Podcasts about CPanel

On this week's show Patrick Gray, Adam Boileau and James Wilson discuss the week's cybersecurity news. They cover: Anthropic's Fable 5 and Mythos 5 get nuked by the US government four days after launch “because security” Why “guardrails” won't keep the world safe from your AI doomsday machine The FISA 702 statute expired, but the spying can (probably) continue! NPM v12 delivers some protection against supply chain attacks, but not enough. Microsoft has a series of bugs that prevent Windows Update from … updating Much, much more! This episode is also available on YouTube Show notes Anthropic suspends new AI models after government directive | NBC News Tech Anthropic rankles users with safety-first Fable release | NBC News Tech How a 90-minute White House deadline sparked Silicon Valley's biggest AI fight | washingtonpost.com Pete Hegseth (@PeteHegseth) on X | X (formerly Twitter) David Sacks (@DavidSacks) on X | X (formerly Twitter) DoW CIO Kirsten Davies (@DoWCIODavies) on X | X (formerly Twitter) David Shulman (@DavidShulmanFL) on X | X (formerly Twitter) Controversial FISA spying law expires tonight. The spying will continue. | Ars Technica GitHub announces npm security changes to tackle supply-chain attacks | BleepingComputer Why NPM v12 won't stop supply chain attacks - Risky Business Media | Social Signals Oracle PeopleSoft servers hacked in ShinyHunters data theft attacks | BleepingComputer Microsoft patches Exchange Server zero-day exploited in attacks | BleepingComputer Max severity Ivanti Sentry vulnerability now exploited in attacks | BleepingComputer CISA warns of another cPanel plugin flaw exploited in attacks | BleepingComputer Critical Fortinet FortiSandbox flaws now exploited in attacks | BleepingComputer CISA orders feds to patch actively exploited Ivanti flaw by Sunday | BleepingComputer CISA to require federal agencies to patch some cyber vulnerabilities within 3 days | therecord.media Path traversal flaw in AI dev platform Langflow exploited in attacks | BleepingComputer Microsoft: Some Windows PCs fail to install latest monthly updates | BleepingComputer Microsoft fixes BitLocker recovery bug on Windows Server 2025 | BleepingComputer Microsoft fixes Windows update failures linked to WUSA installer | BleepingComputer New attack turned Microsoft 365 Copilot into 1-click data theft tool | BleepingComputer Over 73,000 French govt employees affected in Tchap messenger breach | BleepingComputer Signal Alums Reveal ‘Encrypted Spaces,' a System for Making Private Collaboration Apps | wired.com FBI disrupts massive AI-powered phishing service using a million URLs | BleepingComputer Cyberattack shuts down major Australian sugar mills, disrupting harvest | The Record Drug Sites Hijacked Spotify's Search Ranking Through Fake Podcasts, Report Finds | wired.com It Is Trivially Easy to Use Reddit to Manipulate AI Search, Research Suggests | 404.feed.press Who Runs the Ransomware Group ‘The Gentlemen?' | krebsonsecurity.com :brdKnife: (@cR0w@infosec.exchange) | Infosec Exchange

Emergency talks fail to free Anthropic's Fable 5. Trump moves to strengthen national security systems. Microsoft patches a critical Copilot flaw. ShinyHunters weaponize a PeopleSoft zero-day. DragonForce hides in Microsoft Teams for months. Plus, Amos Stealer targets Macs, CISA issues a three-day patch deadline, Delta avoids penalties, and researchers show just how easy it is to manipulate AI search. Our guest is Mike Fey, Co-Founder & CEO at Island, discussing the architectural differences between network and modern SASE. Consulting meets confabulation. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today's Industry Voices, we are joined by Mike Fey, Co-Founder & CEO at Island, discussing the architectural differences between network and modern SASE. If you enjoyed this conversation, check out the full interview here.  Selected Reading Anthropic Is Still at Odds With the White House Over Claude Fable 5 (WIRED) Feds freaked over Fable 5 after simple 'fix this code' prompt, not jailbreak, says researcher (The Register) White House Issues Memo to Bolster NSS Cybersecurity (SecurityWeek) Microsoft Patches Critical SearchLeak Vulnerability in Copilot Enterprise (Beyond Machines) ShinyHunters Hits Universities Via Oracle Zero-Day (GovInfo Security) DragonForce Ransomware Exploited Microsoft Teams to Hide Attack (Infosecurity Magazine) Inside Amos Stealer: How This Threat Targets macOS Credentials and Keychains (CyberProof) CISA warns of another cPanel plugin flaw exploited in attacks (Bleeping Computer) US closes probe into 2024 Delta Air Lines meltdown sparked by CrowdStrike outage (Reuters) It Is Trivially Easy to Use Reddit to Manipulate AI Search, Research Suggests (404 Media) KPMG pulls report on AI usage due to apparent hallucinations (TechCrunch) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Mai menü: hackerek éjszakája cPanel megint, arbitrary root file system read Google Unveils AI Threat Defense Platform to Fight AI-Powered Cyberattacks a defender bárkit kinyír Elérhetőségeink:TelegramTwitterInstagramFacebookMail: info@hackeslangos.show

