vince

There is a project on GitHub called Axios. Axios is extremely popular. It is used by millions upon millions of applications. Axios is a programming library that helps your JavaScript code make HTTP/S requests (communicate with websites). In simple terms, if you're a programmer doing something with JavaScript, and want to do stuff that communicates with a website in literally any capacity, people heavily recommend using Axios due to its simplicity. Using Axios you don't have to reinvent the wheel and do a bunch of work. All you need to do is import Axios into your code and you're off to the races. Someone (currently unknown) compromised Axios (currently unknown how) to deliver malware to people. When someone updates or installs Axios, Axios itself contains malware. What the malware does is (currently) unknown, but it is being reversed engineered by probably every malware analyst on the planet at this moment. In a few hours more details will emerge. Information is being exchanged in real time on social media and private communication platforms as I write this. Due to the size and popularity of Axios, it is unknown how many are impacted, it could be millions, it could be thousands, or if we're lucky, only hundreds of people or organizations will be impacted. If this is absolute worst case scenario, millions of organizations across the planet have been infected with malware which (currently) we do not understand. However, the likelihood of this is low. It appears Axios being compromised was detected quickly, potentially within minutes (or hours) of it being compromised to deliver malware. Additionally, the likelihood of every single Axios user updating Axios as soon as it was compromised to deliver malware is astronomically low. It is basically zero. The impact from Axios being compromised is devastating, the fallout from this will be a massive headache. This is unironically a malware nuclear missile and will likely be studied in the future.

"Historically, Lifesteal was calculated before some damage reductions or amplifications were applied. As a result, you could gain health from attacks that dealt no damage (like attacks against a hero affected by Aeon Disk's Combo Breaker). This will not happen anymore." > bear market things

what kind of sick math is this icefrog

All innate abilities that used to scale with other abilities now either provide unchangeable bonuses or improve on 'per level' basis Abilities that improve with hero level have base value and increment value. Some also have amount of levels required for increment > dafuq did i just read

wish i had an AI subscription to read all this shit in 15 minutes dota2.com/patches/7.41

I co-founded Augur, the first decentralized prediction market, and was founding CSO of Gnosis, the second. Polymarket still runs on Gnosis contracts. I'm glad prediction markets finally broke through. But I'm not going to pretend that what's being scaled right now is what we built these systems to do.

aspirational

@resistancemoney markdown saved me from my personal hell aka microsoft word’s interface

guy who writes everything in markdown now, but refuses to let robots write for him

White House Calls for Retraction of ABC Report Over Iran Drone Threat decrypt.co/360966/white-h…

@resistancemoney based

need a bitcoin shitpoast? I gotchu fam. want an actual argument? we have that too. thousands of bangers for your use and pleasure, all trained on Resistance Money and on tweets from yours truly: resistance.money/tweets/

rest in power, ser dukeupress.wordpress.com/2026/02/24/far…

🚨BREAKING NEWS🚨 JEFFREY EPSTEIN KEPT A FULL COPY OF THE 2005 BASH REFERENCE MANUAL justice.gov/epstein/files/…

Jeffrey Epstein was an early investor in Coinbase. Coinbase co-founder Fred Ehrsam appears to have been personally aware and supportive of the convicted sex offender’s multi-million dollar investment in the company, in 2014. Details are in the latest batch of Epstein files from the DOJ. Story here: decrypt.co/356620/jeffrey…

@Phalcon_xyz @crosscurvefi check dm, thanks!

.@crosscurvefi was reportedly attacked several hours ago, resulting in approximately $2.76M in losses across multiple chains, including over $1.3M on Ethereum and $1.28M on Arbitrum. The team has issued a notice advising users to stop interacting with the smart contracts. Our initial investigation suggests the root cause seems to be an authorization bypass in the ReceiverAxelar contract. A permissionless function, expressExecute(), could reach the privileged _execute() path without passing Axelar Gateway authorization. In Axelar's intended security model, cross-chain messages must first be approved by the Gateway (proof-backed) and then validated on the destination chain via validateContractCall(), which binds (commandId, sourceChain, sourceAddress, contractAddress, payloadHash) to a single authorized execution. However, the expressExecute() path skipped this validation entirely and relied only on peer checks using attacker-controlled sourceChain and sourceAddress, which provided no real security. This allowed an attacker to submit a spoofed message, take the receiveData branch, and execute an arbitrary payload that ultimately triggered unlock() on the Eywa CLP Portal, leading to unauthorized release of cross-chain assets.

we reconcile only that which we are willing to youtu.be/h7pNabnLcQI?si…

you say you got em words but i never seen you write open.spotify.com/track/0rBMP6VV…

“Onchain social isn't dying, it’s just shedding the myth that decentralization alone is enough.” Our Head of Socials @wasavi_eth shares her take on why Farcaster's move signals a maturing phase for on-chain social, prioritizing sustainability over ideology, in a latest article from @DecryptMedia by @0x_exitnode

"The Philippines is one of the most dangerous countries for reporters, according to Reporters Without Borders (RSF) data. Community journalists like Cumpio are especially vulnerable as they find themselves in the crosshairs of long-established political dynasties and warlords. In 2009, a political clan in the southern province of Maguindanao massacred 58 people, mostly journalists, to stop the clan's rival from filing an election challenge." bbc.com/news/articles/…

Filipinos are so crazy about basketball we even have local versions of Stephen Curry and LeBron, posing as tourists in Singapore.