Next.js just got its worst vulnerability ever, CVSS 8.6.
→ affects versions 13.4.13+, 14.x, 15.x, and 16.0.0–16.2.4
→ attackers can access your internal services, cloud credentials, API keys, and admin panels
→ no authentication needed
→ one crafted request is all it takes
→ roughly 79,000 instances are exploitable right now
→ vercel-hosted apps are safe, self-hosted are not
upgrade to 15.5.16 or 16.2.5 immediately.
I received $150 in USDT back just by spending with my Tria card.
Spend crypto, earn real rewards, and use your Tria card across 150+ countries.
#MyTriaCashback
Get your Tria card now:
https://t.co/dvPvMTziDE
I received $150 in USDT back just by spending with my Tria card.
Spend crypto, earn real rewards, and use your Tria card across 150+ countries.
#MyTriaCashback
Get your Tria card now:
https://t.co/dvPvMTziDE
🚨 CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages.
The latest [email protected] now pulls in [email protected], a package that did not exist before today. This is a live compromise.
This is textbook supply chain installer malware. axios has 100M+ weekly downloads. Every npm install pulling the latest version is potentially compromised right now.
Socket AI analysis confirms this is malware. plain-crypto-js is an obfuscated dropper/loader that:
• Deobfuscates embedded payloads and operational strings at runtime
• Dynamically loads fs, os, and execSync to evade static analysis
• Executes decoded shell commands
• Stages and copies payload files into OS temp and Windows ProgramData directories
• Deletes and renames artifacts post-execution to destroy forensic evidence
If you use axios, pin your version immediately and audit your lockfiles. Do not upgrade.
To manage growing demand for Claude we're adjusting our 5 hour session limits for free/Pro/Max subs during peak hours. Your weekly limits remain unchanged.
During weekdays between 5am–11am PT / 1pm–7pm GMT, you'll move through your 5-hour session limits faster than before.
The best infrastructure is the kind you never think about. and the best time to bet on infrastructure is when no one's paying attention.
People see the card. The swaps. The yields. The perps.
POV: A guy with ChatGPT and Google AlphaFold just built a custom mRNA cancer vaccine to save his dog.
this story is actually insane.
a tech guy in australia adopted a rescue dog with aggressive cancer and only months to live.
so he did something wild:
> paid ~$3k to sequence the tumor dna
> used chatgpt to analyze the mutations
> used google’s alphafold to model the proteins
> identified drug targets and designed a custom mRNA cancer vaccine
he had zero background in biology.
after months of paperwork, the vaccine was approved and injected.
within weeks the tumor shrank dramatically and the dog started recovering.
meanwhile pharma companies are running $1B trials to do the exact same thing.
the future of personalized medicine with AI is going to be insane.