Olivia
Online
Nicolas VIAUD
@VirtualNanite
Software architect
Nantes, France
Joined May 2012
340 Following
143 Followers
1.2K Posts
Une coalition européenne d’acteurs de l’Open Source appelle la Commission européenne à intégrer un principe “Open Source First” dans le futur Cloud and AI Development Act.
👉 https://t.co/VeoH0kY2c3
Et pour ceux qui veulent la version longue, elle est disponible sur mon blog
https://t.co/wB8bL5nRfd
GOOGLE BUILT A VULNERABILITY SCANNER AND OPEN-SOURCED IT
most devs ship code without knowing half their dependencies are ticking time bombs
osv-scanner fixes that
it scans your entire project lockfiles, containers, even vendored c/c++ code and maps every dependency against the https://t.co/RL01xkZSfY database
supports 11+ ecosystems. npm, pip, cargo, maven, go modules, gem. all of it.
the guided remediation feature is the real unlock... it doesn't just tell you what's broken.... it tells you exactly which version upgrades fix the most issues with the least risk
call analysis built in. so you only get alerts for vulnerable functions your code actually calls. no noise
works offline too. download the db once, scan without internet
one command to scan your whole directory:
osv-scanner scan source -r ./
https://t.co/tNCUiUwCob
Many of you know the Linux #auditd config I’ve maintained for years. It was always meant to be a simplified, detection-agnostic baseline for #Linux 🐧
We’ve now changed the way it works ⚡️
The core idea is:
audit.rules should act as the sensor, not the detection engine
That means:
- generic process_creation
- fewer brittle per-binary rules
- better portability
- CI validation
We preserved the old baseline as v0.1.0 and released v0.2.0 as the new streamlined model
https://t.co/LJAH9ONspo
co-op with @petri_ph
Who to follow
GreenCat Régis
@_Madix
IT architect, PC gamer, VR enthusiast, savage with a bow and arrows. Like many kids, I used to dream of being an astronaut...
Jackson Oliveira
@cyber_jso
Software Architect and Devops evangelist. SOA Expert, Football Fan
rarivomanana
@HeritianaRarivo
Currently enjoying life ; Fan of World of Warcraft, Mass effect, Dragon Age and Lord of the rings #Marketing #Videogames #Movie #Food
8 642 lois, 27 866 commits : un dev espagnol a versionné l'intégralité de la législation de son pays dans un repo Git.
Chaque réforme est un commit, chaque article modifié est un diff.
Lancer un git blame sur la Constitution, c'est désormais possible. https://t.co/Fss5bckpJx
Arrêtez de dessiner vos baies informatiques sur des tableurs ✍️
#Rackula c'est un outil open source permettant de modéliser vos racks serveurs depuis un navigateur #web.
👉 https://t.co/8OWSKMbVWV
🎥 https://t.co/AXFiz457KB
#adminsys #homelab #opensource #elearning
"L'Allemagne impose l'ODF et exclut le format Microsoft : la souveraineté numérique commence par vos fichiers"
👉 https://t.co/HZXmYsKuEL
⚠️ Les services techniques du Centre de coordination des crises cyber (C4) ont élaboré une note d'alerte relative au ciblage des messageries instantanées de personnalités politiques, de hautes autorités et de cadres de l’administration.
➡️ + d'infos :
https://t.co/SIx75QB8x5
CrackArmor : neuf vulnérabilités ont été découvertes dans AppArmor remontant au noyau Linux 4.11 (2017) et pourraient affecter plus de 12,6 millions de systèmes. (z)
👉 https://t.co/bc4SpWQUhN
CI/CD pipelines read your code, hold your secrets, and deploy to production.
Most orgs have no scalable way to verify they're compliant.
We built a 26-point checklist + ISO 27001/NIS2/DORA/CRA mapping to fix that.
👉 https://t.co/yIB6YAc2G3
Microsoft Research + Salesforce just dropped a paper that should scare every single AI builder right now.
They tested 15 of the top models (GPT-4.1, Gemini 2.5 Pro, Claude 3.7 Sonnet, o3, DeepSeek R1, Llama 4) across 200,000+ simulated conversations.
The results are actually terrifying.
If you give a model a single-turn prompt, it hits 90% performance. But if you have a multi-turn conversation? it plummets to 65%.
same model. same task. just.. talking normally.
The crazy part is that the ai isn't getting dumber (aptitude only dropped 15%). the problem is that unreliability EXPLODED by 112%..
Here is exactly why they break:
→ they answer before you finish explaining, and those wrong assumptions get baked in permanently
→ they fall in love with their first wrong answer and just keep building on it
→ they completely forget the middle of your conversation
→ longer responses introduce more assumptions, which means more errors
Even the new reasoning models failed. o3 and deepseek r1 performed just as badly. giving them extra "thinking tokens" did absolutely nothing. setting temperature to 0? still broken.
Every benchmark we celebrate is tested in perfect, single-prompt lab conditions. but real conversations break every model on the market and nobody is talking about it..
The only fix right now? stop chatting. Give your AI everything upfront in one massive message instead of going back-and-forth.
🚨An AI bot compromised 5 of 7 major repos in one week (Trivy, awesome-go, Microsoft, DataDog, CNCF). Every exploit was a known CI/CD misconfiguration.
The fix isn't patching. It's governance.
Full breakdown and lessons learned: https://t.co/4lFaI3S1yN
🚨 Impossible à désinstaller : ce virus utilise Gemini pour s’incruster dans votre smartphone📱 ➡️ https://t.co/BvlDsR8N39
Trivy vidé après une attaque supply chain par un bot IA
https://t.co/UPEGjsuuW6
📚 L'ANSSI publie un nouveau document présentant les fonctions de sécurité attendues sur un poste de travail destiné à faire cohabiter différents environnements, aussi appelé « poste de travail multi-environnements ».
🔗https://t.co/6atiPl6E0x
DevOps Exercises : une collection Open Source, très compléte de plus de 2600 questions et exercices couvrant divers sujets techniques liés au DevOps et SRE
👉 https://t.co/ntEQ326a1Q
MobileTrackers has been updated by @craiu (February 2026 release). Updated telemetry domains and URLs associated with mobile tracking and analytics libraries are now available https://t.co/T8J8xu3M23
The security of the Software Supply Chain is a current topic, very interesting, very important but not simple.
In this new blog post, I suggest you see how to implement it, step by step, with the managed private registry @OVHcloud (Harbor managed):
https://t.co/KS2mT6b2pv
🧰 Découvrez l'ICT Toolbox : la boîte à outils Sécurité de la chaîne d’approvisionnement des TIC.
🛡️ L’ICT Toolbox propose des recommandations stratégiques et techniques pour renforcer la #cybersécurité et la résilience des chaînes d'approvisionnement.
🔗https://t.co/VZc6N1CPkt
The Great Software Quality Collapse
https://t.co/QHV6ADTn3W
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.1M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.3M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers