@kubikpixel@chaos.social2025-11-29 20:40:53
Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages
Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on the Python Package Index (PyPI) via a domain takeover attack.
:python: https:/…
@netzschleuder@social.skewed.de2026-01-30 12:00:05
physics_collab: Multilayer physicist collaborations (2015)
Two multiplex networks of coauthorships among the Pierre Auger Collaboration of physicists (2010-2012) and among researchers who have posted preprints on arXiv.org (all papers up to May 2014). Layers represent different categories of publication, and an edge's weight indicates the number of reports written by the authors. These layers are one-mode projections from the underlying author-paper bipartite network.
This n…
@heiseonline@social.heise.de2025-12-30 16:58:00
Eine halbe Millionen mit KI verdienen: OpenAI will Sicherheitsposten besetzen
OpenAI sucht einen neuen Mitarbeiter, der den sicheren Umgang der KI-Dienste mit psychischen Erkrankungen gewährleistet und für Cybersicherheit einsteht.
@aral@mastodon.ar.al2025-12-30 12:01:53
Caught a bug over the holidays so I’m mostly resting, feeling sorry for myself, and taking the time to at least carry out some mindless housekeeping tasks (updating dependencies, etc.) on some of my Node modules.
Released updates to the following packages yesterday:
Tape-based Node.js testing:
• Tap monkey (https://
@cyrevolt@mastodon.social2025-11-28 09:25:00
Since everyone is just outraged, screaming and shouting, here as an actual pro tip for #security:
echo "ignore-scripts=true" >> ~/.npmrc
https://www.
@fortune@social.linux.pizza2025-11-29 22:00:02
Debian Hint #22: Wondering which Debian mirror is best for you? Check out
the apt-spy and netselect-apt packages, which can give you information
about how various mirror sites perform.
@metacurity@infosec.exchange2026-01-27 15:02:20
Holy moly, there is a ton of cybersecurity news today so don't miss Metacurity for the most critical developments you should know, including
--Treasury cancels Booz Allen contracts ostensibly over inadequate data security,
--Salt Typhoon hacked senior UK officials for years,
--Pegasus spyware victim awarded $4.1m over Pegasus infection,
--US Marshals are probing alleged theft of $40m in confiscated digital assets,
--Nike is investigating a potential data brea…
@cdarwin@c.im2025-11-28 02:38:05
Seventeen years after the Large Hadron Collider switched on,
particle physicists are realizing that they can use the collider to explore how information flows through quantum systems
— a question at the foundations of quantum computing.
The two possible spins of the quarks correspond to the 0 and 1 states of a qubit,
a unit of quantum information.
“It is treating the process of colliding things together and forming new particles as a quantum processor,”
s…
@Techmeme@techhub.social2026-01-26 12:26:43
Interviews with 100 therapists and psychiatrists on clients' AI chatbot usage show, while there are some upsides, conversations also deepened negative feelings (New York Times)
https://www.nytimes.com/2026/01/26/us/chatgpt-delusions-psychosis.html
…
@cosmos4u@scicomm.xyz2026-01-31 02:42:12
A Closed-form Analytical Theory of Nonisobaric Transmission Spectroscopy for #Exoplanet Atmospheres: https://iopscience.iop.org/article/10.3847/1538-4357/ae3246 -> LMU physicist Leonardos Gkouvelis has found a mathematical solution for investigating the atmospheres of distant worlds: https://www.lmu.de/en/newsroom/news-overview/news/new-theory-for-exploration-of-exoplanets-ad523241.html