Pasi-Pekka Karppinen retweetledi
I can't properly describe to anyone under the age of 30 just how cool the Internet was before Amazon, Google, Meta, and Apple turned it all into a walled garden of garbage and commerce.
English
Pasi-Pekka Karppinen
736 posts
Pasi-Pekka Karppinen
@ppkarppi
Curious explorer. One of the odd ones who enjoy the road less traveled. Someone somewhere in summertime.
Earth Katılım Şubat 2010
2.4K Takip Edilen505 Takipçiler
Pasi-Pekka Karppinen retweetledi
I'm not gonna lie, the @Meta layoffs are some of the most dystopian I've ever seen. They got told to work from home, they were sent the emails at 4AM in the morning. Those who weren't impacted have software on their computer that tracks their every move, preparing AI to take their job as well. They're literally training the AI that will eliminate their position as well.
Meanwhile, Meta is raking in RECORD PROFITS.
I am a massive, unapologetic AI enthusiast. Yet, this is NOT the future I had in mind.
I wish for Meta to crash and burn. This is not the way. Literally nobody benefits from this.
English
Pasi-Pekka Karppinen retweetledi
🚨 GitHub source code allegedly offered for sale: Internal orgs and private repositories claimed
A threat actor using the alias TeamPCP claims to be selling GitHub source code and internal organization data.
The actor claims the dataset includes around 4,000 private repositories and says samples can be provided to interested buyers to verify authenticity.
━━━━━━━━━━━━━━━━━━━━
Target: GitHub
Country: United States
Sector: Technology / Software Development / Source Code
Incident Type: Alleged Source Code Sale
Claimed Exposure: Around 4,000 private repositories
Actor: TeamPCP
Price: Offers over $50,000
━━━━━━━━━━━━━━━━━━━━
According to the post, the actor claims the material includes source code and internal organization data tied to GitHub’s main platform. The post also references a public file list and includes screenshots showing numerous repository archive names.
Why it matters:
If authentic, exposed source code and internal repository data could increase the risk of code review by hostile actors, vulnerability discovery, supply chain targeting, impersonation, phishing, and follow-on attacks against developer infrastructure.
Status:
This remains an unverified underground forum claim. The actor states this is not a ransom attempt and claims the data may be leaked publicly if no buyer is found.
Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
English
Pasi-Pekka Karppinen retweetledi
We are investigating unauthorized access to GitHub’s internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’ enterprises, organizations, and repositories), we are closely monitoring our infrastructure for follow-on activity.
English
Pasi-Pekka Karppinen retweetledi
Pasi-Pekka Karppinen retweetledi
EXCLUSIVE: Several Chinese tech companies have recently stopped updating previously open AI models, which could indicate they're moving development behind closed doors, Germany’s cyber chief has warned.
🔗 politico.eu/article/china-…
English
Pasi-Pekka Karppinen retweetledi
Pasi-Pekka Karppinen retweetledi
Pasi-Pekka Karppinen retweetledi
The Google Threat Intelligence Group has detected the first known instance of a threat actor using an AI-developed zero-day exploit in the wild. While the attackers planned a wide-scale strike, our proactive counter-discovery may have prevented that from happening. This finding is part of our new report on AI-powered threats.
English
Pasi-Pekka Karppinen retweetledi
This is crazy. The shai hulud exploit is embedding itself in Claude and VSCode to re-execute itself, even after the original packages have been uninstalled.
I'm never installing anything ever again.
International Cyber Digest@IntCyberDigest
‼️🚨 UPDATE: The TanStack npm attack is now a full campaign. 'Mini' Shai-Hulud has hit: - OpenSearch - Mistral AI - Guardrails AI -UiPath - Squawk packages across npm and PyPI The malware specifically targets AI developer tooling. It hooks into Claude Code (.claude/settings.json) and VS Code (.vscode/tasks.json) to re-execute on every tool event, long after the infected package is gone. npm uninstall does not fix this.
English
Pasi-Pekka Karppinen retweetledi
❗️ UPDATE on today's npm supply-chain attack:
• Per Socket Security: 121 more compromised package artifacts found across 84 additional package names. 64 of them are UiPath artifacts.
• Combined with the earlier TanStack hits, the current known total is 205 affected npm package artifacts.
• Reach now spans enterprise automation, AI/MCP, auth, workflow, and dev tooling.
The worm is still propagating.