On this week's Security Sprint, Dave and Andy covered the following topics:Opening:• 27th Annual TribalNet Conference & Tradeshow, 20 – 24 Sep, Dallas, TX• 02 Jun! WaterISAC H2OSecCon (Virtual Conference)Main Topics:Exploitation! and the KEV! • CISA Adds One Known Exploited Vulnerability to Catalog - CVE-2026-9082 Drupal Core SQL Injection Vulnerability• Drupal security advisory (AV26-492) - Update 2 - Canadian Centre for Cyber Security • CISA orders feds to patch actively exploited Drupal vulnerability - BleepingComputer • CISA Adds One Known Exploited Vulnerability to Catalog - CVE-2026-48172 LiteSpeed cPanel Plugin Privilege Escalation Vulnerability• CISA gives feds 4 days to patch actively exploited cPanel plugin flaw - BleepingComputer • CISA Adds One Known Exploited Vulnerability to Catalog - CVE-2026-0257 Palo Alto Networks PAN-OS Authentication Bypass Vulnerability• Palo Alto Networks Security Advisory AV26-462 — Canadian Centre for Cyber Security • ETR: Rapid7 Observed Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability CVE-2026-0257 — Rapid7 Ransomware & Data Breaches: • The Cyber Extortion Economy - Palo Alto Networks Unit 42 - 28 May 2026 “As recently noted by our Chief Security Intelligence Officer, Wendi Whitmore, it only took 39 seconds for threat actors to move from initial access to data exfiltration in one case.” • Stay Ahead of Ransomware: What 2026 Threat Reports Are Telling Us — SANS Institute — 01 Jun 2026• Charter Communications Data Breach Could Impact Nearly 5 Million • How St. Paul, Minn., Recovered From a Ransomware Attack • FBI FLASH - Silent Ransom Group Impersonating IT Personnel through Social Engineering - FBI IC3 & FBI warns of in-person data theft attacks from extortion gang • Charter confirms data breach after ShinyHunters extortion threat • The Gentlemen ransomware: Dissecting a self-propagating Go encryptor • The Gentlemen Ransomware Group Is Scaling Faster Than Any Other Group on Record • The Gentlemen (Ransomware) in Disguise: Defense Evasion and other TTPs World Cup:• FBI PSA - Threat Actors Spoofing FIFA Websites in Advance of the 2026 World Cup - FBI IC3 • FAA Establishes No Drone Zones for FIFA World Cup 2026 Stadiums, Fan Events and Base Camps — FAA • Column: Empower Emergency Managers for Major Events • Ebola concerns grow ahead of World Cup — The Hill Quick Hits:• The Future of AI Risk: Predictions for 2027 and Beyond - Gate 15 - 26 May 2026 • Top 10 Artificial Intelligence Security Actions Primer — Canadian Centre for Cyber Security • Mythos Exposes a Bigger Problem in Critical Infrastructure Cyber Defense - HSToday • NSA Launches Zero Trust Implementation Guidelines Resource Webpage — National Security Agency • Designing secure access with ZTNA - National Cyber Security Centre • The 2026 U.S. Midterms Have a Cyber Problem, But It's Not at the Ballot Box — Check Point & Hackers are already laying groundwork to disrupt 2026 midterms, research says — Nextgov • 'Holding our breath': Hurricane season is here, and FEMA is shorthanded — Politico

Originally recorded: Friday May 29, 2026In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A large-scale software supply chain attack dubbed “Megalodon” infected thousands of GitHub repositories with credential-stealing malware in a highly automated campaign that unfolded over a six-hour period on May 18, 2026.Researchers from OX Security have identified a malicious npm package named “mouse5212-super-formatter” that was designed to steal files from Anthropic Claude AI environments by targeting the “/mnt/user-data” directory.Convenience store giant 7-Eleven disclosed a data breach tied to an attack that occurred on April 8, 2026, involving systems that contained franchise-related documents. SecurityWeek article Matt references.CISA has issued an urgent warning about a critical vulnerability in the LiteSpeed cPanel Plugin, tracked as CVE-2026-48172, which is already being actively exploited in the wild.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Episode 174: In this episode of Critical Thinking - Bug Bounty Podcast we follow up from last episode with some advice for BB platforms, as well as cover a slew of writeups from Searchlight Cyber, watchTowr, and Starstrike.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynoraterhttps://x.com/rez0__https://x.com/gr3pmeCritical Research Lab:https://lab.ctbb.show/ ====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!Need a Pentest? We just launched CTBB Pentests!https://pentest.ctbb.show/Hack full time? Check out the Full-Time Hunter's Guild!https://ctbb.show/fthg====== This Week in Bug Bounty ======COST, AI frontier models and more: A measured take on the future of security testinghttps://www.yeswehack.com/security-best-practices/cost-mythos-future-security-testingCommon AI misconceptions debugged!https://www.intigriti.com/blog/business-insights/common-misconceptions-debugged#trend-3-validity-ratios-remain-constant-ai-slop-isnt-rising-as-a-proportionBountySync + Socialhttps://luma.com/bountysync_social====== Resources ======Ghosts of Encryption Pasthttps://slcyber.io/research-center/ghosts-of-encryption-past-salesforce-exacttarget/tessl Skill Optimizerhttps://tessl.io/registry/tessl/skill-optimizer/0.8.0The Internet Is Falling Down, Falling Down, Falling Downhttps://labs.watchtowr.com/the-internet-is-falling-down-falling-down-falling-down-cpanel-whm-authentication-bypass-cve-2026-41940/High Fidelity Check for the cPanel Authentication Bypasshttps://slcyber.io/research-center/high-fidelity-check-for-the-cpanel-authentication-bypass-cve-2026-41940/Achieving Deterministic Prompt Injection Through Client-Side Feedback Loopshttps://blog.starstrike.ai/posts/achieving-deterministic-prompt-injection-through-client-side-feedback-loops/GPT-5.5: Mythos-Like Hacking, Open To Allhttps://xbow.com/blog/mythos-like-hacking-open-to-allRemote Command Execution in Google Cloud with Single Directory Deletionhttps://flatt.tech/research/posts/remote-command-execution-in-google-cloud-with-single-directory-deletion/?utm_source=bugbountydaily.com&utm_medium=referral====== Timestamps ======(00:00:00) Introduction(00:09:20) AMPScript(00:25:10) Tessl Skill Optimizer(00:33:07) cPanel & WHM Authentication Bypass(00:40:46) Advice for Bug Bounty Programs(00:50:07) Prompt Injection Through Client-Side Feedback Loops(00:54:37) GPT 5.5(01:01:00) Remote Command Execution in Google Cloud

