OpenSSF Responds to the CISA RFC on Software Identification Ecosystem Analysis
alilleybrinker/dcalc
Add and subtract durations to find out how long something takes. - alilleybrinker/dcalc
Nix for Everyone: Unleash Devbox for Simplified Development
Nix for Everyone: Unleash Devbox for Simplified Development
Simplify your development game with Devbox acting as a simplification layer on top of Nix. Use it to install all the tools required to ...
via YouTube https://www.youtube.com/watch?v=WiFLtcBvGMU
Apple muscles in on subscription podcasts | Semafor
Through its sleek Podcasts app, the tech giant is trying to assert greater control of the paid podcast market.
Thorium: The Fastest Open Source Chromium-based Browser?
Fast like Lightning McQueen?
CVE-2024-3094 The targeted backdoor supply chain attack against XZ and libzma
Learn about a new, targeted backdoor supply chain attack against the popular XZ compression utility seen in many Linux distributions such as fedora and debian. Understand it's impact, potential risks and what you can do about it.
Rust developers at Google twice as productive as C++ teams
Code shines up nicely in production, says Chocolate Factory's Bergstrom
Linux xz Backdoor Damage Could Be Greater Than Feared
A mysterious contributor who planted the backdoor helped maintain the widely used xz compression library for the past two years. So what else was hidden in there?
The xz-utils backdoor in security advisories by national CSIRTs
The xz-utils backdoor in security advisories by national CSIRTs, Author: Jan Kopriva
EV buyers want SUVs and sedans, not minivans or trucks, survey says
There's also a wide spread when it comes to acceptable range, Edmunds found.
I did not make this | ❌ SSPL is BAD ❌
Linux Foundation Backs 'Valkey' Open Source Fork of Redis
Redis CEO scoffs at the fork, characterizing it as an underhanded ploy of the cloud providers to avoid paying licensing fees.
Kubernetes and AI: Are They a Fit?
At KubeCon Europe, we heard a lot about the current and future relationship of AI and Kubernetes, the orchestrator originally built to be stateless.
valkey-io/valkey: A new project to resume development on the formerly open-source Redis project.
A new project to resume development on the formerly open-source Redis project. - valkey-io/valkey
Kyiv races to build defensive lines as it braces for Russian offensive | Semafor
Ukraine is building 1,200 miles of fortifications. Some military officials are asking why work didn't start months ago.
JetBrains fixes 26 'security problems,' offering no details
Vendor takes hardline approach to patch disclosure to new levels
GNU Coreutils 9.5 Can Yield 10~20% Throughput Boost For cp, mv & cat Commands
While the uutils Rust-written Coreutils effort has been chugging along, the upstream GNU Coreutils effort is showing no signs of slowing down
Can Military Veterans Alleviate Your Tech Team Hiring Woes?
Hidden skills can include adaptability, public speaking and a knack for documentation.
BeagleY-AI is a $70 Raspberry Pi-shaped PC with a 4 TOPS AI accelerator, WiFi 6 and Gigabit Ethernet - Liliputing
BeagleY-AI is a $70 Raspberry Pi-shaped PC with a 4 TOPS AI accelerator, WiFi 6 and Gigabit Ethernet
I was just able to make a commit as this person, in my own repository
BTW, I am not saying that this is what happened in the #xz backdoor case, but what does not help is, github makes it quite trivial to spoof user accounts... I was just able to make a commit as this person, in my own repository: https://t.co/h7TgTsT5J9 pic.twitter.com/EgoIdGzYKB— hasherezade (@hasherezade) March 31, 2024
DevOps Toolkit - Grand Finale - End to End Demo of the Choosen Tech (You Choose! Ch. 3 Ep. 11) - https://www.youtube.com/watch?v=7-3dVxmG9qs
Grand Finale - End to End Demo of the Choosen Tech (You Choose!, Ch. 3, Ep. 11)
Choose Your Own Adventure: The Treacherous Trek to Security - Grand Finale. In this episode, we'll go through all the choices ...
via YouTube https://www.youtube.com/watch?v=7-3dVxmG9qs
Deploying Burp Suite Enterprise Edition to Kubernetes
To deploy Burp Suite Enterprise Edition to Kubernetes: Step 1: Set up your Kubernetes cluster Step 2: Install the application Step 3: Create the admin user ...
White House orders agencies to tap chief AI officers | Semafor
A sweeping new policy from the Office of Management and Budget also instructs agencies to disclose AI tools they use and prevent discrimination, other risks.
Good! | LMSys Chatbot Arena Leaderboard - a Hugging Face Space by lmsys
Discover amazing ML apps made by the community
Intel, Microsoft discuss plans to run Copilot locally on PCs instead of in the cloud
Companies are trying to make the "AI PC" happen with new silicon and software.
The Night Sky Will Soon Get ‘a New Star.’ Here’s How to See It. (Gift Article)
A nova named T Coronae Borealis lit up the night about 80 years ago, and astronomers say it’s expected to put on another show in the coming months.
'Once-in-a-lifetime' cosmic explosion set to light up the night sky, NASA says
Those hoping to see the nova display should look for the constellation Corona Borealis, or "Northern Crown."
#1068024 - revert to version that does not contain changes by bad actor - Debian Bug report logs
All about the xz-utils backdoor | Kali Linux Blog
As of 5:00 pm ET on March 29, 2024 the following information is accurate. Should there be updates to this situation, they will be edited onto this blog post. The xz-utils package, starting from versions 5.6.0 to 5.6.1, was found to contain a backdoor (CVE-2024-3094). This backdoor could potentially allow a malicious actor to compromise sshd authentication, granting unauthorized access to the entire system remotely.
NVD - CVE-2024-3094