International Cyber Digest@IntCyberDigest
‼️🚨 BREAKING: A new npm supply-chain attack uses a dead-man's switch. The payload plants a watcher on your machine that nukes your home directory the second you revoke the GitHub token it stole from you. The compromise happened today, across 42 official tanstack npm packages, 84 malicious versions in total. tanstack/react-router alone pulls more than 12 million weekly downloads. The attacker forked TanStack's repository and pushed a single hidden commit. From there, they tricked TanStack's own release system into signing the malicious packages as if they were the real thing. To npm, and to anyone checking the cryptographic proof of origin (SLSA provenance), the poisoned versions looked 100% legitimate. Maintainer Tanner Linsley confirmed the whole team had 2FA enabled. It didn't matter. This is the first documented npm worm in history that ships with a valid, signed certificate of authenticity, the same one defenders rely on to know a package wasn't tampered with.
English
Pasi-Pekka Karppinen retweetledi
⚠️ RubyGems has suspended new signups after a major malicious attack involving hundreds of packages, some reportedly carrying exploits.
The incident raises fresh concerns over open-source supply chain security.
Details here: thehackernews.com/2026/05/rubyge…
English
Pasi-Pekka Karppinen retweetledi
‼️🚨 UPDATE: The TanStack npm attack is now a full campaign.
'Mini' Shai-Hulud has hit:
- OpenSearch
- Mistral AI
- Guardrails AI
-UiPath
- Squawk packages across npm and PyPI
The malware specifically targets AI developer tooling. It hooks into Claude Code (.claude/settings.json) and VS Code (.vscode/tasks.json) to re-execute on every tool event, long after the infected package is gone. npm uninstall does not fix this.
International Cyber Digest@IntCyberDigest
‼️🚨 BREAKING: A new npm supply-chain attack uses a dead-man's switch. The payload plants a watcher on your machine that nukes your home directory the second you revoke the GitHub token it stole from you. The compromise happened today, across 42 official tanstack npm packages, 84 malicious versions in total. tanstack/react-router alone pulls more than 12 million weekly downloads. The attacker forked TanStack's repository and pushed a single hidden commit. From there, they tricked TanStack's own release system into signing the malicious packages as if they were the real thing. To npm, and to anyone checking the cryptographic proof of origin (SLSA provenance), the poisoned versions looked 100% legitimate. Maintainer Tanner Linsley confirmed the whole team had 2FA enabled. It didn't matter. This is the first documented npm worm in history that ships with a valid, signed certificate of authenticity, the same one defenders rely on to know a package wasn't tampered with.
English
Pasi-Pekka Karppinen retweetledi
🚨 Update: @mistralai npm packages are now confirmed compromised as part of the ongoing Mini Shai Hulud attack.
Affected versions:
@mistralai/mistralai 2.2.2, 2.2.3, 2.2.4@mistralai/mistralai-azure 1.7.1, 1.7.2, 1.7.3@mistralai/mistralai-gcp 1.7.1, 1.7.2, 1.7.3If you use the Mistral SDK in any CI pipeline, treat your environment as compromised. Rotate npm tokens, GitHub PATs, and cloud credentials immediately.
Aikido Security@AikidoSecurity
🚨 Update: Mini Shai-Hulud supply chain attack is back and hit the TanStack npm ecosystem today. At least 84 packages were compromised in two waves starting at 19:20 UTC. @tanstack/react-router, @tanstack/history, @tanstack/router-core, and dozens more across tens of millions of weekly downloads. This is likely from the same TeamPCP campaign behind the SAP npm compromise two weeks ago. If you ran npm install on any @ tanstack package today, treat your environment as compromised. Rotate GitHub tokens, npm tokens, cloud credentials, and CI secrets immediately. Tanner Linsley confirmed affected versions have been unpublished.
English
Pasi-Pekka Karppinen retweetledi
My Bubble Detector says the US stock market is in bubble territory.
So does the bond-stock yield spread.
Buckle up.
x.com/Hedgeye/status…
Hedgeye@Hedgeye
The 10Y Treasury yield now exceeds the S&P 500's earnings yield by 90 bps, the second deepest negative spread since 2002.
English
Pasi-Pekka Karppinen retweetledi
Pasi-Pekka Karppinen retweetledi
Pasi-Pekka Karppinen retweetledi
The Apple Lisa is back! The open source LisaFPGA Project recreates the legendary 1983 machine with modern essentials like HDMI and USB. hackster.io/news/the-1983-…
English
Pasi-Pekka Karppinen retweetledi
Pasi-Pekka Karppinen retweetledi
