I built a security scan skill for AI agents to handle the manual heavy lifting. 🛠️🛡️ Add it to your project in seconds: npx skills add devbyray/agent-skill-security-scan Full details on GitHub: github.com/devbyray/agent-sk… What should I automate next? 👇 #AI #InfoSec #DevTools

Just about an hour ago in Dallas. #huphollandhup #FIFAWorldcup #oranje

DALLAS = ORANJE! 🧡🫨 #NothingLikeOranje #FIFAWorldCup #NEDJPN

npm v12 will stop running dependency install scripts by default. Postinstall scripts have powered many recent npm supply chain attacks, from Nx s1ngularity to Shai-Hulud. It won’t solve everything, and it should not have taken this long, but it closes a very real attack path.

Less than 24 hours ago, Anthropic dropped Claude Fable 5. Minds are blown. And people are already coming up with wild use cases. 10 examples:

npm recently introduced staged publishing, and it directly targets the attack pattern behind most of the supply chain compromises we tracked this year. Instead of npm publish pushing packages live instantly, npm stage publish puts them in a queue. A human with 2FA has to approve, preventing attackers from pushing malicious package versions with stolen tokens We open-sourced a SAST rule that catches "npm publish" in your GitHub Actions workflows and flags it for migration.

Okay this is genuinely insane. SpaceX just unveiled a satellite whose only job is to run AI. Not internet. Not GPS. Just compute, floating in orbit. It's called AI1, and the reason behind it breaks your brain. AI data centers on Earth are hitting a wall, not a chip wall, a physics wall. They need staggering amounts of power and water just to stay cool, and we're running out of grid and land to build them. So Musk's answer is: stop building them on Earth. In orbit, the sun never sets. Free power, 24/7. No water for cooling, you just radiate heat into the vacuum of space. The two things choking AI on the ground barely exist up there. And here's the wild part: Musk says it's easier to build than a Starlink satellite. Strip out the complex antennas and it's "a lot of solar cells, a radiator, and some laser links." One AI1 carries the compute of an Nvidia GB300 rack, the same hardware data centers fight over down here. AI1 is just the first one. The plan is a constellation of up to a million of them. And the timing isn't an accident, SpaceX goes public this week at a ~$1.75 trillion target. This isn't a rocket company anymore. It's positioning itself as the power grid for AI, in space. The race for AI compute just left the planet. Literally. @SpaceX

Traditional malware sneaks onto a machine. Supply chain malware gets invited. The developer runs npm install and the malicious code lands with full permission to execute. That inversion breaks both EDR and proxies at the design level. EDR has no way to tell the difference between malicious code and legitimate code doing the exact same thing. And proxies only work when developers are actually on them, which they often aren't. The scan never runs. Both tools solve real problems for the threats they were designed for. Supply chain attacks just aren't one of them.

VoidZero, the team behind Vite, Vitest, Rolldown, Oxc, and Vite , is joining Cloudflare. Vite stays open source, vendor-agnostic, and built for everyone. cfl.re/3Q1XYSX

Wake up babe: VoidZero just joined Cloudflare

‼️🚨 A new npm supply-chain attack compromised 57 packages across over 286 malicious versions in under 2 hours. The attackers used self-replicating malware, a new version of the Miasma worm, which also used evasion techniques to stay under the radar. The payload targets CI/CD and developer credentials, including GitHub Actions secrets, cloud credentials, Vault tokens, SSH keys, npm and GitHub tokens, and password-manager stores. This variant also injects AI coding assistant config files at `.claude`, `.cursor`, `.gemini`, and `.vscode` paths, a separate persistence and repo-poisoning angle.

⚠️ New "IronWorm" supply-chain attack: 30 npm packages from @ asteroiddao shipped a malicious Rust binary firing on preinstall. It sweeps 86 env vars 20 credential files (AWS, GCP, Vault, npm, plus AI keys like Anthropic & OpenAI), hits Exodus wallets, hides behind an eBPF rootkit, and beacons over Tor. Self-propagates via npm Trusted Publishing OIDC, with backdated commits faked as claude/dependabot/renovate.

⚠️ Multiple @ redhat-cloud-services npm packages were found carrying malicious payloads that fire via a preinstall hook on every npm install. All packages were published via GitHub Actions OIDC, indicating the CI/CD pipeline was compromised. The payload targets GitHub Actions secrets, AWS, GCP, Azure, Kubernetes, HashiCorp Vault, npm and CircleCI tokens. It reads /proc/mem to bypass log masking, self-propagates via harvested npm tokens bypassing 2FA, and persists on developer devices via Claude Code and VS Code injection.

Mapbox is expensive and runs on US infrastructure. Today we're launching Rijwind: the European alternative. Map tiles, geocoding and routing, hosted in 🇳🇱 The Netherlands. Privacy-friendly by default. More features coming soon!

🚨 NPM Malware-slop Alert!🚨 We detected and reported a malware-slop package to npm - the malware uses it's OWN PRIVATE GitHub token, which is EMBEDDED INSIDE the malware itself - to read sensitive information and upload it to the threat actor's GitHub repository. The malware is still live on npm - npmjs.com/package/mouse5212-… The threat actor's GitHub page was opened 5h ago - github.com/unplowed3584 Detailed report will be published tomorrow.

There's security, and there's clankers.

Enforce mininum age policies at the network level with Aikido device protection. No bypass for claude, cursor, or the like.

Block malicious browser extensions, IDE plugins, and code libraries. Aikido Device Protection gives you visibility and control over the software packages installed on your dev's devices.

🚨 BREAKING: Active supply chain attack across npm, PyPI, and Crates.​io. Socket detected TrapDoor, a crypto stealer campaign hitting 34 malicious packages and 384 versions and artifacts, with attackers repeatedly pushing new releases across ecosystems. TrapDoor targets #crypto, #DeFi, AI, and security developers, stealing wallets, SSH keys, cloud credentials, GitHub tokens, browser data, env vars, and API keys. Socket detected releases with a median detection time of 5 minutes, 27 seconds. The fastest detection occurred 58 seconds after publication.

🚨 Ongoing supply chain attack on Composer packages! We just found multiple laravel-lang/* packages compromised on Packagist (lang, http-statuses, attributes). Payload runs at autoload time. At least 50 package versions were compromised. If you installed a compromised version, the malware already executed. Pin to a clean COMMIT (not version) and rotate secrets immediately. If your lockfile already had an older commit from before today, you are safe. But you should not update at the moment.

200 yıllık biyoloji kitabı bir hafta sonunda öldü. birisi oturmuş, hücreleri 3d gezdiğin bir app yapmış. video oyunu gibi. nöronu döndürüyorsun, aksonun içine giriyorsun, organeli tek tek ayıklıyorsun. > arayüz: gpt image 2 > kod: gemini 3.5 flash iki model. bir hafta sonu. matbaanın 1450'den beri yapamadığı şey. birkaç yıla okullarda standart bu olacak. bizimkiler hala "tablet mi defter mi" tartışıyor. oğlum çocuk hücreyi elinde çeviriyor artık. sen neredesin?