Olivia
Online
Brandon()
@brandonbango
PA
Joined August 2008
165 Following
120 Followers
605 Posts
Pinned Tweet
If you're trying to learn something new or build a skill, it's important to manage expectations and realize it's a process and not an event. Set small, obtainable goals and work towards it every day. Ask yourself what you need to do to win the day and do it.
Opus 4.8 just dropped
Introducing Claude Opus 4.8: it builds on Opus 4.7 with sharper judgment, more honesty about its own progress, and the ability to work independently for longer than its predecessors.
Available today at the same price.
🚨 GitHub is investigating TeamPCP’s claim: ~4,000 internal repositories allegedly stolen and listed for sale ($50,000+).
This comes as the group’s Mini Shai-Hulud worm just hit #Microsoft’s durabletask PyPI package (v1.4.1–1.4.3) — a #Linux-only infostealer that spreads via AWS SSM + Kubernetes.
Worth rotating secrets and scanning your repos.
Full story: https://t.co/m6iAHb1pXA
We are investigating unauthorized access to GitHub’s internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’ enterprises, organizations, and repositories), we are closely monitoring our infrastructure for follow-on activity.
Who to follow
Microsoft Exchange Server users are urged to immediately mitigate a newly disclosed zero-day vulnerability that has been exploited in attacks.
Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild https://t.co/oD5LxdptWT
OpenClaw Chain Vulnerabilities Expose 245,000 Public AI Agent Servers to Attack
CVE-2026-44112 (CVSS 9.6 – Critical)
CVE-2026-44115 (CVSS 8.8 – High)
CVE-2026-44118 (CVSS 7.8 – High)
CVE-2026-44113 (CVSS 7.7 – High)
🚨 OpenClaw Chain Vulnerabilities Expose 245,000 Public AI Agent Servers to Attack
Source: https://t.co/Hn3a2KocG5
A chain of four critical vulnerabilities discovered in OpenClaw, one of the fastest-growing open-source platforms for autonomous AI agents, has left an estimated 245,000 publicly accessible server instances exposed to remote exploitation, credential theft, and persistent backdoor installation.
Shodan and ZoomEye scans as of May 2026 reveal approximately 65,000 and 180,000 publicly accessible OpenClaw instances, respectively, totaling roughly 245,000 exposed servers. What makes this chain especially dangerous is that the attacker weaponizes the AI agent’s own privileges.
#cybersecuritynews
🚨 WARNING: The self-spreading “Mini Shai-Hulud” worm compromised npm & PyPI packages tied to TanStack, Mistral AI, Guardrails AI, OpenSearch & more.
The attack used GitHub OIDC token hijacking and cache poisoning to spread credential-stealing malware across 42 TanStack packages and 84 versions.
Check your dependencies immediately → https://t.co/33fxlrOPzz
Anthropic is increasing Pro, Max and Team plans limits.
Effective today, we are:
1) Doubling Claude Code’s 5-hour rate limits for Pro, Max, and Team plans;
2) Removing the peak hours limit reduction on Claude Code for Pro and Max plans; and
3) Substantially raising our API rate limits for Opus models.
Looked at 1M conversations....
How do people seek guidance from Claude?
We looked at 1M conversations to understand what questions people ask, how Claude responds, and where it slips into sycophancy. We used what we found to improve how we trained Opus 4.7 and Mythos Preview.
https://t.co/6tjY58uBhk
Claude Security is now in public beta for Claude Enterprise customers.
Claude scans your codebase for vulnerabilities, validates each finding to cut false positives, and suggests patches you can review and approve.
@basedgunnar @rockkdev I think it's a good idea to get into the habit of going directly to the app instead of clicking links in emails, even if they seem legit.
I received this phishing email last night as well. On the surface it looks legit, and since it's from Robinhood and not a random email address, it did have me concerned for a minute.
First thing I checked was the <from> and <to> addresses and I noticed my email address had a dot in it. Obviously I didn't create my RH account with the dot in my email.
