Olivia
Online
Stewart Wong
@anyhowdotcom
New Era Agentic Engineer | looking for hire
Singapore
Joined June 2009
798 Following
34 Followers
252 Posts
@theo Can mine be counted?
SECURITY ADVISORY — TanStack npm packages
A supply-chain compromise affecting 42 @tanstack/* packages (84 versions total) was published to npm earlier today at approximately 19:20 and 19:26 UTC. Two malicious versions per package.
Status: ACTIVE — packages are deprecated, npm security engaged, publish path being shut down.
Severity: HIGH — payload exfiltrates AWS, GCP, Kubernetes, and Vault credentials, GitHub tokens, .npmrc contents, and SSH keys.
If you installed any @tanstack/* package between 19:20 and 19:30 UTC today, treat the host as potentially compromised:
• Rotate cloud, GitHub, and SSH credentials immediately
• Audit cloud audit logs for the last several hours
• Pin to a prior known-good version and reinstall from a clean lockfile
Detection — the malicious manifest contains:
"optionalDependencies": {
"@tanstack/setup": "github:tanstack/router#79ac49ee..."
}
Any version with this entry is compromised. The payload is delivered via a git-resolved optionalDependency whose prepare script runs router_init.js (~2.3 MB, smuggled into each tarball at the package root).
Unpublish is blocked by npm policy for most affected packages due to existing third-party dependents. All 84 versions are being deprecated with a SECURITY warning, and npm security has been engaged to pull tarballs at the registry level.
Full technical breakdown, complete package and version list, and rolling status updates:
https://t.co/Zy8qG7PA9f
Credit to the security researcher for responsible disclosure.
Honestly, I might just get a macbook neo for codex computer use
Can’t really say it’s buyer remorse (since I didn’t spent a single cent) but now that I’ve gotten this I’m not sure if I would even wear it out 😂
Thanks to @opencode for the merch drop anyway!
I am getting a sense that openclaw is more like a safer experiment project so that features can be groomed and shaped before it’s being introduced into ChatGPT.
Especially if chatGPT is releasing a super app now, let’s see how many of the features got brought into it.
sound on
https://t.co/w8dQ77fbNH
Finally! But they are one year too late.
We just opened up ordering in four additional countries: New Zealand, Norway, Singapore, and Switzerland! You can order anything that is in-stock on the site now, though you may want to wait until you see what we're announcing on April 21st.
Would like to announce that in 10 days I would not need to think about payment services anymore! At least not in my work.
Good bye Stripe.
This is either brilliant or scary:
Anthropic accidentally leaked the TS source code of Claude Code (which is closed source). Repos sharing the source are taken down with DMCA.
BUT this repo rewrote the code using Python, and so it violates no copyright & cannot be taken down!
I'm usually not one to write thought pieces without much technical depth. But here we go.
Slow the fuck down.
https://t.co/dcOwPK357F
The interview burnout is real. Basically can’t get myself to do anything after 2 weeks of intense back to back job interviews.
Including feeling of imposter syndrome.
you asked for it, you get it
@SherryYanJiang and i are finally bringing cafe @cursor_ai singapore aka cursor kopitiam to town
@nickwm and @fr4nnyp4ck will be flying in to drink some coffee and hang out
spend the evening hacking or just catching up with other cursor-pilled folks
registration linked below:
I don’t know what you call them, but these little side tabs are like the emdash of vibe coded UIs
If I am spoilt of choices, I would too
Employee resigned because he got Windows 11 instead of Mac 💀
@atmoio Recently I was given an interview online test where I need to write an algorithm without AI (just with simple IDE completion available). Hack, I don't even remember the array methods available and how to use it anymore.
I just stop the test and reject that application
we spoke to a company today who's security team is so concerned by ai code they're considering banning ai tools
your first reaction might be "they're gonna get left behind" but if you are practical their concerns aren't invalid
if you are a huge multi national org with tens of thousands of employees and they just got a button that appears to do their work, it's gonna get pushed a lot
and the process around knowing what is making it to production is totally melting
being honest we're all getting a bit lazier
see that kiro related aws outage as a real life example
so they're genuinely arguing over how much this is going to be allowed esp since the net productivity gains for the average dev seem to be pretty low
@nansen_ai Only Claude code user?
Can a company mention “looking for someone who stays current with the emerging AI technologies, tools and industry trend” in their JD and yet they don’t allow agentic AI use to build software?
Most Popular Users
Elon Musk 
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.3M followers
Taylor Swift
@taylorswift13
81.1M followers
Lady Gaga
@ladygaga
72.6M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.3M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
61.9M followers
CNN
@cnn
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.4M followers