Olivia
Online
Brian Clark
@_clarkio
Developer Advocate @Snyksec | Prev @Microsoft @Disney | Web dev and app sec things. Here for community, fun and learning. Not for numbers or influencing you.
More here 👉
Joined January 2014
1.1K Following
6.1K Followers
6.5K Posts
Pinned Tweet
A fun test to see how well you do at checking agentic AI permissions: https://t.co/mrIuBybPPB
Big banks aren't known for moving fast on new tech. With AI it's a different story. Some are even buying supercomputers to train their own internal models.
@LawrenceDCodes @tdesseyn I’m with you. If we’re talking strictly offline I might tinker but still wouldn’t give it full autonomy
Who to follow
Burke Holland 
@burkeholland
Working on GitHub Copilot @microsoft @github. My views.
Brian Holt
@holtbt
🐘 pm @microsoft azure postgres
👨🏫 @frontendmasters @vetswhocode
👨💻 prev @stripe @netflix @neondatabase
👨🎓 @seattleu mba
⚽️ investor @cagliaricalcio
Jason Miller 🦊⚛
@_developit
Platform DX @Shopify. Created @preactjs.
Do more with less. https://t.co/z1d6J24DlE
@[email protected]
Versions of
- laravel-lang/lang
- laravel-lang/http-statuses
- laravel-lang/attributes
- laravel-lang/actions
have been published with malicious versions
Packagist has unlisted the packages, but if you installed any of them between May 22–23, treat the environment as compromised
Your first instinct after getting hit by the TanStack npm attack is to revoke your GitHub token.
Don't.
The malware polls GitHub every 60 seconds. Gets a 401? It runs rm -rf ~/
Here's the right remediation order before you touch a single credential. https://t.co/TNXDfhORa4
1/ We are sharing additional details regarding our investigation into unauthorized access to GitHub's internal repositories.
Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately.
A government contractor just leaked a ton of sensitive info including admin passwords for CISA's AWS GovCloud accounts - all to a public GitHub repo.
CISA says they "hold our team members to the highest standards of integrity and operational awareness"
Followed by evidence of them turning off basic GitHub defaults that would protect from publishing secrets. And dictionary passwords that were the name of the service + the year.
💥 Game changer for Web Development announced at GoogleIO- Modern Web Guidance! It’s expert-vetted skills for web development based on best practices of latest specs and APIs.
It ensures your agent/coding harness doesn’t default to older and out of date patterns to build sites.
We are investigating unauthorized access to GitHub’s internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’ enterprises, organizations, and repositories), we are closely monitoring our infrastructure for follow-on activity.
@mattjay @tuckner @SocketSecurity Hooks are deterministic and make sure what you want to happen, happens
AI wanted to copy node_modules between two stages in a Dockerfile. One where devDeps are needed and one they're not (production).
I called this out and it of course replied with "You're right — I should walk that back."
The timing of this is perfect. I just had a scenario where having learned something on my own helped me catch a bad suggestion by AI...
https://t.co/jKCIAEzai7
@wesbos I was thinking maybe if it got to a solution faster it might be less expensive
More and more companies are deploying AI-generated code into production. Much of that code contains vulnerabilities. Making traditional AppSec struggle to keep up.
@snyksec + @AnthropicAI's Claude = security at AI speed
👇
https://t.co/LnPn8kM9Nq
@nickytonline Same here!
Looking forward to chatting with @_clarkio today! Happening in 5 hours. Come hang with us!
https://t.co/iWfSRLR9i8
@liran_tal I'm thinking about the monthly/annual subscriptions changing for them all. Do you think they'll move everything to usage based billing vs. subs?
Any guesses on when the same happens at Anthropic, OpenAI, Cursor?
I think it's gonna be in the next 2-3 months.
https://t.co/cu9HOdvNDu
Last Seen Users on Sotwe
Hansaplast04
Seen from Singapore
hot wife Sara ( 18+content )
Seen from Italy
colmekin
Seen from Indonesia
เค้าชอบกินน้ำว่าวหนุ่มออฟฟิศ นศ ขี้เงี่ยน
Seen from France
Mallu Palakkad
Seen from India
choi ye
Seen from Indonesia
mani.
Seen from Netherlands
İfşa Porno
Seen from Turkey
CUCKOLD KLUBU 🔞
Seen from Turkey
Aksh Shah
Seen from India
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers