Eric

CapCut empezó siendo gratis Luego pusieron transiciones básicas de pago. Luego bloquearon resoluciones de exportación. Luego añadieron marcas de agua. Luego ByteDance empezó a usar tus videos para entrenar su IA. Un grupo de devs se cabreó lo suficiente como para clonar todo el proyecto desde cero Se llama OpenCut y tiene 45.8k estrellas en GitHub en menos de un año ✅ Edición con línea de tiempo y múltiples pistas ✅ Vista previa en tiempo real sin renderizar ✅ Sin marcas de agua en ninguna exportación, nunca ✅ Sin suscripciones ni funciones bloqueadas ✅ Funciona en web, escritorio y móvil ✅ Tus videos nunca salen de tu dispositivo ✅ Licencia MIT, nadie puede añadir un muro de pago La parte más importante: al ser MIT si alguien intentara meter un paywall la comunidad lo forkea en 48 horas y lanza el mismo producto sin él CapCut construyó su foso siendo gratis. OpenCut les acaba de quitar ese foso. 45.8k estrellas. 4.7k forks. 90+ colaboradores activos. MIT. lo tienes abajo 👇

Linus Torvalds acaba de dejar claro que Linux no va a convertirse en un basurero de código generado por IA. Después de meses de debate interno, la comunidad Linux publicó sus reglas oficiales sobre el uso de herramientas como GitHub Copilot. El veredicto: se puede usar IA para programar, pero el "slop" ese código de baja calidad escupido sin pensar, no pasa el filtro. La frase que lo resume todo: "Los humanos asumen los errores." Puedes apoyarte en Copilot, en Claude, en lo que quieras. Pero si ese código entra al kernel de Linux, tú eres el responsable. Tú lo verificas. Tú corriges los fallos. Tú garantizas que cumple los estándares. Es la postura más madura que he visto en el ecosistema open source frente a la IA. Ni histeria, ni adopción ciega. Solo responsabilidad clara. El kernel tiene 30 años de historia. No lo van a arruinar por ahorrar 20 minutos con un autocomplete.

The NSA spent billions trying to break encryption. One German programmer beat them. He earned only $25k a year. 🤯 Meet Werner Koch 🇩🇪 > German free software developer. Born 1961 in Düsseldorf. > 1997 ~ Richard Stallman called for a free encryption tool. > Only option then: closed-source, US-restricted PGP. > Werner answered. He built GnuPG (GPG) alone — free software to encrypt files, sign software, and verify identity. > 1999 ~ Released GPG 1.0. Fully open source. No restrictions. > Today his code verifies every Linux server update, every Debian package, every Tor Browser download on Earth. > Every signed Linux release depends on it. > Used by activists, dissidents, and security pros worldwide to stay untracked. > Edward Snowden used GPG in 2013 to leak NSA documents. It held up against the world’s most powerful spy agency. 🚀 > 2001 ~ Founded g10code with his brother to work full-time on GPG. > Earned $25,000/year for 14 years while supporting his wife and daughter. > 2012 ~ Funding ended. He had to let go of his only programmer. > 2013 ~ He was the sole maintainer and nearly quit. > 2015 ~ ProPublica story dropped. Internet donated $137k in 24 hours. > Facebook + Stripe pledged $50k/year each. Linux Foundation gave $60k. > Won FSF Award for the Advancement of Free Software. > Today he still maintains GPG from his home in Erkrath, Germany. One man kept the internet’s secrets, secret. The world almost lost him in 2013. His code still protects yours. Privacy GOAT. 🐐

🚨 BREAKING: cPanel and WHM, the control panels behind an estimated 70+ million websites, have a critical security flaw that lets anyone become root admin without a password. CVE-2026-41940 affects every supported version. It’s already being exploited in the wild. watchTowr Labs published the full attack today, after the hosting company KnownHost confirmed the bug was already being used to break into a significant chunk of the internet. If you've never heard of cPanel: it's the dashboard that hosting providers and millions of website owners use to manage their servers, domains, email accounts, databases, and SSL certificates. WHM is the admin version that controls the entire server. If someone gets root access to WHM, they get the keys to the kingdom and to every apartment inside it. How the attack works, in plain English: 🔴 Step 1: The attacker sends a deliberately wrong login. cPanel still creates a temporary "you tried to log in" record on disk and gives the attacker a cookie tied to it. 🔴 Step 2: The attacker tweaks the cookie to disable cPanel's password encryption. Normally cPanel encrypts the password field on disk. With one small change to the cookie, cPanel just stores it as plain text instead. 🔴 Step 3: The attacker sends a fake login attempt where the password field secretly contains hidden line breaks. cPanel does not strip these line breaks out, so they get written straight to the session file. Each line break creates a brand new fake record. The attacker uses this to inject lines that say "this user is root" and "this user already authenticated successfully." 🔴 Step 4: The attacker visits one more random page on the site to nudge cPanel into re-reading the file. cPanel then promotes the injected fake lines into its main session memory. 🔴 Step 5: On the next request, cPanel sees a flag that says "this user already passed the password check." cPanel trusts that flag, skips checking the actual password, and lets the attacker in as root. From start to finish, the attack takes a handful of HTTP requests. If you run cPanel or WHM, the patched versions are: 🔴 cPanel/WHM 110.0.x → 11.110.0.97 🔴 cPanel/WHM 118.0.x → 11.118.0.63 🔴 cPanel/WHM 126.0.x → 11.126.0.54 🔴 cPanel/WHM 132.0.x → 11.132.0.29 🔴 cPanel/WHM 134.0.x → 11.134.0.20 🔴 cPanel/WHM 136.0.x → 11.136.0.5 If your version is older than these, assume someone has already broken in and act accordingly. Patch right now, then rotate every password and key the server touched: root passwords, API tokens, SSL private keys, SSH keys, mail passwords, and database passwords.

¡Esto es una locura! Investigadores encontraron una vulnerabilidad crítica en GitHub. Con un simple git push, un atacante podía inyectar datos en una cabecera interna de GitHub y acabar ejecutando código en sus servidores. Podía dar acceso a repos privados de otros usuarios y afectaba a GitHub Enterprise. GitHub lo arregló el mismo día pero ahí queda la historia.