I work in Finance ๐ซฉ| Dev @yield_xyz | Prev @SUPRA_Labs @RenzoProtocol | Views are my own
Joined October 2019
- Tweets 673
- Following 605
- Followers 287
- Likes 4,330
88 Photos and videos
Jun 10
FOLD
Jun 8
New in macOS 27:
You can now resize iPhone mirroring to look like an iPad display
32
Jun 8
I wanted validation, Apple gave me a keynote.
A few weeks back, @_PrabhpreetSing and I started building an on-device memory layer for your work.
The idea was: your AI should know your work without your work leaving your laptop.
Turns out Apple thinks so too.
#sherlocked #wwdc26
1
102
anshulrai.eth retweeted
May 24
Really good time to consider putting your SSH Keys on a hardware security key, such as a Yubikey.
May 24
๐จ BREAKING: Active supply chain attack across npm, PyPI, and Crates.โio.
Socket detected TrapDoor, a crypto stealer campaign hitting 34 malicious packages and 384 versions and artifacts, with attackers repeatedly pushing new releases across ecosystems.
TrapDoor targets #crypto, #DeFi, AI, and security developers, stealing wallets, SSH keys, cloud credentials, GitHub tokens, browser data, env vars, and API keys.
Socket detected releases with a median detection time of 5 minutes, 27 seconds. The fastest detection occurred 58 seconds after publication.
22
21
415
77,401
May 24
Honestly, one of the easiest security upgrades you can make on macOS is installing @littlesnitch.
It shows you when apps are trying to connect out from your machine, and itโs honestly eye-opening how many apps quietly phone home in the background.
At the very least, do this on your main work device.
36
anshulrai.eth retweeted
May 12
Update 5:05 PT: The attack has now expanded well beyond @TanStack and @Mistral.
373 malicious package-version entries across 169 npm package names, including @uipath, @squawk, @tallyui, @beproduct, and more.
The malware propagates by stealing your CI credentials and using them to publish new compromised versions.
Full IOCs, affected package list, and detection steps: aikido.dev/blog/mini-shai-huโฆ
May 11
๐จ Update: @mistralai npm packages are now confirmed compromised as part of the ongoing Mini Shai Hulud attack.
Affected versions:
@mistralai/mistralai 2.2.2, 2.2.3, 2.2.4@mistralai/mistralai-azure 1.7.1, 1.7.2, 1.7.3@mistralai/mistralai-gcp 1.7.1, 1.7.2, 1.7.3If you use the Mistral SDK in any CI pipeline, treat your environment as compromised. Rotate npm tokens, GitHub PATs, and cloud credentials immediately.
75
469
2,630
2,404,386
anshulrai.eth retweeted
Apr 22
๐จ BREAKING: Socket and @Docker uncovered what appears to be a broader Checkmarx supply chain compromise affecting official KICS Docker images and recent Checkmarx VS Code extension releases.
We found malicious images in the official checkmarx/kics Docker Hub repo, including overwritten tags and a new tag outside the normal release flow.
Our analysis also found signs that recent Checkmarx extension releases introduced code capable of downloading and executing what appears to be a malicious remote addon.
Weโre in touch with the Checkmarx team and still investigating the incident.
23
141
576
187,019
anshulrai.eth retweeted
Feb 26
If The Big Short was about the 2024 Memecoin Bubble
155
84
1,091
105,013
25 Nov 2025
Def excited to experience Japan again
24 Nov 2025
We're pumped to announce our 2026 in-person hackathon calendar!
๐ซ๐ท Cannes โ April 3-5
๐บ๐ธ New York โ June 12-14
๐ต๐น Lisbon โ July 24-26
๐ฏ๐ต Tokyo โ September 25-27
๐ฎ๐ณ Mumbai โ Q4
220
23 Nov 2025
Wild how many people on CT are mixing up Devcon and Devconnect
1
1
108
15 Nov 2025
Need more pictures ngl
15 Nov 2025
Btw this fair happens in Kinnaur, Himachal Pradesh. If this fair were in Japan, the internet would've gone crazy. India just needs a better PR team.
1
172
10 Nov 2025
In the Goldilocks Zone of AI browsers:
Atlas does too little,
Comet does too much,
Dia lands just right.
1
69
7 Nov 2025
Someone should create a @Polymarket for this
6 Nov 2025
Hi everyone,
Grand Theft Auto VI will now release on Thursday, November 19, 2026.
We are sorry for adding additional time to what we realize has been a long wait, but these extra months will allow us to finish the game with the level of polish you have come to expect and deserve.
1
119