Another Universal Linux Local Privilege Escalation (LPE) Vulnerability: Dirty Frag https://isc.sans.edu/diary/Another%20Universal%20Linux%20Local%20Privilege%20Escalation%20%28LPE%29%20Vulnerability%3A%20Dirty%20Frag/32968 PAM Backdoors Steel Passwords https://flare.io/learn/resources/blog/pamdoora-new-linux-pam-based-backdoor-sale-dark-web CPanel Updates https://support.cpanel.net/hc/en-us/sections/360007088193-Security Let s Encrypt Briefly Halts Certificate Issuance https://letsencrypt.status.io

CPanel, WHM release fixes for three new vulnerabilities Official JDownloader site serves malware to Windows and Linux users Sen. Schumer seeks DHS plan on AI cyber coordination Get the show notes here: https://cisoseries.com/cybersecurity-news-new-cpanel-vulnerabilities-jdownloader-delivers-malware-schumer-pushes-dhs/ Huge thanks to our episode sponsor, Doppel Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call.   But Doppel sees through the disguise. Our AI-native platform detects and disrupts attacks across every channel, while training employees to recognize deepfakes and deception.   We fight relentlessly to protect your business, brand, and people.   Doppel. Outpacing what's next in social engineering.   Learn more at doppel.com.  

Referências do Episódio 秘密活动6年的神秘黑客组织Mr_Rot13正在利用cPanel高危漏洞部署后门木马PamDOORa: Analyzing a New Linux PAM-Based Backdoor for Sale on the Dark WebIncident Update: Saturday, May 9, 2026Roteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Synopsis Cette semaine, Patrick et Jacques reçoivent Jonathan Bastille, technicien informatique avec mandat sécurité au Cégep de Rivière-du-Loup. Jonathan raconte sa transition du privé vers le secteur public, et le contraste brutal entre la rapidité de décision en PME et le rythme « paquebot » d'un milieu où chaque changement passe par un conseil d'administration. La discussion bifurque rapidement vers la loi 25, l'illusion de conformité par bouts de papier, et l'attitude de trop de PME québécoises : « la sécurité, c'est pas important — j'attends que ça le devienne ». Le trio s'attaque ensuite à un sujet récurrent du podcast : la futilité de la majorité des campagnes de phishing simulé. Renforcement positif vs punition, tests qui ne mesurent que le clic au lieu du processus de détection en arrière, et l'argument central de Patrick — si vos employés deviennent bons à reconnaître votre simulation, ils ne deviennent pas pour autant bons à reconnaître les vraies attaques. Jonathan partage aussi une histoire concrète où il a bloqué le device code flow dans Microsoft, juste avant qu'une attaque réelle utilisant exactement cette technique frappe l'organisation. Côté actualités, plusieurs nouvelles passent au crible : le retour forcé au bureau qui a accouché du néologisme « téléprésentiel », la sortie maladroite du chef du CST qui blâme la proximité avec les États-Unis pour les cyberattaques canadiennes, et surtout le combo explosif CopyFeld + cPanel — une vulnérabilité Linux d'escalade de privilèges présente depuis 2007 et un piratage massif de panneaux d'administration d'hébergeurs. L'épisode se ferme sur une campagne de phishing déployant ScreenConnect chez 80+ organisations, un faux positif retentissant de Microsoft Defender sur des certificats DigiCert, et un rappel martelé : tant que les utilisateurs travaillent en local admin, aucun EDR ne va vous sauver. Crew Patrick Mathieu Jacques Sauvé Jonathan Bastille (invité spécial) Liens et ressources Patrick Microsoft Attack Surface Reduction Rules Device code phishing - Microsoft Microsoft Digital Defense Report Téléprésentiel – retour au bureau, 3 h de trafic pour Teams (Journal de Montréal) Proximité avec les États-Unis et cyberattaques – Radio-Canada cPanel / WHM – exploitation massive du contournement d'authentification (TechCrunch) Copy Fail – exploitation pour obtenir root sur Linux (CISA / BleepingComputer) Jacques Campagne phishing ScreenConnect 80+ organisations Microsoft Defender faux positif DigiCert / Cerdigent Jonathan Microsoft Defender for Endpoint Microsoft Sentinel Microsoft Intune Shamelessplug Inscriptions Hackfest 2026 Hackfest CTF Polar - journée pour les gestionnaires en cybersécurité Call for Paper Hackfest 2026 (mai à fin août) iHack - 30 mai 2026 (Québec, Trois-Rivières, Chicoutimi, Montréal) Discord Hackfest securite.fm Crédits Montage audio par Hackfest Communication Musique par Caleidisco – Candy Island - Much Too Loose Locaux virtuels par Streamyard

