NerdNews

Gemini CLI brings AI-powered coding assistance to the terminal, allowing developers to create and modify code with ease. It's free, open-source, and supports customization through Model Context Protocol (MCP) and bundled extensions.

Google's new on-device VLA model allows robots to operate with full autonomy without a cloud component, making them more reliable in challenging situations. The model is surprisingly robust and can be tuned by developers for specific uses, with many tasks working out of the box. It's ideal for environments with spotty or no cloud connectivity and prioritizes privacy by processing visual data locally.

Rubrik, a data cybersecurity company, has acquired Predibase, a venture-backed startup that helps companies train and fine-tune open source AI models. The acquisition aims to accelerate the adoption of AI agents in enterprises. Predibase's technology will be integrated into Rubrik's platform, allowing users to build AI agents through Amazon Bedrock, Azure OpenAI, and Google Agentspace.

Getty Images has dropped its primary claims of copyright infringement against Stability AI, but the UK lawsuit continues with secondary infringement and trademark claims. The case revolves around Stability AI's use of copyrighted images to train its AI model without permission.

Google's Gemini CLI is an open-source, agentic AI tool designed to run locally from terminals, connecting Gemini AI models to local codebases for coding tasks and more

The article discusses the development of AI Diplomacy, a game-based AI benchmark. The team learned to communicate effectively with large language models (LLMs) by providing context and telling a story, rather than just feeding them data. They also developed an interactive 3D interface and audio components to make the game engaging and accessible. Key takeaways include the importance of inference speed, parsing, and combining reasoning and final actions to reduce hallucinations.

CloudBees CEO Anuj Kapur discusses the implications of AI-generated code in DevOps, warning of 'black box' code and emphasizing the need for caution and testing to ensure quality and reliability. He notes that some customers are slowing down their adoption of AI due to concerns over the potential risks and downstream implications.

Google has launched Gemini CLI, a new open-source AI agent that brings Gemini's coding and content generation capabilities to developers' terminals. It provides a fundamental upgrade to the command line experience, making it easier for developers to write and debug code using natural language prompts.

Google has released Gemini CLI, a command-line interface that allows users to access Gemini 2.5 Pro for free. The CLI is written in Typescript and works across all platforms, including Windows, macOS, and Linux. Users can link their Google account to unlock features like a 1-million context window and 60 model requests per minute.

Creative Commons introduces CC signals, a framework for dataset holders to control how their content is reused by AI models, aiming to balance openness and data protection in the AI era.

Apple has released iOS 26 beta 2, featuring a new design called Liquid Glass, improved Phone and Messages apps, and other notable features like Live Translation, polls in group chats, and Visual Intelligence. The public beta will be available in July, and the final version will be released this fall.

Amazon's Ring has introduced a new feature called Video Descriptions, which uses generative AI to write text descriptions of motion activity detected by Ring doorbells and cameras. The feature aims to reduce false positives and provide more meaningful information to users. However, it raises concerns about data privacy and security, particularly given Ring's past troubles in these areas.

A study found that academic computer vision papers are increasingly being used to develop surveillance-enabling patents, with 90% of papers and 86% of patents extracting human data. The research suggests that the field of computer vision has a 'bottomless appetite' for tracking people as 'objects', often using ambiguous language to mask the surveillance implications.

Apple's CarPlay Ultra is a more immersive phone mirroring system that some automakers are eager to adopt, while others are hesitant or refusing to allow it due to concerns over data sharing and control over their vehicles' systems.

Kodiak Robotics is partnering with Vay to use their remote driving technology in its self-driving trucks. The technology will be used to support Kodiak's autonomous driving system, allowing human operators to remotely control the trucks in low-speed environments. The partnership will play a critical role in Kodiak's commercial driverless deliveries on public highways in Texas, set to begin in 2026.

Citrix has issued an emergency patch for a critical vulnerability in its Netscaler ADC and NetScaler Gateway products. The bug, tracked as CVE-2025-6543, is a memory overflow vulnerability that can lead to unintended control flow and denial of service. It has been exploited by criminals as a zero-day vulnerability, affecting multiple versions of the products.

A recent study by SecurityScorecard found that 88% of organizations are concerned about supply chain security, but few are taking adequate measures to counter the growing threat. The study revealed that 79% of organizations have limited visibility into their nth-party supply chain, making them vulnerable to attacks. To mitigate these risks, organizations need to invest in a holistic supply chain cybersecurity strategy, including risk assessments, continuous monitoring, and cyber resilience.

A British national known as 'IntelBroker' has been charged by the US for stealing and selling sensitive data, causing $25 million in damages. The indictment accuses Kai West of using the handle 'IntelBroker' to steal data from government agencies, companies, and critical infrastructure, often selling it on the BreachForums hacking forum.

Threat actors are modifying the ConnectWise ScreenConnect installer to create signed remote access malware. This is done by exploiting the Authenticode signature, allowing them to insert malicious configuration data while keeping the digital signature intact. The malware is distributed through phishing campaigns, with the first samples found in the BleepingComputer forums.

The article discusses five real-world attack chains involving Non-Human Identities (NHIs), highlighting lessons for securing machine identities. These attacks demonstrate how a single compromised application or credential can lead to a complete infrastructure takeover, emphasizing the importance of secrets security and NHI governance.