npm Supply Chain Attack Exposes Private Repositories, AWS Credentials and More npm supply chain attacks continue. This time targeting @ctrl/tinycolor and multiple other packages with credential stealer malware. In this blog, we will analyze the attack and its impact on the npm ecosystem. We will also look at common attack patterns t...
S1ngularity/nx attackers strike again The attackers behind the nx attack have struck again, targeting a large amount of packages, with a first-of-its-kind worm payload.
Godot 4.5, making dreams accessible – Godot Engine From mind-blowing effects now made possible by the stencil buffer to accessible descriptions of your GUI elements that opens up the possibility for people with disabilities to play your game — we are proud to present to you Godot 4.5.
Dolphin Progress Report: Release 2509 The Dolphin Blog is full of stories surrounding games, their development, and the challenges they present to emulate them. And in these stories, we sometimes have some recurring characters that we gain a better understanding of over time. Factor 5 and the...
The FBI couldn't get my husband to decrypt his Tor nodes, so they told a judge he used his GRAPHICS DRIVER to access the "dark web" and jailed him PRE TRIAL for 3 years. (Eastern District of Michigan - Detroit) My husband, Conrad Rockenhaus, is wrongly incarcerated in a county jail. I’m posting this here because...
ctrl/tinycolor and 40+ NPM Packages Compromised - StepSecurity The popular @ctrl/tinycolor package with over 2 million weekly downloads has been compromised alongside 40+ other NPM packages in a sophisticated supply chain attack. The malware self-propagates across maintainer packages, harvests AWS/GCP/Azure credentia...
William Gibson Reads Neuromancer The author Ray Bradbury is one of the early science fiction authors that moved science fiction into a literary form. As a writer Bradbury constructs beautifully written stories and novels. Bradbury's writing is in stark contrast to Bradbury as a speaker...
Massive Attack Turns Concert Into Facial Recognition Surveillance Experiment Massive Attack used live facial recognition technology on concertgoers, turning surveillance into provocative art that sparked debate about privacy.
The awe keeps dropping A reaction and assorted observations about Apple's September 9 Awe-Dropping event.
Linux phones are more important now than ever. - feddit.org ## E: apparently it needs to be said that I am not suggesting you switch to Linux on your phone today; just that development needs to accelerate. Please don’t be one of the 34 people that replied to tell me Linux is not ready. Android has always been a fa...
React Won by Default – And It's Killing Frontend Innovation | Loren Stewart Exploring how React's dominance by default stifles frontend innovation, and why deliberate framework choices lead to better tools for performance, developer experience, and ecosystem diversity.
What's New in C# 14: Null-Conditional Assignments C# 14, coming with .NET 10, introduces null-conditional assignment, a feature that lets you safely assign values to properties or indexers without endless if statements. Learn more about this new feature in this article.
Fetch streams are great, but not for measuring upload/downloading progress They're inaccurate, and there are better ways.
Why RJs Are Dying: An Analysis of AI Job Displacement in Media A forensic-grade analysis of how AI voice technology, venture capital, and economic pressures are systematically displacing radio jockeys and other voice professionals. Understand the displacement curve and its implications for the future of creative work...
Making family IT support effortless (and free) Generalist software developer writing about scalable infrastructure, fullstack development and DevOps practices.
Virtual Monitors in X11 and i3 I finally made the switch from X11/i3 to Wayland/Sway, and things are, for the most part, better on Wayland. I’ve managed to replicate almost everything from my setup, albeit with different tools, but there are exceptions and I thought I’d write about one...
Revocation ain't no thang. Adam Langley wrote about how revocation in the Web PKI doesn’t work over 10 years ago. Since then, the Web PKI has drastically changed for the better, despite not appearing to “solve” revocation. Unfortunately, many people interpret Adam’s post to mean “w...
Cleaning up my $HOME with XDG Base Directory Specification In my career I worked with plenty of different software that require the presence of certain environment variables for them to function properly. From time to time I would notice that the program either offers it as an option or requires you to have XDG_....
The Only Way to Build Trust Is to Give Trust A former report reached out recently. It was one of those unexpected messages that stops you mid-scroll, the kind that makes you put your phone down and actually think.They wanted me to know I’d be...
How Opus and o3 saved me from permanent blindness A few weeks ago, I suddenly started going blind in my left eye. Yes, really. If I closed my right eye, about 80% of my vision was dark grey or black. I couldn't see my own hand in front of my face! Thankfully, Opus and o3 (I'll just refer to them as AI; a...
Coders End, From Typers To Thinkers | etsd.tech Typing the code was never the point. Thinking the code is. An exciting future for anyone who understands where their real value lies.
A Slotted Hash Cons for Alpha Invariance Slotted e-graphs https://dl.acm.org/doi/10.1145/3729326 are a data structure that compactly stores many equivalent terms in an alpha invariant aware way. I’ve been very excited by them but also very confused by them.
Inline Notes Inline notes are an alternative to footnotes. When you click on a highlighted phrase, you get the inline note added to the paragraph right after the phrase.
Measuring What Matters Most people-performance metrics are noise. Lines of code, story points, "impact" — all distort reality. The fairer measure is simple: clear commitments made and fulfilled. Stop tracking proxies and start measuring what actually matters.
I Am Trapped In Insta-Purgatory With No Recourse How Insta Has Persisted Of all the social media platforms that came during my youth, Instagram has been the most persistent. It has managed...
Argumentum ad colossum I’m coining a new phrase to use for discussion purposes: argumentum ad colossum.
Adios Chicos, 25 Years of KDE – Jonathan Riddell's Diary It was the turn of the millenium when I got my first computer fresh at university. Windows seemed uninteresting, it was impossible to work out how it worked or write programs for it. SuSE Linux 6.2 was much more interesting to try and opened a world of ...
OS - macOS Tahoe macOS Tahoe with a new design, more ways to work seamlessly across devices, and new features to turbocharge productivity every day.
So You Want to Host Your Own LLM? Don’t. Self-hosting LLMs is the new crypto mining—costly, wasteful, and outdated fast. Use a MacBook or APIs until home-scale AI truly arrives.