Glossifi

i don’t like the attempt from some insiders to paint the zcash bug disclosure as “heroic” it’s not heroic. it’s a systemic problem yes they paid a smart researcher to find bugs and he did. that’s great but the issue isn’t that the bug existed the issue is that zcash, unlike almost any other cryptocurrency, enables a unique class of bugs, where if they’re exploited no one would know this unique class still exists. the fact that they fixed this specific bug is immaterial. mythos could find 8 others. and then mythos 2 bugs can exist in all cryptocurrencies. they can exist in btc or eth or sol. but if someone exploits them we will IMMEDIATELY KNOW and limit the damage with zcash, when someone secretly finds a bug and exploits it, WE WILL NOT KNOW imagine if the kelpdao hack was exploited but it somehow magically wasn’t visible onchain. the attacker stole 300m but no one would know. and aave and other apps would assume everything is fine not knowing that they secretly have a hole in the balance sheet. how much wider would the damage have spread by the time we found out? this is the real issue. not a specific bug. the systemic vulnerability: if a hack happens, we won’t know until much later and a lot of zcashers have been trying to downplay the severity of this fundamental issue for years (including yesterday when this was first disclosed but played down) regardless of this specific bug, i don’t think zcash is a safe place to store meaningful wealth long-term, until the design fundamentally changes i wish zcashers were more open about that. that would’ve been heroic

‼️🚨 A new npm supply-chain attack compromised 57 packages across over 286 malicious versions in under 2 hours. The attackers used self-replicating malware, a new version of the Miasma worm, which also used evasion techniques to stay under the radar. The payload targets CI/CD and developer credentials, including GitHub Actions secrets, cloud credentials, Vault tokens, SSH keys, npm and GitHub tokens, and password-manager stores. This variant also injects AI coding assistant config files at `.claude`, `.cursor`, `.gemini`, and `.vscode` paths, a separate persistence and repo-poisoning angle.

intelligence DAOs are a new type of network that put intelligence at the center. a central context window of knowledge that creates leverage for the business line of the dao. organized as a GitHub repository, obsidian vault, or Dropbox folder. humans and agents at the edge that “garden” the context, building and maintaining aqueducts of intelligence capital, financial capital, and other types of capital this is the AI era organizational paradigm applied to networks/DAOs