JetBrains fixes 26 'security problems,' offering no details
Vendor takes hardline approach to patch disclosure to new levels
Suggested Reads
1_r/devopsishGNU Coreutils 9.5 Can Yield 10~20% Throughput Boost For cp, mv & cat Commands
While the uutils Rust-written Coreutils effort has been chugging along, the upstream GNU Coreutils effort is showing no signs of slowing down
Can Military Veterans Alleviate Your Tech Team Hiring Woes?
Hidden skills can include adaptability, public speaking and a knack for documentation.
BeagleY-AI is a $70 Raspberry Pi-shaped PC with a 4 TOPS AI accelerator, WiFi 6 and Gigabit Ethernet - Liliputing
BeagleY-AI is a $70 Raspberry Pi-shaped PC with a 4 TOPS AI accelerator, WiFi 6 and Gigabit Ethernet
I was just able to make a commit as this person, in my own repository
BTW, I am not saying that this is what happened in the #xz backdoor case, but what does not help is, github makes it quite trivial to spoof user accounts... I was just able to make a commit as this person, in my own repository: https://t.co/h7TgTsT5J9 pic.twitter.com/EgoIdGzYKB— hasherezade (@hasherezade) March 31, 2024
DevOps Toolkit - Grand Finale - End to End Demo of the Choosen Tech (You Choose! Ch. 3 Ep. 11) - https://www.youtube.com/watch?v=7-3dVxmG9qs
Grand Finale - End to End Demo of the Choosen Tech (You Choose!, Ch. 3, Ep. 11)
Choose Your Own Adventure: The Treacherous Trek to Security - Grand Finale. In this episode, we'll go through all the choices ...
via YouTube https://www.youtube.com/watch?v=7-3dVxmG9qs
Deploying Burp Suite Enterprise Edition to Kubernetes
To deploy Burp Suite Enterprise Edition to Kubernetes: Step 1: Set up your Kubernetes cluster Step 2: Install the application Step 3: Create the admin user ...
White House orders agencies to tap chief AI officers | Semafor
A sweeping new policy from the Office of Management and Budget also instructs agencies to disclose AI tools they use and prevent discrimination, other risks.
Good! | LMSys Chatbot Arena Leaderboard - a Hugging Face Space by lmsys
Discover amazing ML apps made by the community
Intel, Microsoft discuss plans to run Copilot locally on PCs instead of in the cloud
Companies are trying to make the "AI PC" happen with new silicon and software.
The Night Sky Will Soon Get ‘a New Star.’ Here’s How to See It. (Gift Article)
A nova named T Coronae Borealis lit up the night about 80 years ago, and astronomers say it’s expected to put on another show in the coming months.
'Once-in-a-lifetime' cosmic explosion set to light up the night sky, NASA says
Those hoping to see the nova display should look for the constellation Corona Borealis, or "Northern Crown."
#1068024 - revert to version that does not contain changes by bad actor - Debian Bug report logs
All about the xz-utils backdoor | Kali Linux Blog
As of 5:00 pm ET on March 29, 2024 the following information is accurate. Should there be updates to this situation, they will be edited onto this blog post. The xz-utils package, starting from versions 5.6.0 to 5.6.1, was found to contain a backdoor (CVE-2024-3094). This backdoor could potentially allow a malicious actor to compromise sshd authentication, granting unauthorized access to the entire system remotely.
This is something I've always feared. A psyop on an overworked maintainer has proven to be an attack vector. Who else is doing this??? Because where there's one nation, there's usually another. | Malicious Linux backdoor inserted upstream, caught early
Poisoned Easter eggs for all: Apparent supply chain attack caught mercifully early…
Malicious backdoor spotted in Linux compression library xz
Red Hat in all caps says STOP USAGE OF ANY FEDORA RAWHIDE INSTANCES
Red Hat hires McKinsey to streamline techies' jobs
Some staff are worried – can't think why
liblzma and xz version 5.6.0 and 5.6.1 are vulnerable to arbitrary code execution compromise - Xe Iaso
Everything I know about the XZ backdoor
Please note: This is being updated in real time. The intent is to make sense of lots of simultaneous discoveries
Why Isn’t Your Strategy Sticking?
It’s insufficient to just share the goals and objectives of your strategy and hope implementation will succeed. In this article, the author explains how to shift from an operational to a contextual mindset so that you can better identify the hidden obstacles that may be thwarting your strategy’s implementation so you can address them before they take root.
Intuit Engineering using Medium is an interesting choice | How Intuit data analysts write SQL 2x faster with internal GenAI tool
Reporting on the productivity impact of SQL generation with generative AI.
How to Write SQL Queries
Learn how to use SELECT, FROM, JOIN, WHERE, GROUP BY, HAVING, ORDER BY, OFFSET and FETCH to retrieve data with SQL.
oss-security - backdoor in upstream xz/liblzma leading to ssh server compromise
My talk from this years’ Cloud Native Rejekts | Burnout++ - Recognizing and Managing Burnout
I’m going to be doing this myself at some point | Gitea hosted Gitea · Issue #1029 · go-gitea/gitea
For the first big stage, we would like Gitea's development could be based on a Gitea hosted and github will only a mirror. This will maybe completed in v1.x. So that this issue will list all th...
DevOps Toolkit - Crossplane Composition Functions | Tutorial (Part 5) - https://www.youtube.com/watch?v=XSzKs97Ls4g
Crossplane Composition Functions | Tutorial (Part 5)
In this fifth installment of our Crossplane tutorial series, we are exploring Composition Functions. They allow us infinite flexibility to ...
via YouTube https://www.youtube.com/watch?v=XSzKs97Ls4g
Flipping Pages: An analysis of a new Linux vulnerability in nf_tables and hardened exploitation techniques
A tale about exploiting KernelCTF Mitigation, Debian, and Ubuntu instances with a double-free in nf_tables in the Linux kernel, using novel techniques like Dirty Pagedirectory. All without even having to recompile the exploit for different kernel targets once.