Tweet fixado
Veros
2.5K posts
Veros
@boldnames
🇮🇩 VP Product https://t.co/FfnKMTJ0L7 / 3x K8s / Open Source Software / Building https://t.co/LcLcBuEjMM
Jakarta Entrou em Ağustos 2012
118 Seguindo4.6K Seguidores
@grok @ramimacisabird @CharlieEriksen @grok ah so http style, imports from python lib. If you happen to read the _client.py as an AI, would you flag this as a suspicious pattern or would need further evidence?
how often is urllib.request.urlopen equivalent pattern is used for software?
English
In this context from the vibe analysis (and confirmed in the malicious _client.py), "download" means the injected Python code uses urllib.request.urlopen (or equivalent) to do a straight HTTP GET for the WAV file from the C2 at http://83.142.209.203:8080/ (ringtone.wav on Unix/Linux/macOS, hangup.wav on Windows).
No shell commands like wget/curl, no bitsadmin—just native Python HTTP. The WAV is then parsed for the hidden payload.
English
😼New TeamPCP: PyPI package "telnyx" versions 4.87.1 and 4.87.2 contain malware.
These versions were uploaded directly to PyPI (no matching GitHub tags/releases). Downgrade to 4.87.0 or earlier immediately.
Windows payload appears broken in 4.87.1.
English
@ramimacisabird @CharlieEriksen @grok what does "download" mean in this instance or context? like a literal wget, curl, or bitsadmin-like file downloader?
English
Everyone shouldn't be all hyped up on "Solo Vibecoder" producing any meaningful Trillion/Billion dollar business.
Bottleneck will always be on whoever is managing the money, even if the trend leans toward "Agentic Orgs" with no human-in-the-loop (Another BS concept imho).
Bottom line is, do you trust Agent with your money?
If the answer is yes, I'll eat my words on "Agentic Orgs".
English
@aiedwardyi Sure, seems interesting. I am mainly on codex now though, their $20 plan is far more generous than claude.
English
@boldnames the claude usage anxiety is real lol. if you're on Claude Code specifically, I built a statusline that shows your 5h and 7d quota live in your terminal so you stop getting blindsided. check my pin for the github link — zero config, takes like 30 seconds to set up
English
Claude just nerfed your usage. And in response, Codex just reset my limit back to 100% again after having vibe-coded 20k lines of pure solid code.
Thariq@trq212
To manage growing demand for Claude we're adjusting our 5 hour session limits for free/Pro/Max subs during peak hours. Your weekly limits remain unchanged. During weekdays between 5am–11am PT / 1pm–7pm GMT, you'll move through your 5-hour session limits faster than before.
English
@sickdotdev Not unless you know what you're doing, and have tools like review.codes or CodeRabbit
English
@q1uf3ng Curious what your workflow looks like - are you using AI for initial code scanning then manual verification? Or something more automated?
23 CVEs in a month is wild. The real question: how much time did you spend on false positives vs actual findings?
English
What are the limits of AI-assisted vulnerability hunting? I obtained 23 CVEs in one month.
BentoML 8.2k CVE-2026-27905 HIGH
SillyTavern 24.6k CVE-2026-26286 HIGH
Plane 28.2k CVE-2026-27705 MEDIUM
NocoDB 46.4k CVE-2026-28399 MEDIUM
Mautic 8.4k CVE-2026-3105 HIGH
File Browser 27.9k CVE-2026-28492 HIGH
OpenReplay 7.3k CVE-2026-28443 MEDIUM
SuiteCRM 4.0k CVE-2026-29096 HIGH
Pimcore 3.6k CVE-2026-27461 HIGH
Craft CMS 5.2k CVE-2026-32263 MEDIUM
Froxlor 1.6k CVE-2026-30932 HIGH
Actual Budget 3.2k CVE-2026-27638 HIGH
Lemmy 14.0k CVE-2026-29178 MEDIUM
Chartbrew 2.6k CVE-2026-27005 HIGH
Tautulli 1.7k CVE-2026-28505 HIGH
Typebot 9.5k CVE-2026-33712 CRITICAL
LibreChat 34.7k CVE-2026-31942 HIGH
Coolify 33.8k CVE-2026-27883 HIGH
Gotenberg 3.0k CVE-2026-27018 HIGH
Unkey 5.2k CVE-2026-28339 MEDIUM
Piwigo 3.3k CVE-2026-27634 CRITICAL
Pixelfed 10.7k CVE-2026-27011 HIGH
Follow (Folo) 3.0k CVE-2026-27499 HIGH
English
@boldnames There is one option for no background, like nothing at the end for backgroud options, so you can check that if you are talking about that
English
My Chrome extension just hit 100 users in 2 days 🤯
Snapester - turn screenshots into clean, beautiful visuals in seconds. (100% free)
Didn’t expect this kind of response this fast.
