Novo Nordisk has been compromised. Novo Nordisk has confirmed the compromise. Novo Nordisk is the company that became famous after producing weight loss drugs like Ozempic and Wegovy The Threat Actor(s) responsible for the attack has been playfully extorting Novo Nordisk (they're not being playful) and have unveiled some details regarding what was stolen. Interestingly, it appears Novo Nordisk has it's own internal AI thing because some of the data stolen was stuff from their internal AI agents. Data stolen (according to the Threat Actor): - Trained model checkpoint (16GB) - Proprietary training dataset (407MB) - Full source code (modeling_novopert.py, training pipeline) - 113 training runs with complete logs - Internal infrastructure maps (HPC, Slurm, SSH) - Container images (53GB ) - Developer identities and internal hostnames - Private GitHub repository URL

Arch Linux is still having supply-chain attacks and other misc. security issues. This is devastating to the over 25 people who use Arch as a daily driver.

This is the only angle that does that miracle justice.

OG Anunoby leaving Toronto and thriving in America like every homegrown Waterloo software engineer

the most sinister, hopeless backroom in mahattan

Hidden gem!!!

Another iOS app accidentally shipped a CLAUDE.md file: Netflix

I just open sourced my "Is this slop?" simple test

One of my personal favorite features announced at WWDC will I suspect be a sleeper hit: container machines, allowing your Mac to run a lightweight, persistent Linux environment with your home directory and repos automatically mounted: github.com/apple/container/b…

I don’t know how this referee is making it out of New York tonight

Before AI, I’d spend a weekend building 1 useless app. Now I can build 67 useless apps over a weekend, each with a logo, a fancy webpage, and 0 user.

As someone who: > Hacked basically every component of openclaw's ecosystem (harness, skills ecosystem etc) > Helped lead security, trust & threat modelling > Found 15 CVE's in the software Absolutely do not run OpenClaw on your enterprise device.

Someone hid a self-replicating worm inside 37 npm packages. Written in Rust. Hidden behind an eBPF kernel rootkit. Talking to its operator over Tor. It steals 86 environment variables. AWS keys. GCP keys. Vault secrets. Kubernetes tokens. Your Anthropic API key. Your OpenAI key. Your Exodus wallet seed phrase. Then it uses your own npm credentials to republish itself into your packages. So your code infects the next developer. Who infects the next one. The commits were backdated up to 13 years. The commit author name was “claude.” The malware named itself after the AI to hide in plain sight. The attacker also left their own wallet recovery phrase in the debug data. Nobody is having a good day. Check your preinstall hooks.

Can we PLEASE for the love of all that his holy STOP NORMALIZING THIS INSTALL METHOD

did you know that in most white collar jobs you can just go for a 15-20 minutes walk multiple times a day and they just like don't care

the four horsemen of the apocalypse

another week at the prompt factory.

RT @wongmjane: Even my Instagram account got hacked The password got changed without my knowledge and I was getting different password res…

Me celebrating my 10% YTD return after missing out on generational wealth in semis and memory:

Opus 4.8 is insane guys. It one shotted my session usage limit.