Rob Allen from Threatlocker joins us to discuss the risks associated with VPN appliances and how to implement better security solutions that don't leave you hanging out on the open Internet. The interview segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerrsac to learn more about them! In the Security News: Less details about the FCC router ban Canary traps that work Hacking trains and getting arrested You can be an adult if you have a mustache cPanel is being exploited Pro-Iran group takes down Ubuntu Anthropic's new security solution Safe AI Agents and other lies People still use screensavers? CISA and operating for weeks or months in isolation Paramiko issues fixes Find security research Copy/Fail and AI slop debate ESP32 simulator Spotting vibe coded malware Fast16 - Stuxnet before Stuxnet Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-925

Rob Allen from Threatlocker joins us to discuss the risks associated with VPN appliances and how to implement better security solutions that don't leave you hanging out on the open Internet. The interview segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerrsac to learn more about them! In the Security News: Less details about the FCC router ban Canary traps that work Hacking trains and getting arrested You can be an adult if you have a mustache cPanel is being exploited Pro-Iran group takes down Ubuntu Anthropic's new security solution Safe AI Agents and other lies People still use screensavers? CISA and operating for weeks or months in isolation Paramiko issues fixes Find security research Copy/Fail and AI slop debate ESP32 simulator Spotting vibe coded malware Fast16 - Stuxnet before Stuxnet Show Notes: https://securityweekly.com/psw-925

The team discusses a spate of major security flaws affecting Linux, Microsoft Edge and the cPanel web administration software. We also look at how kids are getting around online age checks, and ponder the US government's plan to test and certify AI models. For this week's Hot Hardware spot we completely rip up the rule book to showcase not one but two software tools, named FineTune and WhatCable. One helps you set volumes for different audio devices, while the other tells you the technical specifications of your USB cables and devices; there can be only one winner.

Rob Allen from Threatlocker joins us to discuss the risks associated with VPN appliances and how to implement better security solutions that don't leave you hanging out on the open Internet. The interview segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerrsac to learn more about them! In the Security News: Less details about the FCC router ban Canary traps that work Hacking trains and getting arrested You can be an adult if you have a mustache cPanel is being exploited Pro-Iran group takes down Ubuntu Anthropic's new security solution Safe AI Agents and other lies People still use screensavers? CISA and operating for weeks or months in isolation Paramiko issues fixes Find security research Copy/Fail and AI slop debate ESP32 simulator Spotting vibe coded malware Fast16 - Stuxnet before Stuxnet Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-925

Rob Allen from Threatlocker joins us to discuss the risks associated with VPN appliances and how to implement better security solutions that don't leave you hanging out on the open Internet. The interview segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerrsac to learn more about them! In the Security News: Less details about the FCC router ban Canary traps that work Hacking trains and getting arrested You can be an adult if you have a mustache cPanel is being exploited Pro-Iran group takes down Ubuntu Anthropic's new security solution Safe AI Agents and other lies People still use screensavers? CISA and operating for weeks or months in isolation Paramiko issues fixes Find security research Copy/Fail and AI slop debate ESP32 simulator Spotting vibe coded malware Fast16 - Stuxnet before Stuxnet Show Notes: https://securityweekly.com/psw-925

On this week's show, Patrick Gray and James Wilson are joined by special guest co-host Brad Arkin. They discuss the week's cybersecurity news, including: The US Government says we just have to patch faster, but… Bugs in cPanel, MoveIt and all Linux distributions this week show that patching alone isn't enough James gets mad about lame AI Agent adoption advice from the US and Australian Governments James Kettle and Niels Provos both showed us that any model can find 0day like Mythos And the cyber-assisted theft of cargo results in an astonishing loss of $725 million dollars This week's show is sponsored by SpecterOps. Their CTO, Jared Atkinson, chats to Pat about the big changes in the threat landscape, brought about by AI, that are causing a pivot away from detection and remediation, and toward prevention. This episode is also available on Youtube. Show notes Exclusive: US officials weigh cutting deadlines to fix digital flaws amid worries over AI-powered hacking, sources say | Reuters British cyber agency warns of looming ‘patch wave' as AI speeds flaw discovery | The Record from Recorded Future News Federal agencies must patch cPanel bug by Sunday, CISA says | The Record from Recorded Future News cPanel zero-day exploited for months before patch release (CVE-2026-41940) - Help Net Security The most severe Linux threat to surface in years catches the world flat-footed - Ars Technica New MOVEit vulnerabilities prompt urgent patch warning | Cybersecurity Dive US and allies urge ‘careful adoption' of AI agents | Cybersecurity Dive careful_adoption_of_agentic_ai_services.pdf User just tricked Grok and Bankrbot to send tokens with Morse code - Cryptopolitan Finding Zero-Days with Any Model (1872) Sponsored: James Kettle built an AI hacker - YouTube Feature Interview: Nicholas Carlini, Anthropic - Risky Business Media Trellix investigating breach of source code repository | Cybersecurity Dive Popular DAEMON Tools software compromised | Securelist Komari Red: The Monitoring Tool with a Built-in Reverse Shell | Huntress Hackers earning millions from hijacked cargo, FBI says | The Record from Recorded Future News Congress punts FISA renewal to June | The Record from Recorded Future News Cops Use Apple Data And Car Bluetooth To Identify Crypto Robbery Suspect Stewart Baker, outspoken voice on cybersecurity and national security law, dies at 78 | IAPP

