyticsindiamag.com //

OpenAI's ChatGPT Integration with GitHub Repositories for Analysis - OpenAI is enhancing its capabilities for developers by introducing a GitHub connector for its ChatGPT Deep Research tool which will allow developers to seamlessly connect their private and public GitHub repositories to the AI.
OpenAI has unveiled a new GitHub connector for its ChatGPT Deep Research tool, empowering developers to analyze their codebases directly within the AI assistant. This integration allows seamless connection of both private and public GitHub repositories, enabling comprehensive analysis to generate reports, documentation, and valuable insights based on the code. The Deep Research agent can now sift through source code and engineering documentation, respecting existing GitHub permissions by only accessing authorized repositories, streamlining the process of understanding and maintaining complex projects.

This new functionality aims to simplify code analysis and documentation processes, making it easier for developers to understand and maintain complex projects. Developers can leverage the connector to implement new APIs by finding real examples in their codebase, break down product specifications into manageable technical tasks with dependencies mapped out, or generate summaries of code structure and patterns for onboarding new team members or creating technical documentation. OpenAI Product Leader Nate Gonzalez stated that users found ChatGPT's deep research agent so valuable that they wanted it to connect to their internal sources, in addition to the web.

The GitHub connector is currently rolling out to ChatGPT Plus, Pro, and Team users. Enterprise and Education customers will gain access soon. OpenAI emphasizes that the connector respects existing permissions structures and honors GitHub permission settings. This launch follows the recent integration of ChatGPT Team with tools like Google Drive, furthering OpenAI's goal of seamlessly integrating ChatGPT into internal workflows by pulling relevant context from various platforms where knowledge typically resides within organizations. OpenAI also plans to add more deep research connectors in the future.

Recommended read:
References :
  • Analytics India Magazine: Based on the queries, the deep research agent will retrieve pertinent information from a GitHub repository to compile reports.
  • the-decoder.com: OpenAI is rolling out a new GitHub connector for ChatGPT's deep research agent.
  • Maginative: OpenAI launches GitHub connector for ChatGPT Deep Research that lets developers analyze their actual codebases to generate comprehensive reports and documentation.
  • analyticsindiamag.com: OpenAI’s GitHub Integration Brings ‘Deep Research for Your Code Base’
@gbhackers.com //

CrazyHunter Ransomware Exploits GitHub Open Source Tools - CrazyHunter, a new ransomware group, targets organizations in Taiwan's healthcare, education, and industrial sectors, leveraging open-source tools and BYOVD techniques to bypass security measures.
CrazyHunter, a new ransomware group, has emerged as a significant cyber threat, specifically targeting organizations in Taiwan. Their victims predominantly include those in the healthcare, education, and industrial sectors, indicating a focus on organizations with valuable data and sensitive operations. Since January, CrazyHunter's operations have shown a clear pattern of specifically targeting Taiwanese organizations. The group made their introduction with a data leak site posting ten victims, all located in Taiwan, demonstrating a strategic, regionally focused campaign.

CrazyHunter's toolkit heavily relies on open-source tools sourced from GitHub, with approximately 80% of their arsenal being open-source. The group broadens its toolkit by integrating open-source tools from GitHub, such as the Prince Ransomware Builder and ZammoCide, to further enhance their operational capabilities. This approach significantly reduces the technical barrier for creating tailored, potent ransomware attacks, enabling rapid adaptation and enhancement of their operations. They have also been seen to modify existing open source tools as their capabilities grow.

The ransomware deployment process includes the use of Bring Your Own Vulnerable Driver (BYOVD) techniques to bypass security measures. A customized process killer derived from the open-source project ZammoCide exploits the zam64.sys driver to neutralize defenses, specifically targeting antivirus and endpoint detection and response (EDR) systems. The ransomware itself, a bespoke variant using the Go programming language, employs advanced ChaCha20 and ECIES encryption to lock files, appending them with a “.Hunter” extension. This demonstrates a sophisticated and targeted approach to ransomware deployment.

Recommended read:
References :
  • gbhackers.com: Analysis of the CrazyHunter group highlights its sophisticated methodology in exploiting accessible open-source tools and targeting various sectors within Taiwan.
  • www.trendmicro.com: Trend Micro details research on emerging ransomware group CrazyHunter, which has launched a sophisticated campaign aimed at Taiwan's essential services.
  • cyberpress.org: CyberPress - CrazyHunter Hackers Leverage GitHub Open-Source Tools to Launch Attacks on Organizations
  • securityonline.info: The group's reliance on readily available GitHub resources underscores a trend of attackers leveraging public repositories for their operations.

Benchmarks

Blogs

Research Tools