1_DevOps'ish

1_DevOps'ish

56213 bookmarks
Custom sorting
How Google Is Starting to Win the A.I. Race
How Google Is Starting to Win the A.I. Race
Despite its early stumbles, Google’s Gemini has leapfrogged ChatGPT in relevance and usefulness. Soon, it will be ubiquitous.
·nytimes.com·
How Google Is Starting to Win the A.I. Race
AI Gateway production index
AI Gateway production index
The state of production AI in 2026. Data from seven months of AI Gateway traffic across hundreds of models and tens of trillions of tokens.
·vercel.com·
AI Gateway production index
TeamPCP compromises NPM maintainer with over 540 packages
TeamPCP compromises NPM maintainer with over 540 packages
A threat actor tracked as TeamPCP has compromised two npm maintainer accounts — including the one behind the AntV data-visualization suite — republishing 324 packages with over 16 million combined weekly downloads.
·opensourcemalware.com·
TeamPCP compromises NPM maintainer with over 540 packages
Swamp Beyond Infrastructure
Swamp Beyond Infrastructure
The design space that opens when you stop thinking in domains
·webframp.com·
Swamp Beyond Infrastructure
0xdeadbeefnetwork/ssh-keysign-pwn: Steal SSH host private keys and /etc/shadow via the ptrace_may_access mm-NULL bypass + pidfd_getfd. Pre-31e62c2ebbfd kernels.
0xdeadbeefnetwork/ssh-keysign-pwn: Steal SSH host private keys and /etc/shadow via the ptrace_may_access mm-NULL bypass + pidfd_getfd. Pre-31e62c2ebbfd kernels.
Steal SSH host private keys and /etc/shadow via the ptrace_may_access mm-NULL bypass + pidfd_getfd. Pre-31e62c2ebbfd kernels. - 0xdeadbeefnetwork/ssh-keysign-pwn
·github.com·
0xdeadbeefnetwork/ssh-keysign-pwn: Steal SSH host private keys and /etc/shadow via the ptrace_may_access mm-NULL bypass + pidfd_getfd. Pre-31e62c2ebbfd kernels.
AI Discovers CVE-2026-46333 Linux Kernel Vulnerability
AI Discovers CVE-2026-46333 Linux Kernel Vulnerability
AI-powered code analysis uncovers fourth critical Linux kernel flaw in May 2026. CVE-2026-46333 targets ptrace. Get mitigation steps and patch info here.
·linuxstans.com·
AI Discovers CVE-2026-46333 Linux Kernel Vulnerability
Digital Safety for Activists: 40+ Tools, Threats & OPSEC Guide
Digital Safety for Activists: 40+ Tools, Threats & OPSEC Guide
Read our essential guide to digital safety for activists and discover practical tools, guides, and other resources to help you protect yourself and your organization.
·expressvpn.com·
Digital Safety for Activists: 40+ Tools, Threats & OPSEC Guide
Why I'm leaving GitHub for Forgejo | Jorijn Schrijvershof
Why I'm leaving GitHub for Forgejo | Jorijn Schrijvershof
I left GitHub for self-hosted Forgejo on a hardened NUC. The reason is digital sovereignty, not reliability outages. Here's the thinking and the architecture.
·jorijn.com·
Why I'm leaving GitHub for Forgejo | Jorijn Schrijvershof
I was laid off by Atlassian
I was laid off by Atlassian
00:00 Intro00:58 Interview process04:16 Starting at Atlassian04:35 Building an Open Service Broker07:43 Diagram of OSB architecture09:56 Picking a proxy tech...
·youtube.com·
I was laid off by Atlassian
Exclusive: Meta employees protest against mouse tracking tech at US offices
Exclusive: Meta employees protest against mouse tracking tech at US offices
Meta ​employees distributed flyers at multiple U.S. offices ‌on Tuesday to protest against the company's recent installation of mouse-tracking software on their computers, according to photos ​of the pamphlets seen by Reuters.
·reuters.com·
Exclusive: Meta employees protest against mouse tracking tech at US offices
NGINX Rift: Achieving NGINX Remote Code Execution via an 18-Year-Old Vulnerability | depthfirst
NGINX Rift: Achieving NGINX Remote Code Execution via an 18-Year-Old Vulnerability | depthfirst
We used the depthfirst system to analyze the NGINX source code, and it autonomously discovered 4 remote memory corruption issues, including a critical heap buffer overflow introduced in 2008. We further investigated the exploitability of the issues, and developed a working proof of concept demonstrating RCE with ASLR off. If you use rewrite and set directives in your NGINX configuration, you're at risk.
·depthfirst.com·
NGINX Rift: Achieving NGINX Remote Code Execution via an 18-Year-Old Vulnerability | depthfirst
Not a Security Issue
Not a Security Issue
How curl’s disclosure policy filtered an AI scanner’s findings at source
·nesbitt.io·
Not a Security Issue
Fragnesia Made Public As Latest Linux Local Privilege Escalation Vulnerability
Fragnesia Made Public As Latest Linux Local Privilege Escalation Vulnerability
Following last week's disclosure of the Dirty Frag vulnerability for the Linux kernel, which only finished being patched up in mainline on Monday, Fragnesia is now public as a similar local privilege escalation (LPE) vulnerability.
·phoronix.com·
Fragnesia Made Public As Latest Linux Local Privilege Escalation Vulnerability
Red Hat agentic skills - Red Hat Ecosystem Catalog
Red Hat agentic skills - Red Hat Ecosystem Catalog
Raw MCP tools provide the connection, but Red Hat Agentic Skills provide the expertise. Move beyond manual tool-calling with a curated collection that embeds reliability, safety, and Red Hat best practices into every AI interaction.
·catalog.redhat.com·
Red Hat agentic skills - Red Hat Ecosystem Catalog