Next I logged into the app and there was no mentioned of the case # or an unrecognized device logged in. Just to be safe, I went to Devices and logged out all other devices.
If you're concerned it's worth changing your password, make sure MFA and/or a passkey is setup on your account.
New Robinhood phishing chain that's kinda beautiful:
1. Attacker creates an RH account using the Gmail dot trick of your email (same inbox, different address)
2. Sets device name to HTML
3. RH's "unrecognized activity" email renders the device name unsanitized (html injection)
The result is a real email from [email protected], DKIM pass, SPF pass, DMARC pass, with a phishing CTA
Just because it's real, doesn't mean it's safe... $HOOD
GPT-5.5 support in the new OpenClaw version
OpenClaw 2026.4.23 🦞
🧠 GPT-5.5 lands
🎨 Image gen/editing: Codex OAuth + OpenRouter
🧵 Forked-context subagents
💬 Telegram, Slack + WhatsApp polish
🛠️ Install/update fixes
Sharper models, smoother claws.
https://t.co/9Ucwi3NMQI
Bitwarden identified and contained a malicious package briefly distributed through the npm delivery path for the Bitwarden CLI in connection with the broader Checkmarx supply chain incident. No user vault data or production systems were compromised or at-risk. Additional details and updates are available here: https://t.co/9xRzNxmCOS
https://t.co/3gVCWbfQgB
How A Roblox Cheat Download Triggered A $2 Million Hack At Vercel
An employee at a small AI startup called Context AI was searching for and downloading "auto-farm" scripts and game exploit executors, the kind of tool that automates grinding inside Roblox. Hidden in one of those downloads was Lumma Stealer, one of the most widely distributed pieces of infostealer malware currently in circulation.
The attacker used those credentials to breach Context AI, steal the OAuth tokens of its customers, and pivot into the Google Workspace of a Vercel employee who had signed up for Context AI's product and granted it "Allow All" permissions on their enterprise account.
Wow - link to the full article below.
Bitwarden CLI 2026.4.0 was compromised.
🚨 Bitwarden CLI 2026.4.0 was compromised as part of the ongoing Checkmarx supply chain campaign after attackers abused a GitHub Action in Bitwarden’s CI/CD pipeline.
We’ll continue updating our coverage as more details are confirmed.
https://t.co/G0aakn8swq
Ok, I finally figured out the issue with these Discord warning messages and it was classic user error 😅
A few weeks ago I installed Hermes to try it out and I left both OpenClaw and Hermes services running and both were receiving the Discord messages.
I disabled Hermes and back on OpenClaw only for now.
Ever since upgrading to OpenClaw 2026.4.12 (I think) with openai-codex, I've been getting max retry and invalid API response messages in Discord even though my agent replies.
Anyone else seeing this too? I upgraded to the newest 2026.4.15 earlier, this doesn't happen with Telegram and I don't see anything in the logs. I have plenty of usage remaining on my plan.
-----
Max retries (3) for invalid responses — trying fallback...
Invalid API response shape. Likely rate limited or malformed provider response.
Max retries (3) exceeded for invalid responses. Giving up.
@steipete I noticed this back on April 6th in the docs, but I couldn't get it to work with the version I was trying on 2026.4.2. It wouldn't create the auth-profiles.json file.
https://t.co/xTCM0tL9fC
Did Anthropic unblock first party harness?! Yesterday, this was failing and it appears the OpenClaw docs have been updated.
claude -p --append-system-prompt 'A personal assistant running inside OpenClaw.' 'is clawd here?'
Yes, Claude is here. What can I help you with?
Last Seen Users on Sotwe
حضرميه🌹💜
Seen from Saudi Arabia
Nhung
Seen from Thailand
U g h t e a Ngeunah
Seen from Switzerland
Love ❤️ sex🫦or
Seen from Singapore
นิยมแอบถ่าย
Seen from Thailand
Asia 18+
Seen from Thailand
Wife fucking with friends
Seen from South Africa
GAEL RODI
Seen from Panama
ali g
Seen from Pakistan
Jocelyn🍒
Seen from Turkey
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers