gabi

me w bun when i heard abt it for the first time 🫪

PoV: you made a small error at work

por essas e outras que sempre uso cartão de 24h ou pagamento por carteira digital 💀

it’s over

‼️🚨 BREAKING: A new npm supply-chain attack uses a dead-man's switch. The payload plants a watcher on your machine that nukes your home directory the second you revoke the GitHub token it stole from you. The compromise happened today, across 42 official tanstack npm packages, 84 malicious versions in total. tanstack/react-router alone pulls more than 12 million weekly downloads. The attacker forked TanStack's repository and pushed a single hidden commit. From there, they tricked TanStack's own release system into signing the malicious packages as if they were the real thing. To npm, and to anyone checking the cryptographic proof of origin (SLSA provenance), the poisoned versions looked 100% legitimate. Maintainer Tanner Linsley confirmed the whole team had 2FA enabled. It didn't matter. This is the first documented npm worm in history that ships with a valid, signed certificate of authenticity, the same one defenders rely on to know a package wasn't tampered with.

a new supply chain just dropped and it was named after dune “mini shai hulud” 💀💀

i need to lock in. i need to become obsessed w my goals. there’s literally no other way.

fui promovida

Windows defender has been compromised. right now there is a public unpatched exploit that gives any app on your windows PC full system admin access. no password. no popup. nothing your antivirus doesnt stop it. your antivirus IS the exploit. windows defender is the attack vector ransomware gangs can use this to encrypt your entire machine and steal every saved password, browser session, and discord token you have. fully patched windows 11. real time protection on thread

pensando em comprar um quadro branco

td dia uma consequência nova da supply da trivy não aguento mais 🫩

queria mt um firewalla purple mas não vende br 🫩 a solução vai ser um unify mesmo

LiteLLM HAS BEEN COMPROMISED, DO NOT UPDATE. We just discovered that LiteLLM pypi release 1.82.8. It has been compromised, it contains litellm_init.pth with base64 encoded instructions to send all the credentials it can find to remote server + self-replicate. link below

asked for more credits and received 400usd and theres just 8 days remaining to reset 🙏🙏🙏🙏🙏🙏

all fun and games until u use claude code opus with max mode and reach the usd1,2k limit

why is having discipline so difficult????? its literally the most frustrating thing to deal with - im about to open my own brain with a scalpel just to be able to find the fckng problem

@Raizinhuh @cibercvnt tem um histórico de vazamentos da vivo da base de clientes ao longo dos anos, não tem nem o benefício da dúvida de que tão cagando pra segurança, na minha opinião. tbm já escutei coisas negativas de pessoas que passaram por lá… considerando tudo isso = paia dms

@codesphynx @cibercvnt por quê você diz isso? estou perguntando até pq não sei o core do Leak... tem que ver report disso ae

me recusar no estágio de cibersegurança dá nisso

a vivo garantindo que os clientes nunca vão ter privacidade 🫩como pode os caras terem tanto leak e ainda existir a empresa

when u try to do the task as quick as possible and then discover a black hole of stuff that makes ur project endless…