The Cybercrime Magazine Podcast brings you daily cybercrime news on WCYB Digital Radio, the first and only 7x24x365 internet radio station devoted to cybersecurity. Stay updated on the latest cyberattacks, hacks, data breaches, and more with our host. Don't miss an episode, airing every half-hour on WCYB Digital Radio and daily on our podcast. Listen to today's news at https://soundcloud.com/cybercrimemagazine/sets/cybercrime-daily-news. Brought to you by our Partner, Evolution Equity Partners, an international venture capital investor partnering with exceptional entrepreneurs to develop market leading cyber-security and enterprise software companies. Learn more at https://evolutionequity.com

In this week's Security Sprint Dave and Andy covered the following topics:Opening• Homeland Security Funding Bill Passed, Includes Money for CISA • Browser Extensions and Shadow AI: Unmanaged Threats to Privacy — Gate 15• Data Centers, Telecommunications Networks, and Space-Based Systems: Modernizing DHS's SRMA Role for the Communications and IT Sectors — House Committee on Homeland Security• New Cybersecurity Guide Targets Rising Threats to Food and Agriculture SMBs • Maine Law Requires Hospitals to Enact Cybersecurity PlansMain TopicsNew FTC Data Show People Have Lost Billions to Social Media Scams - Federal Trade Commission - 23 Apr 2026 The Federal Trade Commission reported that consumers have lost billions of dollars to scams originating on social media platforms, with fraudsters leveraging impersonation, investment schemes, and romance scams to exploit user trust. Take9! 9 Seconds For A Safer World. Cyber threats are everywhere. And getting sneakier. What can you do to protect yourself, your community and our nation? New 2026 ‘IOCTA' highlights sophisticated tactics and emerging challenges in the digital landscape – Europol unveils comprehensive analysis of evolving cybercrime threats - Europol - 28 Apr 2026 Europol released its 2026 Internet Organised Crime Threat Assessment, warning that encryption, proxies, artificial intelligence, dark web marketplaces, cryptocurrencies, fraud ecosystems, ransomware, and child sexual exploitation are expanding the cybercrime landscape. Global Encryption Coalition (GEC). The Global Encryption Coalition (GEC) was founded in 2020 by the Center for Democracy & Technology, Global Partners Digital and the Internet Society and now has over 350 members. Gate 15 is a proud member of the GEC. Ransomware! Weekly ransomware & data leak landscape; A seven-day view of claim activity, leak escalation, actor concentration, sector shifts, and supporting news context from eCrime.ch. — eCrime.ch — 26 Apr 2026. The eCrime weekly report provides a seven-day analysis of ransomware claim activity, data leak site postings, actor concentration, and sector targeting trends. • NCC Group Monthly Threat Pulse - Review of March 2026 • Ransomware and Cyber Extortion in Q1 2026 - ReliaQuest Presidential Message on National Hurricane Preparedness Week - The White House - 03 May 2026 This message encourages Americans in hurricane-prone areas to prepare before the season by protecting property, building emergency plans, assembling supplies, and monitoring forecasts and evacuation routes. It emphasizes local and state frontline roles while describing federal support for response and recovery. • Hurricane Preparedness - NOAA • Summer forecast 2026: Heat, severe storms to shape the season as El Niño develops, strengthens - AccuWeather• 2026 Hurricane Awareness Webinars - NOAA Quick Hits• Email threat landscape: Q1 2026 trends and insights — Microsoft Security Blog • Tycoon2FA disruption impact• QR code phishing attacks• CAPTCHA tactics• Malicious payloads• Business email compromise• Defending against email threats• Microsoft Defender detections• Alert - AL26-008 - Vulnerability affecting cPanel and WebHost Manager (WHM) - CVE-2026-41940 - Canadian Centre for Cyber Security • Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks • To recover your files kindly send 0.1 BTC to… ransom note appears on websites • The cPanel Situation Is… - • cPanel authentication bypass vulnerability CVE-2026-41940 exploited • Over 40,000 Servers Compromised in Ongoing cPanel Exploitation • Cole Allen's journey from Caltech grad to accused gunman in D.C. attack • Footage shows White House correspondents' dinner suspect 'casing' hotel: US attorney • Washington Hilton says it was using Secret Service protocols on night of attack

Referências do EpisódioQuasar Linux (QLNX) – A Silent Foothold in the Supply Chain: Inside a Full-Featured Linux RAT With Rootkit, PAM Backdoor, Credential Harvesting CapabilitiesBreaking the code: Multi-stage ‘code of conduct' phishing campaign leads to AiTM token compromiseHackers target governments and MSPs via critical cPanel flaw CVE-2026-41940CISA Adds One Known Exploited Vulnerability to CatalogBackdoored PyTorch Lightning package drops credential stealerRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

