Sarthak Goswami has exposed the ugly truth behind the ethanol narrative.
He travelled to Byrnihat to find out why a town with fewer than one lakh residents is more polluted than Delhi, Ghaziabad, and even Lahore.
What he found was shocking: over 80 factories crammed into a small area, relentlessly pumping pollutants into the air.
The irony? Many of these factories produce ethanol—the very fuel being promoted as a solution to pollution.
Now the question is simple: can Nitin Gadkari answer these concerns with facts, instead of branding critics as anti-national?
This 17 year old from Jharkhand did more journalism sitting at his home than the entire Indian Media combined did in 12+ years.
This is inspiring stuff, Sarthak may have fixed CBSE forever.
Legendary stuff, Must Watch 👏
🚨 Supply chain attack on the Laravel Lang organization:
700+ historical versions across multiple community-maintained Laravel Lang packages were compromised with an RCE backdoor, including:
laravel-lang/lang
laravel-lang/http-statuses
laravel-lang/attributes
Laravel-Lang/actions
The payload targets cloud creds, CI/CD secrets, Kubernetes tokens, Vault, browser data, password managers, SSH keys, and more.
UPDATE: So far we've identified 639 compromised npm package versions across 323 unique packages in tonight’s Mini Shai-Hulud wave.
That includes 558 versions across 279 unique @antv packages. Most were detected within ~6 minutes of publication.
https://t.co/JXJK1NT4dp
SECURITY ADVISORY — TanStack npm packages
A supply-chain compromise affecting 42 @tanstack/* packages (84 versions total) was published to npm earlier today at approximately 19:20 and 19:26 UTC. Two malicious versions per package.
Status: ACTIVE — packages are deprecated, npm security engaged, publish path being shut down.
Severity: HIGH — payload exfiltrates AWS, GCP, Kubernetes, and Vault credentials, GitHub tokens, .npmrc contents, and SSH keys.
If you installed any @tanstack/* package between 19:20 and 19:30 UTC today, treat the host as potentially compromised:
• Rotate cloud, GitHub, and SSH credentials immediately
• Audit cloud audit logs for the last several hours
• Pin to a prior known-good version and reinstall from a clean lockfile
Detection — the malicious manifest contains:
"optionalDependencies": {
"@tanstack/setup": "github:tanstack/router#79ac49ee..."
}
Any version with this entry is compromised. The payload is delivered via a git-resolved optionalDependency whose prepare script runs router_init.js (~2.3 MB, smuggled into each tarball at the package root).
Unpublish is blocked by npm policy for most affected packages due to existing third-party dependents. All 84 versions are being deprecated with a SECURITY warning, and npm security has been engaged to pull tarballs at the registry level.
Full technical breakdown, complete package and version list, and rolling status updates:
https://t.co/Zy8qG7PA9f
Credit to the security researcher for responsible disclosure.
In this letter, the CEO of Coinbase talks about non-technical teams shipping production code. Honestly, I don’t think he knows what he’s talking about.
Using AI agents makes it possible for teams who are not deeply technical in the syntax of a language to ship production code. But that team had better be very deeply technical in managing the structure and quality of the code that is produced.
What the agents give us is the ability to disengage from deep syntax. But they do not give us the ability to disengage from modular design and architecture. You still need to be deeply technical in those topics in order to produce good production quality code.
Did you know about Clear-Site-Data header? 👀
One HTTP header to clear cookies, storage, or cache for your site. Perfect for logout flows.
Learn more 👇
https://t.co/T31Pu6Prry
Shipped something I've wanted for a while: Jotle - A minimalist notes / docs app without any bloat features.
Design is minimalistic but not barebones, designed to be quick and fades into the workflow.
https://t.co/fPXXo3lQNQ
#shipped#notespp#freeware
@arjunz Ah! Make your 404 responses as small as possible, remove even the headers that are not required, if these requests are in millions every day, you’ll end up saving a little bandwidth.
So, it's confirmed that Indian government hired influencers to spread propaganda on Ethanol blended petrol. These influencers include Abhishek Malhan, Mahesh Keshwala, Arun Kushwah, RJ Naved, RJ Praveen, Neha Nagar, Sanjay Kathuria, Vishal Rattewal, etc.
Videos in this thread.