This one is wild btw, so many NPM packages have been compromised in the past week I've lost count.
My favourite detail is they download TruffleHog, a security tool to find secrets in source code... and then exfiltrate the secrets. Because they use GitHub Action, proxy blocks don't work.
https://www.stepsecurity.io/blog/ctrl-tinycolor-and-40-npm-packages-compromised
Various Crowdstrike NPM packages were compromised in the past day https://www.stepsecurity.io/blog/ctrl-tinycolor-and-40-npm-packages-compromised
Microsoft CEO Satya Nadella has travelled with Donald Trump to the UK, to sell AI. He says it will lift UK GDP by 10% within 5 years.
What’s striking is there’s no attempt to balance that statement by questioning experts about if the claim is true. https://www.bbc.com/news/articles/c7016ljre03o
Me, looking at that svchost.exe running from AppData
I do not know another way to express to people that trying to appease fascists by “being a good minority” or totally deferring to them publicly has saved absolutely no marginalized group or profession in human history. They are coming after us anyway. Even if you scold peers for not being nice.
It took photographer Marcella Julia Pace ten years to capture these 48 colors of the Moon 🌕
https://www.nationalgeographic.com/science/article/photographer-marcella-giulia-pace-moon-colors