✏️ Suscribirse https://www.youtube.com/watch?v=2Ly7D9ZiSaE La IA sigue ensanchando el campo de juego, pero en este episodio 251 la conversación no gira alrededor de anuncios grandilocuentes, sino de cómo meterla en sistemas de trabajo reales. Se habla de agentes con Codex y Kilo Code, de una migración práctica de cPanel a Vercel, de MCP dentro de WordPress y de una duda muy concreta: si diseñas con IA desde fuera, hasta qué punto tiene sentido volver a pasar por el builder. Codex, archivos `agents` y orquestación práctica Uno de los bloques más claros del episodio es el salto de usar IA como chat a usarla como sistema de agentes con contexto y roles definidos. El caso que se comenta con más detalle es Codex, sobre todo a partir de la posibilidad de definir agentes en archivos `agents`, darles instrucciones propias y dejar que el orquestador principal los invoque cuando toca. La parte interesante no es el truco de configuración en sí, sino lo que cambia a nivel de flujo. En lugar de repetir cada vez el mismo contexto o lanzar tareas desde cero, el sistema empieza a delegar según el tipo de trabajo, con nombres, roles e instrucciones más estables. También se menciona el uso de VS Code frente a Cursor, el valor de tener el chat mejor integrado y el descubrimiento de pequeños detalles como autocompletado, cambio de cuenta o sesiones centralizadas. Pero el fondo no está en el editor, sino en que la IA empieza a comportarse como una capa operativa del proyecto, no solo como una ventana donde pedir cosas sueltas. En esa misma línea encaja la aparición en otros medios de IA, Automatización y Codex con Victor Correal en No es asunto vuestro, donde se cruza automatización, programación y trabajo real con agentes. Kilo Code y el desarrollo con IA como sistema El episodio no se queda en Codex, también contrapone otras formas de organizar el desarrollo con IA. Ahí entra Kilo Code, con énfasis en agentes especializados, ejecución paralela, worktrees, gestión más explícita del sistema y una experiencia pensada para producción, no solo para asistencia puntual. La comparación sirve para aterrizar algo importante: hoy ya no basta con preguntar cuál es la mejor herramienta. Lo que de verdad importa es qué arquitectura de trabajo te deja montar cada una, cómo delega, cuánto contexto conserva y cuánto control te deja sobre lo que está haciendo. Ese matiz atraviesa buena parte del episodio. Las herramientas pueden parecer similares desde fuera, pero cambian mucho cuando el uso pasa de “hazme esto” a “ayúdame a mantener un proyecto vivo con criterios, contexto y especialización”. Migrar de cPanel a Vercel sin humo El bloque más práctico del episodio es seguramente la migración de TomaBumping desde un entorno en cPanel a Vercel. El proyecto estaba hecho con Next.js y en origen parecía viable mantenerlo en el servidor actual, pero aparecieron límites reales en compilación, sincronización y ejecución de procesos. La conversación deja una idea útil: migrar no es solo mover el proyecto a un hosting más moderno, sino entender qué necesita realmente ese flujo para funcionar bien. En este caso, el repositorio ya estaba en GitHub, así que importar el proyecto a Vercel fue sencillo. Lo importante vino después: variables de entorno, builds automáticos y sincronización de datos desde Notion hacia archivos JSON. Ahí aparece el límite clave de Vercel: no está pensado para guardar ficheros persistentes en disco durante la ejecución de ciertos comandos. Eso obligó a repensar la sincronización y a sacar esa parte fuera del runtime habitual. La solución elegida fue usar GitHub Actions para lanzar la sincronización, guardar artefactos, hacer commit y push, y dejar que ese push disparase el deploy en Vercel. No es una historia de “Vercel lo hace todo solo”, sino de elegir bien qué capa hace cada cosa. MCP, capabilities y contexto útil dentro de WordPress Otro bloque importante del episodio gira alrededor de MCP y de cómo conectar la IA con WordPress de una forma realmente útil. La idea no es solo pedirle que cree contenido, campos o estructuras, sino darle acceso a contexto técnico del proyecto: tipos de campo, formatos, relaciones y estado real del sistema. Ese matiz es importante porque cambia por completo el papel de la IA. En vez de operar a ciegas, puede leer antes de escribir, inspeccionar antes de generar y trabajar con una base técnica más cercana a lo que ya existe en el proyecto. La conversación conecta esto con vídeos y contenidos propios sobre WordPress, capabilities y automatización, y con una visión bastante pragmática: MCP no aporta tanto por “hacer cosas” como por mejorar la calidad del contexto con el que las hace. También aparece como telón de fondo la idea de WordPress como ecosistema suficientemente flexible para seguir siendo útil en proyectos modernos. En ese sentido encaja bien el hub temático de WordPress, que sirve como referencia de contexto y especialización en torno al CMS. NovaMCP, Bricks, Elementor y el cortocircuito del builder La parte más crítica del episodio aparece cuando se habla de NovaMCP, Bricks y Elementor. Se reconoce el interés del plugin y su potencial para exponer tools, leer estructura del sitio, editar archivos, ejecutar código o trabajar con widgets y estilos globales. Pero justo ahí aparece la objeción más valiosa del episodio: si ya estás diseñando con IA desde fuera, con dirección de arte, framework CSS y artefactos propios, añadir una capa intermedia para volver a traducir eso a un builder puede ser más fricción que ayuda. En otras palabras, el problema no es si Bricks o Elementor son compatibles con IA. Lo son. El problema es si esa compatibilidad mejora de verdad el sistema o si simplemente añade complejidad, gasto de tokens y dependencia de otra interfaz más. La crítica no es anti-builder. De hecho, se reconoce que pueden tener sentido para ciertos layouts, para importar CSS o para iterar rápido sobre una base ya creada. Pero la conclusión práctica es bastante clara: si la IA te ayuda precisamente a salir del builder, volver a meterlo en el centro del flujo puede ser un paso atrás. Make, flyers, emails y automatizaciones pequeñas que ya ahorran tiempo El cierre del episodio baja la IA a automatizaciones mucho más concretas y accesibles. Aquí no hacen falta agentes complejos, ni un VPS, ni una infraestructura excesiva. Se habla de Make como herramienta para analizar flyers, capturas de pantalla o emails, extraer información estructurada y crear registros útiles en otros sistemas. Los ejemplos son muy claros: detectar información de carteles, convertir una captura en un JSON trabajado, o reenviar un email para que la IA extraiga campos, genere un resumen y cree el evento correspondiente en Airtable. La enseñanza de este bloque es sencilla pero potente: no siempre hace falta montar un sistema sofisticado para obtener valor real de la IA. Muchas veces basta con un webhook, un módulo bien planteado y una extracción estructurada que elimine trabajo repetitivo. Ese enfoque además encaja muy bien con el tono general del episodio: menos obsesión por la herramienta de moda y más foco en si resuelve una tarea concreta con claridad y sin meter complejidad innecesaria. Cierre Este episodio 251 deja una idea bastante útil para cualquiera que esté mezclando IA, WordPress y desarrollo diario: no todo lo que se puede conectar conviene conectarlo. Codex, Kilo Code, Vercel, GitHub Actions, MCP, Bricks, Elementor o Make pueden encajar en un sistema potente, pero no por acumulación sino por criterio. La parte valiosa no está en usar más capas, más agentes o más builders, sino en elegir qué papel juega cada pieza. Cuando eso se hace bien, la IA acelera de verdad. Cuando no, solo añade ruido. Si te interesa esta mezcla de WordPress, automatización, agentes y decisiones técnicas con impacto real, este episodio deja bastante material para replantear flujos, quitar pasos innecesarios y quedarte con lo que sí aporta valor.

