Exclamatory Walrus
666 posts






Just for fun, I generated a 1000-character text and pasted it in the search field in the App Store. Well, the analytics captured the entire text, linked it to my ID and sent it to Apple, before even pushing "enter". Now imagine you accidentally paste something private in there🙃






Anouncing Spending Caps: Define your maximum monthly spend, if your bill reaches this limit, your Cloud Run resources will be automatically paused.






The new AI Camera Assistant* with Xperia Intelligence brings stories to life. Using subject, scene and weather, it suggests expressive options with adjustments of colour, exposure, bokeh, and lens for breathtaking photos*. sony.co.jp/en/xperia-1m8/… #SonyXperia #Xperia1VIII

SECURITY ADVISORY — TanStack npm packages A supply-chain compromise affecting 42 @tanstack/* packages (84 versions total) was published to npm earlier today at approximately 19:20 and 19:26 UTC. Two malicious versions per package. Status: ACTIVE — packages are deprecated, npm security engaged, publish path being shut down. Severity: HIGH — payload exfiltrates AWS, GCP, Kubernetes, and Vault credentials, GitHub tokens, .npmrc contents, and SSH keys. If you installed any @tanstack/* package between 19:20 and 19:30 UTC today, treat the host as potentially compromised: • Rotate cloud, GitHub, and SSH credentials immediately • Audit cloud audit logs for the last several hours • Pin to a prior known-good version and reinstall from a clean lockfile Detection — the malicious manifest contains: "optionalDependencies": { "@tanstack/setup": "github:tanstack/router#79ac49ee..." } Any version with this entry is compromised. The payload is delivered via a git-resolved optionalDependency whose prepare script runs router_init.js (~2.3 MB, smuggled into each tarball at the package root). Unpublish is blocked by npm policy for most affected packages due to existing third-party dependents. All 84 versions are being deprecated with a SECURITY warning, and npm security has been engaged to pull tarballs at the registry level. Full technical breakdown, complete package and version list, and rolling status updates: github.com/TanStack/route… Credit to the security researcher for responsible disclosure.













