Yeay I made it #AWScommunity #AWSCommunityBuilders

the creator of C just explained why most developers will never become senior - and it has nothing to do with years of experience > AI code is trained on legacy patterns - accepting it blindly is a mid move > 90% of memory bugs come from old coding habits, not the language itself > static typing isn't annoying overhead - it's what lets you design instead of debug > if you only know one language, you're a hobbyist, not a professional > seniors solve real problems - juniors build tools to scratch their own itch > the same principles apply whether you're writing web apps or autonomous agents - clean architecture over clever hacks the man whose language powers every OS, browser, and trading system alive if you're trying to level up, save this interview

Lewy has left his mark forever 🤜🤛

🚨 We recently discovered that an unauthorized party obtained a token with access to the Grafana Labs GitHub environment, enabling the threat actor to download our codebase. (1/6)

CHAMPIONS 🏆 It's not just a league title. It's history. 💙❤️

🚨 BREAKING: New Linux zero-day "Dirty Frag" lets ANY local user become root on most major distros. The PoC is already public, half of it isn't patched yet. Discovered by researcher Hyunwoo Kim, the exploit chains two kernel bugs and sits in the same family as Dirty Pipe and Copy Fail. ▪️ CVE-2026-43284 (xfrm-ESP Page-Cache Write): patched in mainline Linux. ▪️ CVE-2026-43500 (RxRPC Page-Cache Write): NO PATCH yet. The exploit is reliable by design. Attackers don't have to win a timing race, the system won't crash and alert anyone if it fails, and it succeeds nearly every run. The embargo got broken before distros could ship fixes, so the working code is now sitting on GitHub. Confirmed working on: Ubuntu 24.04.4, RHEL 10.1, openSUSE Tumbleweed, CentOS Stream 10, AlmaLinux 10, Fedora 44.

WHERE THEY’LL MAKE HISTORY @Topuriailia vs @Justin_Gaethje @AlexPereiraUFC vs @Ciryl_Gane [ #UFCWhiteHouse | JUNE 14 | LIVE on @ParamountPlus ]

Just found this awesome free tool for generating Kubernetes diagrams automatically. KubeDiagrams turns your manifests, Helm charts, and even live clusters into clean architecture diagrams in seconds. → Generates diagrams from YAML, Helm, Helmfile, and Kustomize → Can visualize live cluster state → Supports custom resources → Exports to PNG, SVG, PDF, and draw.io → Free and open source Super useful for docs, onboarding, and understanding cluster architecture fast. Repo: github.com/philippemerle/Kub…

ex-Googlers published a map of every internal tool Google uses and its open-source equivalent. 15,200 stars. 1,100 forks. 99 contributors. → Borg = Kubernetes → Spanner = CockroachDB → Colossus = HDFS → Dremel = DuckDB / Presto → Chubby = Zookeeper → Stubby = gRPC → Zanzibar = SpiceDB → Blaze = Bazel → MapReduce = Spark everything Google engineers use every day. all of it has an open-source equivalent. none of it requires working at Google. like bookmark

AND STILL! 👑 Naoya Inoue's crowning moment. A pound-for-pound great 🐐 #InoueNakatani | Live now on DAZN ▪️

The dream begins. FC Barcelona x @spotify x @oliviarodrigo 💙❤️🩷

‼️🚨 BREAKING: An AI found a Linux kernel zero-day that roots every distribution since 2017. The exploit fits in 732 bytes of Python. Patch your kernel ASAP. The vulnerability is CVE-2026-31431, nicknamed "Copy Fail," disclosed today by Theori. It has been sitting quietly in the Linux kernel for nine years. Most Linux privilege-escalation bugs are picky. They need a precise timing window (a "race"), or specific kernel addresses leaked from somewhere, or careful tuning per distribution. Copy Fail needs none of that. It is a straight-line logic mistake that works on the first try, every time, on every mainstream Linux box. The attacker just needs a normal user account on the machine. From there, the script asks the kernel to do some encryption work, abuses how that work is wired up, and ends up writing 4 bytes into a memory area called the "page cache" (Linux's high-speed copy of files in RAM). Those 4 bytes can be aimed at any program the system trusts, like /usr/bin/su, the shortcut to becoming root. Result: the next time anyone runs that program, it lets the attacker in as root. What should worry most: the corruption never touches the file on disk. It only exists in Linux's in-memory copy of that file. If you imaged the hard drive afterwards, the on-disk file would match the official package hash exactly. Reboot the machine, or just put it under memory pressure (any normal system load that needs the RAM), and the cached copy reloads fresh from disk. Containers do not help either. The page cache is shared across the whole host, so a process inside a container can use this bug to compromise the underlying server and reach into other tenants. The original sin was a 2017 "in-place optimization" in a kernel crypto module called algif_aead. It was meant to make encryption slightly faster. The change broke a critical safety assumption, and nobody noticed for nine years. That bug then rode every kernel update from 2017 to today. This vulnerability affects the following: 🔴 Shared servers (dev boxes, jump hosts, build servers): any user becomes root 🔴 Kubernetes and container clusters: one compromised pod escapes to the host 🔴 CI runners (GitHub Actions, GitLab, Jenkins): a malicious pull request becomes root on the runner 🔴 Cloud platforms running user code (notebooks, agent sandboxes, serverless functions): a tenant becomes host root Timeline: 🔴 March 23, 2026: reported to the Linux kernel security team 🔴 April 1: patch committed to mainline (commit a664bf3d603d) 🔴 April 22: CVE assigned 🔴 April 29: public disclosure Mitigation: update your kernel to a build that includes mainline commit a664bf3d603d. If you cannot patch immediately, turn off the vulnerable module: echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf rmmod algif_aead 2>/dev/null || true For environments that run untrusted code (containers, sandboxes, CI runners), block access to the kernel's AF_ALG crypto interface entirely, even after patching. Almost nothing legitimate needs it, and blocking it shuts the door on this whole class of bug...

🔥 GitHub RCE via single git push! CVE-2026-3854: Unsanitized push options let attackers run commands on backend servers, bypassing sandboxing (cross-tenant risk). 🔗 Learn how header injection led to full compromise → thehackernews.com/2026/04/re… Patched within hours.

Wise words by Freya Mehta at North Bay Python. (On what to do in Python vs. statically compiled languages.)

PESTA BABI di Base G, Jayapura. Salah satu alasan mengapa di zaman podcast dan Tiktok, kami masih bikin dokumenter.

wow

Ubuntu 26.04 LTS has landed with massive upgrades! itsfoss.com/news/ubuntu-26-0…

Papua bukan tanah kosong. Bukan ruang yang baru mulai “hidup” setelah ada proyek, bantuan, atau rencana dari luar.

Sembari kamu membaca tweet ini, jumlah pengungsi internal (IDPs) di Papua terus bertambah. Konflik 2018-2026 bukan sekadar angka. Ini tentang ribuan warga yang punya rumah, punya tanah, tapi tak bisa pulang karena keamanan yang tak kunjung datang. Mereka asing di tanah sendiri. 💔 Suarakan, jangan biarkan mereka dilupakan. 👇 #PengungsiInternalPapua #IDPsPapua #Papua #Indonesia #WestPapua #PapuanLivesMatter jubi.id/ | FB: JubiNews | X: @News_jubi | IG: newsjubi | Tiktok: @jubinews | Youtube: @jubinews

We fought until the end.