Redhat employee had leaked credentials, threat actor used those credentials to push some files to GitHub, which executed the code in a GitHub action which had trusted access to publish to NPM.

Essentially, an employee got owned and someone used their access (that they already had) to publish the nefarious code.

You’ll see GitHub Actions in these often, as that’s how a lot of big open source organizations publish their packages and run tests/deployments. It’s less of a “GitHub based problem” and more of a “trust boundary problem”, if they used other services, the same problem could likely have still been successful.

Best Hemisphere.

They are everywhere. There are so many dead or dying trees in many of our nature reserves, all showing the telltale signs of these lil fuckers.

It’s super sad to see bug old trees devastated by them. 😭

Was a different cafe by the looks…

“In February, police seized similar posters from Dissent cafe in Canberra. The artwork, by protest artist group Grow Up Art which is not connected to Agzarian, depicted various world leaders including the Israeli prime minister, Benjamin Netanyahu, Russian president, Vladimir Putin, and US president, Donald Trump, in Nazi uniforms.”

Yeah, yesterday might have been the best time; but today is for sure better than tomorrow or next week.

You sir, are MVP.

I mean, if you read the OP, it says at the end. The clients are Apache2 and can just be formed if the API starts drifiting.

I think facial recognition technology is very different to threadiverse software. The fact that those technologies are trained on predominantly-white data is no surprise, both of your examples are data-based (ML models) where the data itself contains the bias.

I am talking more of the open-source projects, it’s important; as you rightfully call out, that we have a varied group of opinions within the developer group 👍

Hmm, you’re talking about the little red warning triangle? In theory this could be cool if it was something each instance could configure using custom url-lists (as you know we all don’t agree on which perspective is “right”) but if it’s coming packaged with PieFed, then I would call that inherent bias in the product. 🤨

Yeah, I’m not a huge fan of it myself and don’t see the need for it really. If that’s right about the baked-in blocklist, then this was the right choice. You should be able to craft your own blocklists, if you so choose to.

Personally I don’t see why the views of those that write software should really concern us, as long as the technical implementation is not biased. It’s open-source and people can take it and do with it what they please. No-one is forcing you to accept certain views or think about things critically (including assessing others viewpoints that may be different to yours). I feel like it’s a bit of a waste of time to worry about these things.

Lmao, who is this guy? db0 is cool, and so is Quokka 🤣 What a cooker. (p.s. will this get me added to the list?)

They won’t if it’s more expensive? A small portion of people are buying it, but more would if tbe price was at least at parity.

duh, you’re right I can’t read 😂

Yeah, extremely poor framing cybernews. if Microsoft fail to adequately respond to bug bounty, it’s within the best interests of everyone to have this published publicly. (otherwise it’ll just get sold on the dark web)

the real issue is Microsoft’s poor escuse for an operating system, windows 11 seems to be packed full of backdoors and system-level exploits that they refuse to acknowledge or fix by the sounds?

I’m not sure on an answer to your question, but I am interested as to what hardware you run this on?

Been using the Japanese Shinkansen lately. 270km/h, quick stops in major cities and occasionally smaller towns mid-way on the route. This is what we need Syd->Cbr->Mel! Proper electric high-speed trains. Such a no-brainer!

Would bring Syd->Cbr to under ~1.5 hours.

And Australia this time! 😂

Or effects its already having…

ahh and it always seems somehow related back to QUIC!