Olivia
Online
Morgan Wilde
@ormusai
Yeah. Of course I’ve always taken a lot of notes.
Joined February 2025
99 Following
33 Followers
509 Posts
We just hit $1.5M ARR with GojiberryAI
To celebrate, I put together a short document breaking down exactly how we got there.
Feel free to share it, and tag a founder who could benefit from it 🙌
North Korea is targeting npm maintainers -- not for crypto, but for write access to packages downloaded trillions of times a year.
Several Socket engineers were targeted in this campaign -- myself, @ljharb, @jdalton, and others. None of us fell for the bait. Unfortunately, the axios maintainer did. No shame in that -- these aren't phishing emails. They're weeks-long ops with fake companies, fake Slack workspaces, and spoofed meeting platforms built with realistic Zoom/Teams interfaces using the official SDKs for realism.
Other confirmed targets: @matteocollina (Fastify, Pino, Undici, Node.js TSC Chair), @wesleytodd (Express TC), @voxpelli (mocha, neostandard).
The common thread? High-trust maintainers with publish access to packages that sit deep in everyone's dependency tree.
The attack chain: build rapport over weeks, schedule a video call, fake an audio error, prompt the target to install a "fix." That fix is a RAT. Once it's on your machine, they have your .npmrc tokens, browser sessions, AWS creds, keychain. 2FA doesn't matter. OIDC publishing doesn't matter. Game over.
Security researcher @tayvano_ linked this to UNC1069, a DPRK-nexus group Mandiant has tracked since 2018. Why social engineer one rich person when you can compromise one maintainer and reach millions of machines?
This is the threat model now. If you maintain popular packages, act accordingly. If you use open source (and you certainly do), act accordingly.
Full writeup: https://t.co/bNKdrLmwMn
How Axios was compromised 🤯
Using npm packages is like playing Minesweeper
🚨 CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages.
The latest [email protected] now pulls in [email protected], a package that did not exist before today. This is a live compromise.
This is textbook supply chain installer malware. axios has 100M+ weekly downloads. Every npm install pulling the latest version is potentially compromised right now.
Socket AI analysis confirms this is malware. plain-crypto-js is an obfuscated dropper/loader that:
• Deobfuscates embedded payloads and operational strings at runtime
• Dynamically loads fs, os, and execSync to evade static analysis
• Executes decoded shell commands
• Stages and copies payload files into OS temp and Windows ProgramData directories
• Deletes and renames artifacts post-execution to destroy forensic evidence
If you use axios, pin your version immediately and audit your lockfiles. Do not upgrade.
@AliGrids I haven’t found a single upgrade in terms of UX from iOS 18 and I’ve been using it for 3 months now. Sad.
@AliGrids This is the most beautiful thing I’ve seen in a long time! What in the world is it?! 😮
@hxyden I've been playing around with the xcode cli tools and I have some scar tissue to know that this is HARD to get. As a dev, I'm just in awe! GG
Last few years we've talked a lot about UI performance: signals, react compiler, etc.
Opening the shadcn basic dropdown menu on my M4 MBP takes
- 550ms (4x CPU throttling)
- 150ms no throttling!
JS is only 10%. Could be 0 and your app is still slow
CSS is the problem
@goncalo_canhoto @hagaetc I don't think it's so much a clear target as a clear path to get there.
To finish under X time all you have to do is pace every kilometer at or under Y min/km pace. Just follow the route.
@superscribeio @nikitabier @0x45o The calculator is for monetization. What matters for people like us the most is reach. This just means we won’t have any more reach.
@daniel_nguyenx I’m not sure who you are, but I can reply - cool
@nikitabier @forgebitz Serious question for Nikita - we've spent the last decade on creating an online world. This is hinting at creating walled gardens based at physical location where you can't reach anyone outside of your physical location.
Going backwards in time?
@martinlasek @levelsio @nikitabier @romanhelmetguy Why would the reach remain the same? X will be making fewer dollars from your posts, it would be crazy to NOT to optimize for max dollars for the platform.
Which means - your reach in the US will be dead on X.
lots of AI cos starting to experiment with paid marketing so here’s my take:
Paid acquisition is a tax on your product's defensibility. the moment you can't out-spend the incumbents and competitors, you die. build channels that get cheaper as you grow or you're just renting your growth
@tomosman It’s always been like that because to build something new you need genuine insight. It’s hard and it takes a lot of work.
@hxyden Nice promo for cloud device simulators!
@pierreeliottlal So that’s 344k businesses contacted?!? Holy moly! Getting just 4k replies seems scary low.
Last Seen Users on Sotwe
Türbanlı Hatunlar
Seen from Turkey
XING FUFU 
Seen from Vietnam
MDROMAN MIAH
Seen from India
Koyu mavi
Seen from Turkey
Yağız
Seen from Turkey
Black Bull ♠️
Seen from Brazil
Muhtar
Seen from Turkey
Curvy Move
Seen from Turkey
Next Chapter of คาปิบาบ๊อง 🦫 แอค(ไม่)ล็อค
Seen from Thailand
Minh
Seen from Vietnam
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.4M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.6M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers