Dave Stokes

Remember those Austin IT firings from a couple of weeks ago? The American-Statesman dug deeper and found that all three employees were fired after officials discovered they had undisclosed second jobs - including working in IT for the city of Dallas. statesman.com/news/local/art…

Artemis II Trajectory vs. Apollo 11 and Apollo 13 [🎞️ dflores.07]

nobody's been this far from a Waffle House before

Artemis Mission Route in 3D - This animation visualizes the Artemis mission trajectory in a dynamic 3D perspective, showing how the spacecraft travels through the Earth–Moon system while all celestial bodies are in motion. Instead of a static path, the Sun, Earth, and Moon move simultaneously, revealing the true complexity of orbital mechanics. The result highlights how the Artemis route is not a simple curve, but a constantly shifting trajectory shaped by gravity and motion. This view provides a clearer understanding of how modern space missions navigate through space in real time. Right now, Artemis is on its return path to Earth and is expected to arrive back soon as it completes its mission. The sizes and distances of the Sun, Earth, and Moon are not to scale and are adjusted for visual purposes.

The highest quality video of the moon was just released… this is so beautiful.

To think that we aren't just going "to the Moon," but rather traveling to meet it at an exact point in space... changes everything. ​It all comes down to orbital mechanics: arriving at the precise location, at the precise moment. ​One tiny error... and it simply doesn't happen

Yup, platform activity is surging. There were 1 billion commits in 2025. Now, it's 275 million per week, on pace for 14 billion this year if growth remains linear (spoiler: it won't.) GitHub Actions has grown from 500M minutes/week in 2023 to 1B minutes/week in 2025, and now 2.1B minutes so far this week. So we're pushing incredibly hard on more CPUs, scaling services, and strengthening GitHub’s core features. And as a fine purveyor of hand-crafted shit code for many years, I'm not gonna weigh in on that. 🤣

Name a better pure Guitar player!!!

🔥 Rare footage of Django Reinhardt playing guitar! The undisputed king of Gypsy Jazz — a man who lost the use of two fingers in a tragic fire yet still played with insane speed, swing, and soul that most guitarists could only dream of. Pure genius 🤯🎸

Adding googly eyes to a pulverizer instantly makes the job better..

ARTEMIS II AS SEEN BY THE OFFICIAL NASA CESSNA THIS IS THE BEST LAUNCH VIDEO AND IT ISN'T CLOSE

Databricks just dropped real production data on how agents use databases. databricks.com/blog/how-agent… The numbers are wild: • Agents create 4x more databases than humans • 50% of those databases live less than 10 seconds • Average project branches ~10 times, some reach 500+ This isn't "more traffic." It's a completely different access pattern. Two implications nobody's talking about: - Pricing models break. You can't charge $50/month for a DB that lives 10 seconds. - Observability breaks. Your monitoring dashboard can't track a fleet of ephemeral instances that blink in and out of existence. The database of the agent era looks nothing like what we built for humans.

Hey @NASA 🤔 Did you tell the #ArtemisII crew to jiggle the handle? 👉🏻🚽 That usually works for me. 🤷🏼😉

Why didn't our teachers make it this easy?

Now that Artemis II has launched we have 10 days to get everyone on Earth a Planet of the Apes costume so we can do something hilarious when the astronauts return 😁

Texans and people who have visited will understand😂

Wordle 1,746 3/6 🟩🟩⬜🟨⬜ 🟩🟩🟩⬜⬜ 🟩🟩🟩🟩🟩

Analysts on your team can get the data they need without waiting for someone to run a query. Parameterized datasets are now available in DBeaver Team Edition 26.0. Learn more: #parameterized-datasets" target="_blank" rel="nofollow noopener">dbeaver.com/docs/team-edit…

A tiny piece of code called axios runs inside almost every app on your phone and every website you visit. Developers download it 100 million times a week. A few hours ago, someone poisoned it with malware that hands an attacker full control of your computer. If you’ve never heard of axios, that’s normal. It does one boring but important job: it lets apps talk to the internet. When a website pulls up your feed or an online checkout processes your card, axios is probably doing the work underneath. Over 173,000 other code packages plug into it. It’s everywhere. The attacker stole a lead developer’s login for npm (think of it as an app store, but for code that programmers use to build software). Once inside, they swapped the developer’s email to an anonymous ProtonMail account and uploaded the poisoned version by hand. That jumped past every security check the project normally runs before new code goes live. And this was not some rushed job. The attacker staged the malware at least 18 hours before pulling the trigger. They built separate versions for Windows, Mac, and Linux. They poisoned both the current version and an older one within 39 minutes of each other, casting the widest net possible. Once the malware ran on a machine, it deleted itself to cover its tracks. The trick was smart. They never touched a single line of code inside axios itself. Instead, they tucked in a fake add-on called plain-crypto-js, built to pass as a well-known, trusted library. It copied the real library’s description and author info, so nothing looked off at a glance. When a developer installed axios, this fake package quietly ran the malware on its own. When a smaller package called ua-parser-js got hijacked back in 2021 with about 8 million weekly downloads, the security world treated it like a four-alarm fire. Axios has 100 million. Over 12x the exposure, with 173,000+ packages depending on it. Socket, the security firm that flagged this, caught it in about 6 minutes. That’s fast. But 6 minutes is still plenty of time for automated systems at companies everywhere to pull and install the bad version before anyone can react. If you or your team runs axios: lock your version to 1.14.0 (or 0.30.3 for the older branch). Change every password, API key, and access token on any machine that installed the compromised update. And check your network logs for connections to sfrclak dot com or the IP address 142.11.206.73.

do you understand what just happened to one of the most used npm packages on the internet? → axios gets downloaded over 100 million times a week and today it got compromised → an attacker hijacked the npm credentials of a lead axios maintainer… changed the account email to an anonymous ProtonMail address… and manually published two poisoned versions → axios@1.14.1 and axios@0.30.4… neither version contains a single line of malicious code inside axios itself. instead they inject a fake dependency called plain-crypto-js that drops a remote access trojan on your machine → the fake dependency was staged 18 hours in advance… three separate payloads were pre-built for macOS, Windows, and Linux… both release branches were hit within 39 minutes. every trace was designed to self-destruct after execution too → there’s no tag in the axios GitHub repo for 1.14.1. it was published outside the normal release process entirely... bypassed CI/CD completely → StepSecurity called it one of the most operationally sophisticated supply chain attacks ever against a top 10 npm package → a routine npm install silently opens a backdoor… no warning… no suspicious code visible in axios itself this is the wake up call all vibe coding bros need to hear right now: → if you installed either version… assume your system is compromised → pin to axios@1.14.0 or axios@0.30.3 → rotate all secrets, API keys, SSH keys, and credentials on affected machines → check network logs for C2 connections → add –ignore-scripts to CI npm installs going forward 100 million weekly downloads and one compromised maintainer account… that’s all it took to wreak absolute havoc and I imagine we see a whole lot more of these… crazy times ahead for cybersecurity and vibe coding be safe out there y’all