LeadDev AI Impact Report LeadDev and DX released a joint AI Impact Report for 2025 with important insights: 66% of orgs have adopted AI tools (lower than expected), with investment on internal engineering (85%) and coding assistants (Cursor (45%), GitHub Copilot (37%), and OpenAI (27%). Most teams perceive productivity gains (59%) with tech debt steady or down - which seems to contradict negative sentiments in recent surveys. Relevant to our recent keynote at the World Developers Congress, there's still an under-investment on the lower funnel of development, with day-to-day usage of AI skewing to code generation (48%), while testing/QA (7%) and deployment (2%) are under-automated. There are still some risks clearly acknowledged such as security (49%), hallucinations (48%), and ethics/policies gaps (47%). |
|
|
|---|
|
MCP Vulnerabilities For Every Dev With the increasing MCP protocol adoption there are a growing number of common security vulnerabilities to look out for - these are some of the key ones for any practitioner: 1) Tool Description Injection is real. 2) The authentication situation is not great. 3) Supply Chain Risk is underestimated. Real-world security failures have already happened: Hundreds of exposed servers on 0.0.0.0 with command-execution flaws, the Supabase MCP Lethal Trifecta Attack, Asana Data leak, mcp-remote Command Injection, Accessing private repositories via GitHub MCP. Security has always been a core pillar of software, and today with th erise of AI hype it is no different. |
|
|
|---|
|
Architecting Large Software Sys Large systems stay fast and reliable when you ensure robust design and stable contracts/interfaces: This is an interesting introspectively walkthrough on various hands-on projects sharing lessons on complex software system design. There are some interesting take-aways such as defining stable & versioned APIs/schemas/protocols, wrap external platforms behind adapters, and make each module singly owned and replaceable without breaking callers. There are some lessons that could be argued as (very much) over-engineering as building everything in-house, likely these are for very specialized instead of the generic approach to building everything, however there are still interesting takeaways overall. |
|
|---|
|
Machine Learning Visualised Machine Learning Visualized is one of the best and most intuitive overviews of ML concepts and foundations out there, especially for visual learners: ML Visualized is an OSS Jupyter Notebook that explains and implements core algorithms from first principles with animated training/convergence visuals. The mini-course covers gradient descent, PCA, k-means, the perceptron, logistic regression, and compact neural nets with backprop, loss-landscape, and weight-space views. Even if you already know these concepts it's still a nice way to get a refresher, so definitely worth checking out. |
|
|
|---|
|
Best Practice for Agentic Systems What are the best practices for designing and building Agentic Systems? Here's a few: 1) Ship a two-tier design: a single stateful orchestrator that plans and maintains context, and stateless subagents treated as pure, RPC-like functions (e.g. task -> structured JSON result) to enable safe parallelism, deterministic tests, and prompt-hash caching. 2) Decompose work vertically for dependencies and horizontally for scale; in practice most pipelines mix parallel extraction with sequential aggregation. 3) Prefer strict I/O contracts - e.g. clear objective, bounded scope, output schema, timeouts/limits - and keep context isolated by default, with filtered summaries or references only when necessary. 4) Orchestrate primarily with sequential pipelines and map-rreduce; use Consensus voting only for high-risk judgments and avoid deep hierarchies that explode debugging. 5) Engineer failure paths: graceful degradation, targeted retries (prompt rephrase/model swap), exponential backoff, and always return partials with suggested next actions. There's many more considerations, and this is a great and comprehensive overview of.best practices, however the field is still emerging so it will be interesting to keep an eye to see how it evolves. |
|
|
|---|
|
Upcoming MLOps Events The MLOps ecosystem continues to grow at break-neck speeds, making it ever harder for us as practitioners to stay up to date with relevant developments. A fantsatic way to keep on-top of relevant resources is through the great community and events that the MLOps and Production ML ecosystem offers. This is the reason why we have started curating a list of upcoming events in the space, which are outlined below. Upcoming conferences where we're speaking:
Other upcoming MLOps conferences in 2025:
In case you missed our talks:
|
|
|---|
| | |
Check out the fast-growing ecosystem of production ML tools & frameworks at the github repository which has reached over 10,000 ⭐ github stars. We are currently looking for more libraries to add - if you know of any that are not listed, please let us know or feel free to add a PR. Four featured libraries in the GPU acceleration space are outlined below. - Kompute - Blazing fast, lightweight and mobile phone-enabled GPU compute framework optimized for advanced data processing usecases.
- CuPy - An implementation of NumPy-compatible multi-dimensional array on CUDA. CuPy consists of the core multi-dimensional array class, cupy.ndarray, and many functions on it.
- Jax - Composable transformations of Python+NumPy programs: differentiate, vectorize, JIT to GPU/TPU, and more
- CuDF - Built based on the Apache Arrow columnar memory format, cuDF is a GPU DataFrame library for loading, joining, aggregating, filtering, and otherwise manipulating data.
If you know of any open source and open community events that are not listed do give us a heads up so we can add them! |
|
|---|
| | |
As AI systems become more prevalent in society, we face bigger and tougher societal challenges. We have seen a large number of resources that aim to takle these challenges in the form of AI Guidelines, Principles, Ethics Frameworks, etc, however there are so many resources it is hard to navigate. Because of this we started an Open Source initiative that aims to map the ecosystem to make it simpler to navigate. You can find multiple principles in the repo - some examples include the following: - MLSecOps Top 10 Vulnerabilities - This is an initiative that aims to further the field of machine learning security by identifying the top 10 most common vulnerabiliites in the machine learning lifecycle as well as best practices.
- AI & Machine Learning 8 principles for Responsible ML - The Institute for Ethical AI & Machine Learning has put together 8 principles for responsible machine learning that are to be adopted by individuals and delivery teams designing, building and operating machine learning systems.
- An Evaluation of Guidelines - The Ethics of Ethics; A research paper that analyses multiple Ethics principles.
- ACM's Code of Ethics and Professional Conduct - This is the code of ethics that has been put together in 1992 by the Association for Computer Machinery and updated in 2018.
If you know of any guidelines that are not in the "Awesome AI Guidelines" list, please do give us a heads up or feel free to add a pull request!
|
|
|---|
| | |
| | | | The Institute for Ethical AI & Machine Learning is a European research centre that carries out world-class research into responsible machine learning. | | | | |
|
|
|---|
|
|
This email was sent to You received this email because you are registered with The Institute for Ethical AI & Machine Learning's newsletter "The Machine Learning Engineer"
|
| | | | |
|
|
|---|
|
© 2023 The Institute for Ethical AI & Machine Learning |
|
|---|
|
|
|
The Institute for Ethical AI & Machine Learning
