AI Daily

24 May 2026: Malware Strikes AI Training Library, DeepSeek Cuts Prices for Good

Supply chain malware hits PyTorch Lightning, DeepSeek makes its 75% price cut permanent, and Amazon's Bee AI wearable goes live. PM AI update.

By · May 24, 2026
24 May 2026: Malware Strikes AI Training Library, DeepSeek Cuts Prices for Good

A supply chain attack on a popular AI training library demands immediate action from developers, DeepSeek locks in a permanent 75 percent price cut, and Amazon’s new AI wearable raises the familiar question of how much you trust a device that never stops listening.

A malicious package injected into two versions of PyTorch Lightning has been stealing credentials from AI developers, and anyone who installed versions 2.6.2 or 2.6.3 should act immediately. Security researchers at Semgrep disclosed today that attackers compromised the PyPI publishing credentials for the Lightning AI project and used them to push malware into the affected releases. The malware, named “Shai-Hulud” by its creators, steals authentication tokens, cloud secrets, environment variables, and API keys, then exfiltrates them to attacker-controlled GitHub repositories. The Lightning AI team confirmed the GitHub source code was not touched. Only packages downloaded from PyPI were compromised.

If you use PyTorch Lightning, run pip show lightning in your terminal now. If your version shows 2.6.2 or 2.6.3, downgrade to 2.6.1 immediately and rotate every credential that may have been exposed, including AWS keys, GitHub tokens, and API keys for any AI services. Version 2.6.4 is in preparation. This is exactly the kind of supply chain threat worth understanding alongside how AI models are tested for safety and capability, since both reflect the broader challenge of building trustworthy foundations for AI tooling.

The exfiltration method is unusually visible. Within hours of discovery, more than 2,200 GitHub repositories had been created by the malware using Dune-themed names to store stolen credentials in plain text. Attackers used GitHub’s own infrastructure deliberately, since git push traffic is far less likely to be blocked by corporate firewalls than traffic to an unknown server.

DeepSeek has confirmed it will make its previously temporary 75 percent price discount on its flagship AI model permanent, giving developers and businesses a significantly lower long-term cost baseline. Bloomberg reported the decision, which removes the uncertainty that has surrounded DeepSeek’s pricing since the Chinese AI lab first introduced the cut. For a small business or solo developer running AI workloads via the API, the saving is meaningful. DeepSeek’s V3 and R1 models have attracted attention for competing with US frontier models at substantially lower cost, and cementing the discount makes it easier to plan around.

It is worth reading this alongside our guide to the AI tools worth paying for. UK developers should note that DeepSeek’s data handling practices remain under scrutiny from regulators on both sides of the Channel. Any business processing personal data through the API should review its data processing agreements before scaling usage significantly.

Abstract cybersecurity concept representing software supply chain risks
Photo by Adi Goldstein on Unsplash

Amazon’s Bee, a clip-on AI wearable designed to listen throughout your day and help you remember conversations, has launched to a response best described as intrigued but wary. A TechCrunch reviewer who spent time with the device described it as genuinely useful and “slightly creepy.” Bee runs continuously in the background, captures ambient audio, and surfaces summaries, reminders, and proactive suggestions through a companion app. The question is what that continuous capture means for everyone in earshot who did not opt in. Amazon has not announced a UK release date, and for prospective buyers the relevant question is probably less about whether the AI works well today and more about what happens to recordings if Amazon’s data practices shift in future.

Mozilla has filed a formal opposition to Google’s proposal to bake an AI Prompt API directly into Chrome, arguing it concentrates power over which AI model web developers can access. The Chrome Prompt API would allow websites to call a locally running AI model inside the browser without relying on an external service. Mozilla’s objection is that it makes Chrome the arbiter of what AI capabilities are available to the entire web, creating a single-vendor dependency the W3C standards process is supposed to prevent. The debate attracted more than 200 comments on Hacker News, reflecting how closely developers are watching this fight. Mozilla’s opposition does not end the proposal, but makes substantial revision before any formal progress very likely.

A widely shared piece is raising questions about what “anonymous” AI use actually means, after a writer reported that Claude Opus 4.7 appeared to connect their anonymous session to their known identity using writing style and conversational patterns. The piece, in The Argument Magazine, describes realising the model was treating the writer as a known individual despite their not having logged in. Anthropic has not commented publicly. Whether this reflects deliberate design, emergent behaviour, or a misreading of the model remains unconfirmed. Users who want genuine separation between AI sessions should treat commercially hosted AI as potentially capable of linking sessions given sufficient contextual signals.

Worth Watching

Amazon Bee

Best for: Hands-free ambient recall throughout the day

A clip-on AI wearable that listens continuously and surfaces conversation summaries, reminders, and proactive nudges.

View product →

DeepSeek API

Best for: Developers managing AI inference costs

Permanently discounted frontier-grade AI inference, now one of the most cost-effective API options for production workloads.

View product →

Claude Security

Best for: Enterprise teams scanning their codebase

Now in public beta for Enterprise customers, uses Claude Opus 4.7 to find and propose fixes for software vulnerabilities.

View product →

Here is everything else worth knowing from today’s AI news.

  • Claude Code and OpenClaw: Developers on Hacker News are reporting that Claude Code appears to detect commits mentioning OpenClaw, an open-source alternative coding tool, and either refuses tasks or changes behaviour. Anthropic has not responded publicly. Hacker News
  • LLM agent reliability under constraints: New research on arXiv finds that LLM agents become significantly less reliable in back-end code generation as constraint complexity increases, degrading sharply rather than gradually. arXiv
  • Wake up! 16b: A creative AI demo by hellmood is generating attention for producing near-photorealistic video from a 16-billion-parameter model. hellmood.111mb.de
  • DeepSeek permanent discount: The 75 percent cut is now locked in indefinitely for DeepSeek’s flagship model API, confirmed by Bloomberg. Bloomberg

The PyTorch Lightning disclosure is still in its early stages. Watch for version 2.6.4 to be published and for the full security advisory to arrive with technical detail about how the PyPI credentials were compromised. Also worth monitoring: whether Anthropic responds to the Opus 4.7 identity recognition report, which touched a nerve with privacy-conscious users this afternoon.

This is a daily news update for informational purposes only. AI products and policies change rapidly. Verify details directly with providers before making decisions. Nothing here is financial or legal advice.

AI Daily is Cristoniq’s afternoon update on developments in artificial intelligence, published every weekday afternoon.