Olivia
Online
Jan Willem
@JWAJWA
AI - FC Twente - Ultras Vak-P - NAFO - 🇺🇦🇪🇺🇵🇸
Nijverdal
Joined April 2009
1.5K Following
883 Followers
3.3K Posts
No model survives the "are you sure?" They all fold instantly.
I used to be a die-hard Claude Code user.
Codex has won me over because:
→ GPT-5.5 is excellent
→ Fast mode + generous limits = more reps
→ Little touches like steering, auto remote control on phone, etc
But most of all Codex's browser and computer use capabilities are simply goated. I built so many workflows relying on those two things alone instead of hunting for APIs.
I still use Claude Code too. The app seems to be getting better and the design and frontend capability of Opus is still much better than GPT. Whenever Fable comes back that's another reason to go back.
Honestly, I hope these two compete forever and other players (Cursor/Grok, Gemini, etc) all stay competitive.
This way the builder keeps winning 🙂
Typical coding day with Claude (Opus 4.8)
- explain to Claude the task (5 minutes)
- Claude implements task (10 minutes)
me: "Why is this necessary?"
Claude: "You're right to push back! I over-engineered this!"
- Repeat x87 times (13 hours)
Europeans please wake up.
@NieuwRechtsNL goede zaak! We moeten Oekraine veel meer steunen dan we al doen.
alright all of you that maintain a cli oauth flow
i hope it's obvious to you now doing the whole browser link callback to localhost thing is dumb and annoying af in ssh
please implement the code flow that polls - try gh cli login flow to see it
NEW: AI consultant reveals a client accidentally spent $500,000,000.00 in a single month after failing to set employee limits on Claude usage.
if we see this, we know
🚨 Supply chain attack on the Laravel Lang organization:
700+ historical versions across multiple community-maintained Laravel Lang packages were compromised with an RCE backdoor, including:
laravel-lang/lang
laravel-lang/http-statuses
laravel-lang/attributes
Laravel-Lang/actions
The payload targets cloud creds, CI/CD secrets, Kubernetes tokens, Vault, browser data, password managers, SSH keys, and more.
1/ We are sharing additional details regarding our investigation into unauthorized access to GitHub's internal repositories.
Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately.
UPDATE: So far we've identified 639 compromised npm package versions across 323 unique packages in tonight’s Mini Shai-Hulud wave.
That includes 558 versions across 279 unique @antv packages. Most were detected within ~6 minutes of publication.
https://t.co/JXJK1NT4dp
Microsoft is investigating mistralai PyPI package v2.4.6 compromise. Attackers injected code in mistralai/client/__init__.py that executes on import, downloads hxxps://83[.]142[.]209[.]194/transformers.pyz to /tmp/transformers.pyz, and launches a second-stage payload on Linux. The file name transformers.pyz appears deliberately chosen to mimic the widely used Hugging Face Transformers library and blend into ML/dev environments.
The main payload is a credential stealer, but it also includes country-aware logic; it avoids Russian-language environments and contains a geo fenced destructive branch that has 1-in-6 chance of executing rm -rf / when the system appears to be in Israel or Iran.
To mitigate this threat: isolate affected Linux hosts, block 83[.]142[.]209[.]194, hunt for /tmp/transformers.pyz, pgmonitor[.]py, and pgsql-monitor.service, and rotate exposed credentials.
![MsftSecIntel's tweet photo. Microsoft is investigating mistralai PyPI package v2.4.6 compromise. Attackers injected code in mistralai/client/__init__.py that executes on import, downloads hxxps://83[.]142[.]209[.]194/transformers.pyz to /tmp/transformers.pyz, and launches a second-stage payload on Linux. The file name transformers.pyz appears deliberately chosen to mimic the widely used Hugging Face Transformers library and blend into ML/dev environments.
The main payload is a credential stealer, but it also includes country-aware logic; it avoids Russian-language environments and contains a geo fenced destructive branch that has 1-in-6 chance of executing rm -rf / when the system appears to be in Israel or Iran.
To mitigate this threat: isolate affected Linux hosts, block 83[.]142[.]209[.]194, hunt for /tmp/transformers.pyz, pgmonitor[.]py, and pgsql-monitor.service, and rotate exposed credentials.](https://pbs.twimg.com/media/HIFr1UIXsAAeU_g.png)
SECURITY ADVISORY — TanStack npm packages
A supply-chain compromise affecting 42 @tanstack/* packages (84 versions total) was published to npm earlier today at approximately 19:20 and 19:26 UTC. Two malicious versions per package.
Status: ACTIVE — packages are deprecated, npm security engaged, publish path being shut down.
Severity: HIGH — payload exfiltrates AWS, GCP, Kubernetes, and Vault credentials, GitHub tokens, .npmrc contents, and SSH keys.
If you installed any @tanstack/* package between 19:20 and 19:30 UTC today, treat the host as potentially compromised:
• Rotate cloud, GitHub, and SSH credentials immediately
• Audit cloud audit logs for the last several hours
• Pin to a prior known-good version and reinstall from a clean lockfile
Detection — the malicious manifest contains:
"optionalDependencies": {
"@tanstack/setup": "github:tanstack/router#79ac49ee..."
}
Any version with this entry is compromised. The payload is delivered via a git-resolved optionalDependency whose prepare script runs router_init.js (~2.3 MB, smuggled into each tarball at the package root).
Unpublish is blocked by npm policy for most affected packages due to existing third-party dependents. All 84 versions are being deprecated with a SECURITY warning, and npm security has been engaged to pull tarballs at the registry level.
Full technical breakdown, complete package and version list, and rolling status updates:
https://t.co/Zy8qG7PA9f
Credit to the security researcher for responsible disclosure.
Wrote down some new agent principles. Not sure if they are all valid, but for now im trying to follow them: https://t.co/WCUkINFWOF
@RLanceMartin @jess__yan @maheshmurag Curious how you think about scopes, in terms of: what part of the validation contract belongs to the agent and what part belongs to the product you are building with it. What Claude input and configs do you commit with the product and what stays seperate?
Bun v1.3.14 releases tomorrow.
If we do merge the Rust rewrite, this would be the last version in Zig
Jorden van Foreest is the 1st player to beat Magnus Carlsen in classical chess since Gukesh did it in the famous table slam game in Norway Chess 2025! "Epic game!" says Erwin l'Ami: https://t.co/sdEsZ8Zodr
Meanwhile in the USA. 🤡
Activate the anti-coercion instrument and be finally done with this nonsense.
Last Seen Users on Sotwe
是小逗逗👠
Seen from United States
yyyyY
Seen from Switzerland
terbaru virall🤤🥶🥵
Seen from Indonesia
น้าน้า
Seen from Thailand
Antalya yeliz
Seen from Germany
KİLOLU KADIN PAYLAŞIM
Seen from Turkey
💄Femme❤️🔥FEMiNiZER 👠 500k+ 🔞 
Seen from India
Kontol bapak indo
Seen from France
Putra suka bbw lokal
Seen from Indonesia
autumn ren
Seen from United States
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.4M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.2M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.4M followers
Taylor Swift
@taylorswift13
81.3M followers
Lady Gaga
@ladygaga
72.8M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.6M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.8M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.3M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.5M followers