Exploitarium's 0-Day Dump, DSpark's 80% Inference Boost, and Google Caps Meta's Gemini Access

Good morning. It's Saturday, June 28, and we're covering the Exploitarium exploit dump that hit 817 HN points before the repo was pulled, DeepSeek's open-source speculative decoding framework, and Google telling Meta it cannot get the Gemini capacity it requested.

The Exploitarium thread is the fastest-rising security post this quarter. Here is the signal, sourced.

In today's brief:

• An anonymous GitHub account dropped working exploits for libssh and Gitea before advisories existed
• DeepSeek's DSpark framework accelerates V4 inference 60-85% and the full training stack is now open-source
• Google told Meta it cannot meet its Gemini capacity request, delaying internal AI projects
• Simon Willison reports that 6,000 prompt injection attempts against Opus 4.6 all failed

SECURITY

Anonymous Account Drops Working Exploits Before Advisories

The Exploitarium repository appeared on GitHub from an account with no prior history and immediately hit the HN front page at 817 points. It contained proof-of-concept code for four vulnerabilities: a pre-authentication heap overflow in libssh/libssh2 (CVE-2026-55200, CVSS 9.2), a global admin auth bypass in Gitea (CVE-2026-20896, CVSS 9.8), a c-ares DoS, and a Floci AWS emulator misconfiguration.

According to FemtoSec's analysis, threat actors on dark web forums are marketing these as unpatched 0-days, but the technical assessment concludes they are functional exploits for documented vulnerabilities. GitHub banned the account; GitLab followed within two days.

The libssh and Gitea exploits are the ones that matter for most dev shops. If you self-host Gitea or use libssh for CI/CD transport, patch now.

Why it matters: The exploits are real and public regardless of whether the 0-day claims hold. Any team running affected versions is exposed.

RESEARCH

DeepSeek Open-Sources DSpark: 60-85% Faster Inference

DeepSeek released DSpark (HN discussion, 762 points), a speculative decoding framework that accelerates per-user generation speeds 60-85% on DeepSeek-V4 Flash and 57-78% on the Pro variant.

The approach is what DeepSeek calls "semi-parallel" decoding: instead of generating one token at a time, DSpark speculatively generates multiple candidate tokens in parallel and then selectively verifies the promising guesses. In benchmarks, acceptance lengths increased 16-30% over previous methods like Eagle3 and DFlash.

The DeepSpec codebase is now fully open-source, supporting Qwen3 and Gemma model families for training and evaluation.

Why it matters: Speculative decoding is becoming the default optimization layer for production inference. Open-sourcing the training stack means you can apply DSpark's approach to your own fine-tunes.

PLATFORMS

Google Caps Meta's Gemini Access Over Capacity Limits

Bloomberg reports that Google told Meta around March that it could not meet the full Gemini capacity Meta had sought to purchase. The shortfall has disrupted and delayed some of Meta's internal AI projects, and Meta has instructed staff to use AI tokens more efficiently.

Google is enforcing similar restrictions on other clients, but Meta was the most affected. The constraint is infrastructure, not policy: Alphabet's compute capacity cannot scale to match demand from the largest buyers.

Why it matters: If Google is rationing capacity to Meta, smaller teams should not assume API availability scales linearly with spend. Build for fallback models.

SECURITY

6,000 Prompt Injections Against Opus 4.6 All Failed

Simon Willison published "What happened after 2,000 people tried to hack my AI assistant", documenting 6,000 attempted prompt injections against an Opus 4.6 instance. None successfully extracted the secret.

His conclusion: frontier models have benefited substantially from anti-injection training. This does not mean prompt injection is solved - the attack surface expands with every new tool an agent can call - but the base model layer is getting meaningfully harder to crack through naive injection.

Why it matters: The security delta between frontier and mid-tier models is widening. If you are building agents that handle untrusted input, model selection is now a security decision.

TOOLS WORTH A LOOK

1. Bumblebee - Perplexity's open-source supply chain scanner checks npm, PyPI, Go modules, and MCP configs against known-compromised packages without running install scripts. Apache 2.0, single Go binary.
2. WAL-RUS - ClickHouse's Rust rewrite of WAL-G for PostgreSQL backups, now on the HN front page (75 points).
3. Decomp Academy - A free course for learning to decompile GameCube games, Show HN at 127 points.

WHAT ELSE IS HAPPENING

• GPT-5.6 preview begins: OpenAI is rolling Sol, Terra, and Luna models to trusted partners. Stronger reasoning and cybersecurity benchmarks.
• Codex Remote hits GA: Start or continue work on a connected Mac or Windows host, review from mobile.
• Fintech Engineering Handbook: A new open reference for payment systems, ledgers, and compliance. 574 points.
• IP Crawl: A living atlas of open webcams discovered on the public internet. 300 points, privacy implications obvious.
• Claude Opus 4.7 fast mode deprecated: Removal scheduled for July 24. Migrate to Opus 4.8 fast mode.

FROM THE SITE

What We Published Yesterday

The Grok Build developer guide covers xAI's new terminal agent with 8 parallel subagents and Arena Mode. The Perplexity Bumblebee guide walks through the read-only supply chain scanner for npm, PyPI, and MCP configs.

---

Every link above goes to a primary source or our sourced coverage. Tomorrow's brief lands when the news does - subscribe to get it by email.