Big Tech is pouring hundreds of billions into AI, but with rising signs of an industry bubble and some real-world fallout, this week's episode digs into who actually wins, who stands to lose, and whether Apple's patient strategy may outsmart the hype. Big Tech firms beat earnings expectations amid AI spending questions RIP the $599 Mac Mini, you were too beautiful for this world Microsoft lifts 2026 AI spend by $25 billion to cover component price rises Microsoft speeds up in Big Tech's data center spend-off Crosswording the Situation Meta's historic loss in court could cost a lot more than $375 million Utah first state to hold websites liable for users who mask their location with VPNs — law goes into effect, designed to prevent bypassing age checks Australia unveils a 2.25% levy on Meta, Google, and TikTok Meta found in breach of EU law for failing to keep children off Facebook and Instagram Meta inks deal for solar power at night, beamed from space Musk v. Altman week 1: Elon Musk says he was duped, warns AI could kill us all, and admits that xAI distills OpenAI's models OpenAI-backed 1X opens California factory targeting 10,000 home humanoid robots in year one Sam Altman asked GPT-5.5 to plan its own launch party. Its requests were 'beautiful' but 'strange.' Sam Altman says Elon Musk can come to his GPT 5.5 party: 'World needs more love' The US Senate unanimously passed a rule barring senators from trading on prediction markets like Kalshi and Polymarket, amid rising concern over insider trading 'We Know You Live Right Here': No Secrets in America's New Surveillance Dragnet California to begin ticketing driverless cars that violate traffic laws China Suspends New Autonomous Driving Permits After Baidu Outage China has decided that firing a worker because an AI can do their job is illegal. No Western country has done the same. Maryland Is First to Ban A.I.-Driven Price Increases in Grocery Stores The most severe Linux threat to surface in years catches the world flat-footed Hackers are actively exploiting a bug in cPanel, used by millions of websites The Hottest Anti-AI Gadget Is a Cyberdeck Jack Dorsey-backed Vine reboot Divine launches to the public GameStop eyes eBay takeover in audacious $46 billion bet on Ryan Cohen's e-commerce vision AI-generated actors and scripts are now ineligible for Oscars Ukraine says it's training drone pilots in 'Grand Theft Auto V' This free website is like Wikipedia meets the CIA Light Phone III Is a Delightfully Minimalist Smartphone Alternative Valve Steam Controller is here, it's a gamepad in search of a console Bluetooth Connected - The Voices Behind the Connection Spirit Airlines shuts down after Trump's war on Iran doubled jet fuel prices Ask.com has shut down, marking the official farewell to the Internet's favorite butler Pioneering geneticist and decoder of the human genome J. Craig Venter dies at age 79 Host: Leo Laporte Guests: Nicholas De Leon, Devindra Hardawar, and Mikah Sargent Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: helixsleep.com/twit canary.tools/twit - use code: TWIT Melissa.com/twit expressvpn.com/twit box.com/AI

Malicious Ad for Homebrew Leads to MacSync Stealer https://isc.sans.edu/diary/Malicious%20Ad%20for%20Homebrew%20Leads%20to%20MacSync%20Stealer/32942 Wireshark Update https://www.wireshark.org/docs/relnotes/wireshark-4.6.5.html Digicert Microsoft Defender False Positive https://www.reddit.com/r/cybersecurity/comments/1t2hfsh/mde_flagging_digi_cert_certificate_as_malicious/ https://bugzilla.mozilla.org/show_bug.cgi?id=2033170 cPanel Exploited https://support.cpanel.net/hc/en-us/articles/40073787579671-Security-CVE-2026-41940-cPanel-WHM-WP2-Security-Update-04-28-2026

