Olivia
Online
lightcap.eth ๐ด
@lightcap
Heretic @ Codezero. (also CTO/CPO)
Joined January 2007
1.1K Following
789 Followers
15.6K Posts
ย Pinned Tweet
Credentials continue to be the target of just about every attack in 2026.
๐จ The "๐ผ๐๐๐๐๐๐๐๐" Campaign is live...
๐ป,๐ฝ๐ท๐พ malicious commits to ๐ป,๐ป๐ผ๐ท GitHub repositories in a six-hour window.
Using throwaway accounts and forged author identities (build-bot, auto-ci, ci-bot, pipeline-bot), the attacker injected ๐ถ๐๐๐ท๐๐ ๐ฐ๐๐๐๐๐๐ workflows containing ๐๐๐๐๐ผ๐บ-๐๐๐๐๐๐๐ bash payloads that exfiltrate:
- CI secrets,
- cloud credentials
- SSH keys
- OIDC tokens
- source code secrets
Check your repo / Technical details: https://t.co/tua3jYU1wa
Gotta give it to the folks working on @opencode. I prefer the clean design of their TUI by *miles and miles* over any other TUI/CLI interface.
Honestly, it's beautiful and so well thought out.
Open source winning a lot these days.
@BenjaminHouy Hopefully scrubbed of PII/NPI ๐ฌ
@JacksonAtkinsX @cursor_ai I thought about trying to recreate it with their new SDK. But I can't seem to nail the prompt that ends up with these fine-grain bug finds. And it's tough to do evals because of how it works in the first place.
@JacksonAtkinsX Just wish I could run it locally rather than waiting for whole remote cycle.
I wanna try sotto but not prepared to drop $49 on the hope that it's better than other apps @thekitze. Why no trial?
@JacksonAtkinsX Yeah I don't think I've hit 21 rounds, but pretty damn close. I won't turn it off, though, because bugbot does find lots of little nitpick bugs that I think are still important. It's worth the back and forth.
My skill is called "ship" and it includes that same watch concept.
@wthisgoingon25 @UziCryptoo @romans11732 Whatโs your point? Medical costs are the number one reason for bankruptcy in the US. Yes taxpayers paid. You understand thatโs how the insurance industry works too? Aggregate risk. People love to forget that insurance is inherently socialist.
@kneath For sure. I have it isolated with its own email, messaging etc. Not my accounts. But I do use Hermes more than others.
Everyone working on more memory and more context.
What we need is more *relevant* memory and context.
Context pruning is going to be far more important than accumulation.
@kneath "Just buy a mini"
@kneath Have you looked at Ironclaw? Folks at NEAR did it, it's not bad. Definitely better security posture from the start at least.
@steipete Still a bit too buggy for me. The idea is fantastic though. Definitely rooting for them and want the product.
@kneath I haven't played with Moltis yet. Why'd you choose it? (other than rust).
@HermesAgentTips @Bitwarden Donโt get me wrong itโs a step in the right direction. But itโs not the whole story.
@HermesAgentTips @Bitwarden It doesnโt prevent leaks into context or logs. It still puts the plaintext key in runtime where it can be logged, stolen via prompt injection and a dozen other ways. It does keep keys from lying around in plaintext in .env files or copy pasta.
@kneath What are you using these days?
@kneath Arenโt they so helpful sometimes? ๐
@itsallrandom69 @altryne @Teknium Supporting all the vaults possible. If you wanna use 1p you shouldnโt be blocked from doing it right.
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers