Free Training and Courses to Jump into Web 3.0 🧵 #Blockchain #Crypto #web3 #BlackTechTwitter #LatinosinTech #IndigenousinTech #Ethereum #Solana #Bitcoin #100DaysofCode

Cohort 5 of @dxmentorship is now open. If you’ve been looking: •⁠ Grow in DevRel •⁠ ⁠Learn & build in public •⁠ ⁠Build real-world DevRel skills •⁠ ⁠Get guidance from experienced practitioners •⁠ ⁠Stay consistent with a structured system This is your opportunity. 👉 Apply here: dub.sh/dxmentorship

Sofia Coppola Launches $20,000 Short Film Award for Emerging Directors — Exclusive indiewire.com/news/breaking-…

HOW TO MITIGATE A CREDENTIAL BREACH 👇 With all the security breaches right now, I thought I'd share two cents on how the best engineering teams secure their secrets and credentials across local development, CI/CD, and production systems (this should be layered with other defense in depth mechanisms). 1/ Store secrets in a vault: Centralize all secrets with a secrets management tool like @infisical. Instead of chasing down secrets across 50 apps and environments with blind spots, lock everything down in a secure vault, encrypted, with tight access. 2/ Eliminate secret zero: Have your applications authenticate with the vault using infrastructure-native auth method like AWS/GCP/Azure/OIDC/Kubernetes Auth. Upon authentication, the vault should issue a short-lived access token that the application can use to fetch back secrets. This uses workload identity so, for example, if you're running a GitHub Actions CI workflow, you can use OIDC to have the CI pipeline authenticate with Infisical and fetch back secrets. 3/ Eliminate static secrets: Most teams have heard of automatic secrets rotation but not dynamic secrets. Secrets rotation is where you update the value of a secret on a per interval basis; this can be your OPENROUTER_API_KEY. Dynamic secrets is where you mint ephemeral secrets on the fly such a PostgreSQL credential. Leaked a secret? At least it's only valid for a finite period. 4/ Log every action: With the right tooling in place, you should be able to trace which applications and people have access to which secrets and all the times that they are accessed. If something goes wrong - you have a trail to look back on. Have a question? AMA I and the team will try to answer as many questions as we can to do with secure secrets management over the next few days.

all secrets in Vercel not marked as sensitive need to be rotated immediately. if you're looking to quickly mark all secrets as sensitive going forward setup auto rotations, try the @infisical Vercel integration to do it in one click

We’ve identified a security incident that involved unauthorized access to certain internal Vercel systems, impacting a limited subset of customers. Please see our security bulletin: vercel.com/kb/bulletin/verce…

Here's how to triage: 1. Go to admin.google.com 2. Security → Access and data control → API controls → App access control → Manage Third-Party App Access 3. Search for client ID: 110671459871-30f1spbu0hptbs60cb4vsmv79i7bbvqj if found → revoke / block

Here's my update to the broader community about the ongoing incident investigation. I want to give you the rundown of the situation directly. A Vercel employee got compromised via the breach of an AI platform customer called Context.ai that he was using. The details are being fully investigated. Through a series of maneuvers that escalated from our colleague’s compromised Vercel Google Workspace account, the attacker got further access to Vercel environments. Vercel stores all customer environment variables fully encrypted at rest. We have numerous defense-in-depth mechanisms to protect core systems and customer data. We do have a capability however to designate environment variables as “non-sensitive”. Unfortunately, the attacker got further access through their enumeration. We believe the attacking group to be highly sophisticated and, I strongly suspect, significantly accelerated by AI. They moved with surprising velocity and in-depth understanding of Vercel. At the moment, we believe the number of customers with security impact to be quite limited. We’ve reached out with utmost priority to the ones we have concerns about. All of our focus right now is on investigation, communication to customers, enhancement of security measures, and sanitization of our environments. We’ve deployed extensive protection measures and monitoring. We’ve analyzed our supply chain, ensuring Next.js, Turbopack, and our many open source projects remain safe for our community. The recommendation for all Vercel customers is to follow the Security Bulletin closely (vercel.com/kb/bulletin/verce…). My advice to everyone is to follow the best practices of security response: secret rotation, monitoring access to your Vercel environments and linked services, and ensuring the proper use of the sensitive env variables feature. In response to this, and to aid in the improvement of all of our customers’ security postures, we’ve already rolled out new capabilities in the dashboard, including an overview page of environment variables, and a better user interface for sensitive env var creation and management. As always, I’m totally open to your feedback. We’re working with elite cybersecurity firms, industry peers, and law enforcement. We’ve reached out to Context to assist in understanding the full scale of the incident, in an effort to protect other organizations and the broader internet. I also want to thank the Google Mandiant team for their active engagement and assistance. It’s my mission to turn this attack into the most formidable security response imaginable. It’s always been a top priority for me. Vercel employs some of the most dedicated security researchers and security-minded engineers in the world. I commit to keeping you updated and rolling out extensive improvements and defenses so you, our customers and community, can have the peace of mind that Vercel always has your back.

