Oh, Rosetta, you beautiful liar

oh-my-dc

About last night… #defcon #dc33

*Learn how to integrate AI features with GitHub Models directly in GitHub Actions workflows.* https://t.co/avyO1wqQj8

First ever (i think?) cli coding agents battle royale! 6 contestants: claude-code anon-kode codex opencode ampcode gemini They all get the same instructions: Find and kill the other processes, last one standing wins! 3... 2... 1...

אני אישית חושב שזו חבילה מוגזמת ועדיף fetch או needle #נישתי #סליחה #מתנצל

@seanhn Quoted https://t.co/1fuFYZlCvT Great writeup Sean! thx!

AI prompting in a nutshell "...my entire system prompt is speculative in that I haven’t ran a sufficient number of evaluations to determine if it helps or hinders, so consider it equivalent to me saying a prayer, rather than anything resembling science or engineering" @seanhn

יא חצוף השעה עוד לא 11 (הכוס)

YAML OR YML OMFGGGGGG WHYYYYYY THE DISCREPANCYY

👀👀 #MyXAnniversary

A tip for talks: if the room has low to no lights - don't use light theme or bright screenshots

A major update to our research on the GitHub Actions incident traces its origins to November of last year. This adds substantially to our knowledge of the attack stages leading to the original compromise. Read now: https://t.co/cWKvKAoCYE

🚨 New twist in the tj-actions attack: A complex story unfolding — started 3 months earlier than publicly known, slipping in through SpotBugs before spreading across orgs. More details here ⬇️ https://t.co/u2q1ztpZXB

I'm loving the unfolded plot more and more; And now that more parts of the flow are visible - I'm even more curious to understand why the attacker "burned" tj-actions. Something about "leak everyone's tokens!" just doesn't make sense.

The tj-actions attack plot is such a great book

ידעתם את זה?

@TupleType @yaronavital @haya14busa @adnanthekhan Meant @omer_gil ofcourse but i dunno how to use computers

Huge thank you to my team @Omer Gil, @TupleType, @yaronavital Special thank you to @haya14busa(maintainer of reviewdog) for the additional information and help, and to @adnanthekhan for the great finding! Read here 👇👇👇 https://t.co/UWfTKdYP3T

We were able to find traces of dummy users used by the attacker, alongside more malicious payloads including one that is directly aimed at Coinbase! For example: https://t.co/64jvXRtig8 >>>