@Techmeme@techhub.socialGitHub says it has begun collecting pseudonymous client-side telemetry from command-line interface (CLI) users and enabled it by default (Brandon Vigliarolo/The Register)
https://www.theregister.com/2026/04/22/github_opts_all_cli_users/
@pimterry@toot.cafeStaged publishing for npm! Finally 🙏
I'm only just starting to test it now, but in theory at least this trusted publishing could very significantly tighten up the security posture for lots of packages. Would be fantastic to see the current wave of attacks slow down a bit.
https://docs.npmjs.com/staged-publishi…
@adamhotep@infosec.exchangeRE: https://mastodon.social/@nixCraft/116454784259012506
Big compromise at Bitwarden, affecting only the command-line interface. If you had that, you need to update and investigate the damage that may have been done. It looks like this targets Gi…
@wwwgem@social.linux.pizzaCan’t thank the community enough for building ways to avoid being stuck in the YouTube economy:
- https://gitlab.com/christosangel/magic-tape
- Peertube, invidious, and other instances
-
@Techmeme@techhub.socialGoogle has quietly released an unsupported Workspace CLI, making it easier for agentic AI tools to access Gmail, Calendar, Drive, Docs, and other apps (Ben Patterson/PCWorld)
https://www.pcworld.com/article/3079523
@kingconsult@berlin.social> Users of #GitHub's command-line interface (#CLI) who value #privacy, beware. The #Microsoft-owned code-hosting platform has quietly begun collecting pseudonymous client-side #telemetry from CLI users and enabled it by default.
Wed 22 Apr 2026, Brandon Vigliarolo, The Register: #Datenschutz #TeamDatenschutz #DataProtection #DiDay