AI Fellowship for those starting tech careers. Compensation is $800 in Nairobi. Link: augmentimpact.notion.site/AI…

Applications for DevRel Uni Cohort 7 are OPEN 🚨 Deadline: April 25th. If you're building in AI, Web3, or DevRel, this one's for you 🧵 Dive into a hands-on program featuring sessions led by @dabit8, @nutlope, @francescoswiss, @buzea200, @PSkinnerTech.

If you're building in Africa, pay attention to @vp_fund They backed Moniepoint, Piggyvest, Paystack & LemFi at the earliest stage. They just raised $64M for Fund II & they're actively looking for the next set of founders to plant pre-seeds and seeds.

Gumroad is looking to hire design engineers* ≈2 weeks every quarter. For that period of time, you’ll get paid at our full-time rate of $189k/yr (or $7,200 housing/flights) and work from Gumroad’s NYC office. If it goes really well, you can keep working remote to finish up what you started. Email @Gumclaw to apply! *Software engineers with taste, designers who can code - whatever. Just be high output, creative, and smart

Any founders interested in pitching my friends at Wildwood Ventures? They are an early-stage venture capital firm backing bold founders who are building the future of healthy and active humanity. 💰 Check Size: $300K - $400K Comment "DM" below. Happy to get you connected.

5 days left to shoot your shot! I want to be your first check, not the last!

Applications for Keel Cohort 3.0 are now open! Keel is the NYC accelerator. We believe that young people consistently build extraordinary companies, are inadequately served by today's accelerator market, and have no home east of San Francisco. Keel Cohort 3.0 is: 🏙️ Hosted in NYC. Summer 2026. 12 weeks in-person at our NYC office. 🦄 12 teams. Campus recent-grad AI founders. 🚀 $150K checks. Credits and resources. Founder friendly terms. We’re building the home for young NYC founders. Read more about what we’re building, and apply to Keel Cohort 3.0 at the link below: keel.club/cohort?tw=1

If the algorithm showed you my art, I appreciate any support I get

Opportunity for Creatives ✨ LOV Foundation Open Call: Love Without Ego -$5,000 Grant for Selected Artists . Six selected artists will each receive a $5,000 grant, providing financial support and recognition for projects that engage with the theme. Deadline: Apr 15, 2026

we’re connecting founders in founder’s hub to $1,000,000 being deployed into science, energy, and defense startups if you’re building and raising right now you should be here comment what you’re building and if you’re interested

Open Call for Artists 🎨 The City of Miami is commissioning permanent public artworks at Flagler Villas - 60 units of affordable housing for seniors in District 4. Opportunities include: ✦ Exterior art wall ✦ Interior lobby installation Budget: $100,000 Call opens April 8, 2026 Apply via CODAworx. Full RFQ and details: miami.gov/aipp 
Link in bio. Open to artists 18 . Shortlisted artists receive honorariums. 📩 Questions: ipanasyuk@miamigov.com, ialam@miamigov.com #PublicArt #MiamiArtists #ArtistCall #AffordableHousing #CityOfMiami

We're looking to invest $3,000,000 in the next 60 days. If you’re building something interesting, interact. Applications to our next cohort close today!

what can you get for $5 in sf? a drip coffee, or a week (this week only!) of co-working at the SF Nook, our beautiful community space near the main library (link to sign up below)