Ronald Pereira
231 posts
Ronald Pereira
@rondevz
Software Engineer, in short, I work making software. Gymrat, Drummer and Videogames lover.
Morioh Katılım Mayıs 2010
1.5K Takip Edilen122 Takipçiler
I struggled a bit with the text color (header) in the final composition but managed to solve it pretty quickly.
English
Was updating my own portfolio and I decided to try Hyperframes with GPT-5.4. It was a really fun experiment for today coding session.
English
Ronald Pereira retweetledi
Hablemos de CVE-2026-31431 o "Copy Fail" es una vulnerabilidad que afecta TODOS los kernels de Linux desde 2017 en adelante y permite ganar acceso root con una línea de código:
Español
Ronald Pereira retweetledi
🛑 Gemini and Cursor vulnerabilities exposed direct code execution in dev workflows.
#Gemini CLI (CVSS 10.0) auto-trusted folders in CI, letting malicious .gemini/ configs from PRs run on hosts. #Cursor bugs triggered hidden Git hooks and exposed local API keys via extensions.
🔗 Details → thehackernews.com/2026/04/google…
English
Ronald Pereira retweetledi
Ronald Pereira retweetledi
¡Mañana curso de OpenCode desde cero!
El mejor agente de IA de código abierto.
Horario por países:
18H 🇪🇸 17H 🇮🇨
13H 🇺🇾 🇦🇷 🇵🇾
12H 🇨🇱 🇹🇹 🇧🇴 🇻🇪 🇩🇴 🇨🇺 🇵🇷
11H 🇨🇴 🇵🇪 🇪🇨 🇵🇦
10H 🇲🇽 🇨🇷 🇳🇮 🇸🇻 🇭🇳 🇬🇹
Español
Ronald Pereira retweetledi
A Roblox game exploit just caused a $2M data ransom for Vercel some days ago. Sounds like a joke, but it’s a textbook supply-chain attack. 🤯
It’s a massive wakeup call for how we handle OAuth and .env files. Here’s what happened, & how to secure your Laravel apps against it🧵
English
Aiming to release it next week! Until then, I’ll be posting some insights into the process and everything I've learned making Phant happen.
English
I’ve been working on Phant, my desktop app side project, for about 3 months now. It’s been an incredible journey of learning and building. 🚀
English
Ronald Pereira retweetledi
We are today No. 2 on Hacker News
Go and check our Laws of Software Engineering website: lawsofsoftwareengineering.com
English
Ronald Pereira retweetledi
Si en un proceso de entrevista te piden ejecutar código de un repo de github
🚩🚩🚩
Español
Currently having fun on this Onboarding screen for Phant! Just plug and play!
English
Ronald Pereira retweetledi
¡Si usas Agentes de IA, necesitas usar Agent Skills!
¿El problema? Hay miles y es imposible estar al día.
Esta herramienta detecta automáticamente las tecnologías de tu proyecto y te instala las mejores.
$ npx autoskills
Español
Ronald Pereira retweetledi
every developer who ran npm install today just accidentally invited malware into their codebase and has no idea yet 💀
Feross@feross
🚨 CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages. The latest axios@1.14.1 now pulls in plain-crypto-js@4.2.1, a package that did not exist before today. This is a live compromise. This is textbook supply chain installer malware. axios has 100M+ weekly downloads. Every npm install pulling the latest version is potentially compromised right now. Socket AI analysis confirms this is malware. plain-crypto-js is an obfuscated dropper/loader that: • Deobfuscates embedded payloads and operational strings at runtime • Dynamically loads fs, os, and execSync to evade static analysis • Executes decoded shell commands • Stages and copies payload files into OS temp and Windows ProgramData directories • Deletes and renames artifacts post-execution to destroy forensic evidence If you use axios, pin your version immediately and audit your lockfiles. Do not upgrade.
English
Ronald Pereira retweetledi
I can relate to this. There’s a big difference between watching and building. I was a watcher for years, but I only started learning faster once I moved into the build-fail-retry-build cycle. Good reading!
Luis Güette@guetteman
Courses give you answers to questions you haven't asked. Building forces you to ask them yourself. One is watching. The other is learning.
English