2/ i wrote a short-ish "note" over on The Blogging Site That Shall Not Be Named in an attempt to explain to the less technologically sophisticated people in the audience what just happened with the #nx / #npm supply chain attack.

* my simplified explanation: https://substack.com/profile/96801203-michel-de-cryptadamus/note/c-149738571
* for the trve heads with opinions on things like linux distros and the Rust programming language, Wiz wrote a much more thorough explanation: https://www.wiz.io/blog/s1ngularity-supply-chain-attack

#crypto #cryptocurrency #nodejs #node #threatintel #northkorea #lazarusgroup#DPRK #hackers #hacking #ethereum #claude #gemini

everyone calm down, the enormous #NPM supply chain attack of the incredibly popular (27,000 #github stars) #nx#AI build tool thingamajig is probably aimed solely at crypto bros. if you don't have any crypto you (hopefully) don't have anything to worry about.

my fact free, completely unsupported by evidence hunch is that we will find this came from #NorthKorea (because if it's a well orchestrated attempt to steal a bunch of crypto it's pretty much always north korea).

https://universeodon.com/@cryptadamist/115102035321832152

#crypto #cryptocurrency #ethereum #npm #nodejs #node #js#javascript#webdev#DPRK#LazarusGroup #cybersecurity #infosec #threatintel #claude #gemini

Face à la merdification des services, du web de merde version 2025, du flicage continuel, du capitalisme de surveillance, de la censure ambiante et de tout le reste, ça donne franchement envie d'aller s'isoler sur le bon vieux RetroShare avec les amis.

C'est un peu le Graal, ce logiciel, finalement. Dommage qu'il ne soit plus trop développé.

@sebsauvage Ou Gemini ? Mais pas le logiciel d'IA Générative (de qui on sait), pas l'ancien programme (!) de conquête spatiale : le texte et le protocole bien connu (!).
NB : il y a même une citation (+ sa référence) de Stéphane @bortzmeyer dans l'article de Wikipédia (en anglais) !
en.wikipedia.org/wiki/Gemini_(

everyone calm down, the enormous #NPM supply chain attack of the incredibly popular (27,000 #github stars) #nx#AI build tool thingamajig is probably aimed solely at crypto bros. if you don't have any crypto you (hopefully) don't have anything to worry about.

my fact free, completely unsupported by evidence hunch is that we will find this came from #NorthKorea (because if it's a well orchestrated attempt to steal a bunch of crypto it's pretty much always north korea).

https://universeodon.com/@cryptadamist/115102035321832152

#crypto #cryptocurrency #ethereum #npm #nodejs #node #js#javascript#webdev#DPRK#LazarusGroup #cybersecurity #infosec #threatintel #claude #gemini

2/ i wrote a short-ish "note" over on The Blogging Site That Shall Not Be Named in an attempt to explain to the less technologically sophisticated people in the audience what just happened with the #nx / #npm supply chain attack.

* my simplified explanation: https://substack.com/profile/96801203-michel-de-cryptadamus/note/c-149738571
* for the trve heads with opinions on things like linux distros and the Rust programming language, Wiz wrote a much more thorough explanation: https://www.wiz.io/blog/s1ngularity-supply-chain-attack

#crypto #cryptocurrency #nodejs #node #threatintel #northkorea #lazarusgroup#DPRK #hackers #hacking #ethereum #claude #gemini

everyone calm down, the enormous #NPM supply chain attack of the incredibly popular (27,000 #github stars) #nx#AI build tool thingamajig is probably aimed solely at crypto bros. if you don't have any crypto you (hopefully) don't have anything to worry about.

my fact free, completely unsupported by evidence hunch is that we will find this came from #NorthKorea (because if it's a well orchestrated attempt to steal a bunch of crypto it's pretty much always north korea).

https://universeodon.com/@cryptadamist/115102035321832152

#crypto #cryptocurrency #ethereum #npm #nodejs #node #js#javascript#webdev#DPRK#LazarusGroup #cybersecurity #infosec #threatintel #claude #gemini

sebsauvage
Nicolas Fressengeas
sebsauvage and 1 other boosted

Si vous voulez changer le monde, il faut entrer en résistance. Il faut accepter d’agir et de se taire. Il faut accepter de perdre du confort, des opportunités, des relations. Et il ne faut espérer aucune récompense, aucune reconnaissance.

https://ploum.net/2025-08-26-medailles-et-resistance.html

#gemini : gemini://ploum.net/2025-08-26-medailles-et-resistance.gmi

Si vous voulez changer le monde, il faut entrer en résistance. Il faut accepter d’agir et de se taire. Il faut accepter de perdre du confort, des opportunités, des relations. Et il ne faut espérer aucune récompense, aucune reconnaissance.

https://ploum.net/2025-08-26-medailles-et-resistance.html

#gemini : gemini://ploum.net/2025-08-26-medailles-et-resistance.gmi

I still have a few Google Nest speakers around, but I hardly ever use the voice assistant. I was talking to my kid about Spider-Man and decided to ask, “How many Spider-Man movies was Andrew Garfield in?” because I forgot the titles, and if there were two or three.

It showed on the screen: “At least 24,” and then told me out loud, “55.”

It turns out he has been in two.

A Self-hosted, BSD-native Gemini Protocol Server Stack - by @rqm@exquisite.social - @rqm@journal.bsd.cafe

For those who are adventurous enough to explore the non-http corners of the Internet, the Gemini protocol is a delightful experience to use. It has been around a number of years, making the biggest bang around the time when discontent with the web’s general demise started to reach current heights (so maybe around 2022).

journal.bsd.cafe/2025/07/22/a-

WARNING: #GOOGLE IS TRYING TO TRICK YOU INTO USING GEMINI AI AND FEEDING GEMINI YOUR DATA IN GMAIL AND OTHER APPS!

What Google is now doing should be ILLEGAL. PERIOD. For the first time I can recall in history of using Gmail, it just now popped a modal dialogue box -- DEMANDING that I choose whether or not I wanted "Smart Features" turned on -- which when you read the verbiage mostly means goddamned Gemini AI AND if you enable this you're giving Google permission to use your data to "improve" this horrifically invasive, inept, and misinformation spewing tech that steals data from websites for its own use without permission of those sites. DON'T LET IT SUCK IN YOUR EMAIL AS WELL!

There was no way I could find to exit the modal window without choosing YES or NO, which means my existing selection to NOT use Gmail Smart Features (long my preference) was NOT being honored. After saying NO to this disgusting query by Google, I was pushed to ANOTHER page where I was forced to choose again about "smart features" in "other" Google apps. I chose NO again and finally was permitted to escape this trap.

Note that while you can fairly easily check to make sure "smart features" are turned off in Gmail settings, I offhand don't have a clue as to how to find the similar settings in other Google apps that may have been affected by this absolutely disrespectful forced dialogue, as Google keeps trying to ram Gemini AI down our throats.

ENOUGH IS ENOUGH! Google has become a DISGRACE.

#Google#Gmail#Gemini#AI