we're hiring our first ever brand owner in nyc beside is a phone that understands, captures, and acts we're cooking a lot crazy stuff rn -- what you can do when you own the phone number (carrier-grade) with agents running at the core is endless help bring beside to the world🌎

Beside is now live on Android 🌎 The real economy doesn’t stop at iOS. We’ve expanded our coverage to Android to further power individuals & teams across the US.

Beautiful

i've been hacked and traced the malware's wallet to see how much money they actually made from this new exploit (if you use Next.js/React, READ THIS!) I woke up to a terrifying email from Hetzner: "Netscan Detected." my server was blocked and a botnet was using my IP to attack others i dug into the logs and what I found the anatomy of the attack: 1) The Symptoms: I logged into htop and saw the mess: - CPU usage: 361% - A process named ./3ZU1yLK4 running wild - Random connections to an IP in the Netherlands my server wasn't serving my app anymore; it was mining crypto for someone else! 2) The Culprit: It wasn't a random SSH brute force. It was inside my Next.js container the malware was sophisticated it renamed itself nginxs and apaches to look like web servers it even had a "killer" script that hunted down other hackers' miners to kill the competition 3) The "Root" Cause (literally): Probably the recent React/Next.js CVE-2025-66478 exploit was the entry point (my project was running on "next": "15.5.4", behind cloudflare dns, but their recent fix didn't work apparently) but the fatal error was mine: my Docker container was running as ROOT Coolify deploys like this automatically when using Nixpacks, and I never changed it... so because of USER root, the malware could install cron, systemd, and persistence scripts to survive reboots meaning, it was able to infect my whole server, from a single Next.js docker! 4) The Forensics: I ran docker diff on the container - the hacker didn't just run a script, they installed a whole toolset.. - /tmp/apaches.sh (The installer) - /var/spool/cron/root (The persistence) - /c.json (The wallet config) 5) The Fix: I killed the container, scrubbed the host, and extracted the malware for analysis. but the real fix is in the Dockerfile. if you are deploying Node/Next.js, DO NOT use the default (root), you must: - RUN adduser --system nextjs - USER nextjs if you have Docker on ROOT and didn't update the exploited react version, you'll be hacked soon check your containers NOW. Run: docker exec <container_id> id (or get the full list first: docker stats --no-stream) If it says uid=0(root), you are one vulnerability away from being a crypto-miner host. (it's easy to notice when hacked, it will be a command running on the top CPU%, using all your hardware resources) 6) The Money: I dug deeper and recovered the config file (c.json) - Wallet: A Monero (XMR) address: 831abXJn8dBdVe5nZ*** - Pool: auto.c3pool . org and ofc i tracked the hacker’s wallet on the mining pool 7) The Scale: My server wasn't alone. It was just 1 of 415 active zombies in this botnet they are burning the CPU of 400 cloud servers... to earn... guess how many millions? $4.26/day on the image attached you can see: "Total Paid: 0.00", meaning this campaign just started. I caught them on Day 1. i also tracked back the server where they hosted the malware, and by inspecting the code, I found several comments in Chinese, so I guess that's their origin im rebuilding from scratch on a fresh VPS. the lesson was expensive, but at least I caught it before the hosting nuked my account permanently... PS: I have the IP for all the other machines mining with that malware, not sure how I can help them, but feel free to contact me if ur doing infosec stay safe

Just wrote a small article on Koin Annotations and how to avoid declaring modules and classes to be inject via @ComponentScan and @Configuration ! Take a look! medium.com/p/bc81d6c89440

We ran a randomized controlled trial to see how much AI coding tools speed up experienced open-source developers. The results surprised us: Developers thought they were 20% faster with AI tools, but they were actually 19% slower when they had access to AI than when they didn't.

Just wrote a small article on how to display user feedbacks (toasts, snackbars, dialogs & custom views) on Android using Compose! Feedbacks much appreciated folks! medium.com/@beranger.guillau…

Official KMP support for Firebase is requested a lot whenever we talk to developers. If you want to let the team at Google know, please vote for and add a comment on this issue explaining why you want to see this: firebase.uservoice.com/forum…

> opening the nintendo 64 > 1998 > plug it in > put goldeneye in for the first time > kill the dude from the bathroom vents hundreds of times > hit a triple jump in mario 64 > tears of joy streaming down cheeks > unbridled joy > opening the playstation 5 > 2025 > pure dread > find wifi, dig up password, connect > create psn account > no disc slot to put anything in, emasculated > demands credit card information > controller needs charge > please wait while we download 130gb game > maybe will play tomorrow > it's time to schedule your colonoscopy

We knew very little about how LLMs actually work...until now. @AnthropicAI just dropped the most insane research paper, detailing some of the ways AI "thinks." And it's completely different than we thought. Here are their wild findings: 🧵

TODAY'S AI NEWS: A new AI startup, Reve, just dethroned leading image generation giants! Plus, more news from DeepSeek, Qwen, Google, Alibaba, and more. Here's everything you need to know:

Wrote an article about how we implemented the Magic Eraser feature in the ProperShot Android app! medium.com/@beranger.guillau… Check it out!

🎉 🎇 First 'alpha01' artifacts for Compose Hot Reload are available on Maven Central! Enjoy! 🥳 github.com/JetBrains/compose…

Looking for best practices when developing Android apps? - multi modules - convention plugins & version catalog - clean archi - single activity 100% Compose - offline support with reactive screens - DI with koin annotations and much more to explore! github.com/Beb3r/masterdetai…

Macron just grabbed Trump’s arm and fact-checked him to his face in real time. More of this please.

Facebook WebView is by far the worst thing they ever created... Every time I click on a link I get this laggy buggy pseudo web browser (that doesn't even show videos btw) And I know I know, who still uses Facebook 😅

Modular clean arch project => github.com/Beb3r/masterdetai…

After several delays, @DOGE has finally posted its purported savings. Why did it take so long to create a simple webpage with a 1000-row table? Who knows! Let's dig in. Headline number: $55B saved. They list the savings per nixed contract. This should be easy to verify then. 🧵

Everyone should be using this website to understand the inside of an LLM. I'm surprised more people don't know about it. Benjamin Bycroft made this beautiful interactive visualization to show exactly how the inner workings of each of the weights of an LLM work. Here's a link:

This is the entire code needed to reproduce R1 lol Hundreds of Billions of Dollars Later