Matt Elliott

Boulder Chamber Transportation Connections

15 days ago

@I_CU_boy Rough year. Went from thinking we had a shot at multiple championships to the AFC Championship loss, Nuggets exit, and then this WCF collapse. Gutting.

0

8

0

275

Who to follow

@BTransportC

Boulder Chamber Transportation Connections collaborates with the public and private sectors to reduce single occupant vehicle travel. 🚲🚶🚌

Chris Elliott ✝️

@celliott80

Follower of my Lord and Savior Jesus Christ, Designer, Web Developer and Illustrator.

@v3xlrm1nOwo1

@v3xlrm1n

My new main account: @v3xlrm1nOwo1

15 days ago

@Romi_Bean Stings so bad. Absolutely humiliating.

0

334

15 days ago

Congrats to VGK. They were the better team this series. The Avs never had an answer.

15 days ago

final.

1K

2K

106

56

383K

0

70

mattelliott retweeted

Vic Lombardi

@VicLombardi

15 days ago

My God that was one of the most disappointing and depressing ends to a season I can remember. Like falling off a cliff. Into quicksand. Wearing a weight vest. On your wedding day.

84

1K

44

12

27K

mattelliott retweeted

DNVR Avalanche

@DNVR_Avalanche

17 days ago

It was our year man 💔

104

734

29

13

21K

mattelliott retweeted

Drew Livingstone

@ProducerDrew_

17 days ago

I don’t know if Jared Bednar will be back after this. Wouldn’t shock me to see them move on #GoAvsGo

140

644

19

14

82K

17 days ago

Season is all but over. Absolute collapse.

17 days ago

All comes down to Tuesday.

835

1K

76

30

278K

0

31

mattelliott retweeted

The Hacker News @TheHackersNews

17 days ago

All comes down to Tuesday.

835

1K

76

30

278K

mattelliott retweeted

22 days ago

🚨 GitHub is investigating TeamPCP’s claim: ~4,000 internal repositories allegedly stolen and listed for sale ($50,000+). This comes as the group’s Mini Shai-Hulud worm just hit #Microsoft’s durabletask PyPI package (v1.4.1–1.4.3) — a #Linux-only infostealer that spreads via AWS SSM + Kubernetes. Worth rotating secrets and scanning your repos. Full story: https://t.co/m6iAHb1pXA

TheHackersNews's tweet photo. 🚨 GitHub is investigating TeamPCP’s claim: ~4,000 internal repositories allegedly stolen and listed for sale ($50,000+).

This comes as the group’s Mini Shai-Hulud worm just hit #Microsoft’s durabletask PyPI package (v1.4.1–1.4.3) — a #Linux-only infostealer that spreads via AWS SSM + Kubernetes.

Worth rotating secrets and scanning your repos.

Full story: https://t.co/m6iAHb1pXA

10

214

68

47

52K

mattelliott retweeted

23 days ago

🚨 BREAKING: Socket is investigating an active npm supply chain attack compromising hundreds of packages in the @antv ecosystem. The malicious publish wave appears tied to Mini Shai-Hulud and packages connected to the npm maintainer account atool.

SocketSecurity's tweet photo. 🚨 BREAKING: Socket is investigating an active npm supply chain attack compromising hundreds of packages in the @antv ecosystem.

The malicious publish wave appears tied to Mini Shai-Hulud and packages connected to the npm maintainer account atool. https://t.co/KscFwa7Dx3

53

1K

263

337

603K

28 days ago

Easily best new feature in the new version of @raycast — and there are some great new features.

Pedro Duarte

@peduarte

28 days ago

dictation in the new @raycast is really good - custom instructions for how you want it to be formatted - use context from active app to improve accuracy - custom vocabulary for those tricky words - custom styles for diff processing on diff apps (ie: slack, twitter, email) - dictation history! https://t.co/17SEMkwXzQ

23

105

4

15

8K

0

2

0

100

mattelliott retweeted

28 days ago

COMEBACK COMPLETE. SERIES OVER.

169

5K

1K

47

185K

mattelliott retweeted

30 days ago

This is why @pnpmjs's latest v11 release was the top story in Socket Weekly this past week - it includes smart defaults that put roadblocks in front of attacks like this. Hard to imagine a more relevant release for this week’s supply chain chaos. 🔮 https://t.co/IE1l8KhvdB

4

507

67

266

79K

mattelliott retweeted

about 1 month ago

🚨 UPDATE: Mini Shai-Hulud has crossed from @npmjs into @pypi and is still spreading. Newly confirmed compromised artifacts: @opensearch-project/opensearch: 3.5.3, 3.6.2, 3.7.0, 3.8.0 (1.3M weekly downloads) mistralai: 2.4.6 on PyPI guardrails-ai: 0.10.1 on PyPI additional @squawk/* packages on npm guardrails-ai 0.10.1 executes malicious code on import. On Linux, it downloads git-tanstack[.]com/transformers.pyz, writes it to /tmp/transformers.pyz, and runs it with python3 without integrity verification. The git-tanstack.com domain displayed a message signed “With Love TeamPCP,” along with: “We've been online over 2 hours now stealing creds Regardless I just came to say hello :^)” The page also linked to a YouTube video and you can probably guess which one.

SocketSecurity's tweet photo. 🚨 UPDATE: Mini Shai-Hulud has crossed from @npmjs into @pypi and is still spreading.

Newly confirmed compromised artifacts:

@opensearch-project/opensearch: 3.5.3, 3.6.2, 3.7.0, 3.8.0 (1.3M weekly downloads)

mistralai: 2.4.6 on PyPI

guardrails-ai: 0.10.1 on PyPI

additional @squawk/* packages on npm

guardrails-ai 0.10.1 executes malicious code on import. On Linux, it downloads git-tanstack[.]com/transformers.pyz, writes it to /tmp/transformers.pyz, and runs it with python3 without integrity verification.

The git-tanstack.com domain displayed a message signed “With Love TeamPCP,” along with: “We've been online over 2 hours now stealing creds
Regardless I just came to say hello :^)”

The page also linked to a YouTube video and you can probably guess which one.

62

2K

483

924

963K

about 1 month ago

Round 2 in 5 💪

about 1 month ago

Back to Ball we go 😤

14

840

54

9

15K

0

13

mattelliott retweeted

about 1 month ago

A mild one 😏

75

4K

467

11

58K

mattelliott retweeted