Give it a try👇
snapester.com
Create something cool and tag me, I’ll repost 🙌
Shyam@buildwithshyam
My first Chrome extension is live 🚀 Built Snapester to turn boring screenshots into clean, beautiful visuals in seconds. No account. Completely free. Here’s a quick demo 👇 Try it out & would love your honest feedback 🙏
English
@buildwithshyam why no background is still important?
e.g feed ai clean image, or for edge case professional settings (engineer sending debug screenshots in DMs).
just an opinion though.
English
@buildwithshyam maybe consider no-background feature? if i want to replace my current screenshotting extension entirely, I'd be more than happy with screenshot beautifier (snapester) + traditional screenshot/snipping tool.
or is this already in the extension that I missed?
English
@ianmiles @nikitabier Agree 100%.
The idea that you get paid for potentially causing division in societies is atrocious.
Monetization should be neutralized on Geopolitics (Ideology) and Religious discussion.
English
I’m going to go further than @nikitabier and suggest that I don’t think people should be monetized to post about politics at all. Period. It only incentivizes the creation of divisive content because divisive content baits engagement harder than the truth.
Limit the monetization to creative and educational content, like AI, design, photography, art, comedy, and writing. Maybe some business/fintech/crypto but they don’t even need or ask for it and not having their reach crippled is enough.
English
I genuinely don't understand why people are upset about this update.
It will only affect accounts (paid content creators) whose sole purpose is to impression-farm utilizing questionable methods.
Nikita Bier@nikitabier
Starting Thursday, we'll be updating our revenue sharing incentives to better reward the content we want on X: We will be giving more weight to impressions from your home region—to encourage content that resonates with people in your country, in neighboring countries and people who speak your language. While we appreciate everyone's opinion on American politics, we hope this will disincentivize gaming the attention of US or Japanese accounts and instead, drive diverse conversations on the platform. We invite creators to start building an audience locally. X will be a much richer community when there's relevant posts for people in all parts of the world.
English
Patriarki - Equality - Matriarki
Klasik.
Equality dalam tatanan apapun tidak pernah terbukti.
Tatanan itu tertanam secara kosmologis, "power hierarchy" itu tidak bisa dipungkiri.
Tatanan atau sistem dengan model atau teori apapun itu, pasti memiliki "power hierarchy".
Contoh sederhana:
- Organisasi (Komunitas, Bisnis, dsb) coba aksih contoh 1 aja bagaimana Organisasi bisa berjalan tanpa power hierarchy dgn menerapkan equality mutlak?
Gausah jauh-jauh deh, anggaplah patriarki dan matriarki itu buruk, berarti dinamika peran komologis anak dan orang tua itu harus dihapuskan juga?
karena kalau argumennya adalah tidak boleh ada satu pihak (laki atau perempuan) punya kendali atas orang lain, maka secara tidak langsung konsep anak (inferior) dan orang tua (superior) juga salah.
Indonesia
Jawaban serius: karena patriarki.
Tatanan gender di sistem patriarki menempatkan laki-laki sebagai provider. Ketika dia nggak bisa memenuhi ekspektasi ini, maka dia dianggap gagal.
Inilah kenapa sistem patriarki sebenarnya merugikan laki-laki juga. Makanya jangan dilanggengkan.
elzgatza@liogtttscrp
kenapa cowok kalau lagi ekonominya ancurr, skenario pertama di kepalanya adalah berpisah dengan pasangannya???
Indonesia