Big Tech is pouring hundreds of billions into AI, but with rising signs of an industry bubble and some real-world fallout, this week's episode digs into who actually wins, who stands to lose, and whether Apple's patient strategy may outsmart the hype. Big Tech firms beat earnings expectations amid AI spending questions RIP the $599 Mac Mini, you were too beautiful for this world Microsoft lifts 2026 AI spend by $25 billion to cover component price rises Microsoft speeds up in Big Tech's data center spend-off Crosswording the Situation Meta's historic loss in court could cost a lot more than $375 million Utah first state to hold websites liable for users who mask their location with VPNs — law goes into effect, designed to prevent bypassing age checks Australia unveils a 2.25% levy on Meta, Google, and TikTok Meta found in breach of EU law for failing to keep children off Facebook and Instagram Meta inks deal for solar power at night, beamed from space Musk v. Altman week 1: Elon Musk says he was duped, warns AI could kill us all, and admits that xAI distills OpenAI's models OpenAI-backed 1X opens California factory targeting 10,000 home humanoid robots in year one Sam Altman asked GPT-5.5 to plan its own launch party. Its requests were 'beautiful' but 'strange.' Sam Altman says Elon Musk can come to his GPT 5.5 party: 'World needs more love' The US Senate unanimously passed a rule barring senators from trading on prediction markets like Kalshi and Polymarket, amid rising concern over insider trading 'We Know You Live Right Here': No Secrets in America's New Surveillance Dragnet California to begin ticketing driverless cars that violate traffic laws China Suspends New Autonomous Driving Permits After Baidu Outage China has decided that firing a worker because an AI can do their job is illegal. No Western country has done the same. Maryland Is First to Ban A.I.-Driven Price Increases in Grocery Stores The most severe Linux threat to surface in years catches the world flat-footed Hackers are actively exploiting a bug in cPanel, used by millions of websites The Hottest Anti-AI Gadget Is a Cyberdeck Jack Dorsey-backed Vine reboot Divine launches to the public GameStop eyes eBay takeover in audacious $46 billion bet on Ryan Cohen's e-commerce vision AI-generated actors and scripts are now ineligible for Oscars Ukraine says it's training drone pilots in 'Grand Theft Auto V' This free website is like Wikipedia meets the CIA Light Phone III Is a Delightfully Minimalist Smartphone Alternative Valve Steam Controller is here, it's a gamepad in search of a console Bluetooth Connected - The Voices Behind the Connection Spirit Airlines shuts down after Trump's war on Iran doubled jet fuel prices Ask.com has shut down, marking the official farewell to the Internet's favorite butler Pioneering geneticist and decoder of the human genome J. Craig Venter dies at age 79 Host: Leo Laporte Guests: Nicholas De Leon, Devindra Hardawar, and Mikah Sargent Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: helixsleep.com/twit canary.tools/twit - use code: TWIT Melissa.com/twit expressvpn.com/twit box.com/AI

Big Tech is pouring hundreds of billions into AI, but with rising signs of an industry bubble and some real-world fallout, this week's episode digs into who actually wins, who stands to lose, and whether Apple's patient strategy may outsmart the hype. Big Tech firms beat earnings expectations amid AI spending questions RIP the $599 Mac Mini, you were too beautiful for this world Microsoft lifts 2026 AI spend by $25 billion to cover component price rises Microsoft speeds up in Big Tech's data center spend-off Crosswording the Situation Meta's historic loss in court could cost a lot more than $375 million Utah first state to hold websites liable for users who mask their location with VPNs — law goes into effect, designed to prevent bypassing age checks Australia unveils a 2.25% levy on Meta, Google, and TikTok Meta found in breach of EU law for failing to keep children off Facebook and Instagram Meta inks deal for solar power at night, beamed from space Musk v. Altman week 1: Elon Musk says he was duped, warns AI could kill us all, and admits that xAI distills OpenAI's models OpenAI-backed 1X opens California factory targeting 10,000 home humanoid robots in year one Sam Altman asked GPT-5.5 to plan its own launch party. Its requests were 'beautiful' but 'strange.' Sam Altman says Elon Musk can come to his GPT 5.5 party: 'World needs more love' The US Senate unanimously passed a rule barring senators from trading on prediction markets like Kalshi and Polymarket, amid rising concern over insider trading 'We Know You Live Right Here': No Secrets in America's New Surveillance Dragnet California to begin ticketing driverless cars that violate traffic laws China Suspends New Autonomous Driving Permits After Baidu Outage China has decided that firing a worker because an AI can do their job is illegal. No Western country has done the same. Maryland Is First to Ban A.I.-Driven Price Increases in Grocery Stores The most severe Linux threat to surface in years catches the world flat-footed Hackers are actively exploiting a bug in cPanel, used by millions of websites The Hottest Anti-AI Gadget Is a Cyberdeck Jack Dorsey-backed Vine reboot Divine launches to the public GameStop eyes eBay takeover in audacious $46 billion bet on Ryan Cohen's e-commerce vision AI-generated actors and scripts are now ineligible for Oscars Ukraine says it's training drone pilots in 'Grand Theft Auto V' This free website is like Wikipedia meets the CIA Light Phone III Is a Delightfully Minimalist Smartphone Alternative Valve Steam Controller is here, it's a gamepad in search of a console Bluetooth Connected - The Voices Behind the Connection Spirit Airlines shuts down after Trump's war on Iran doubled jet fuel prices Ask.com has shut down, marking the official farewell to the Internet's favorite butler Pioneering geneticist and decoder of the human genome J. Craig Venter dies at age 79 Host: Leo Laporte Guests: Nicholas De Leon, Devindra Hardawar, and Mikah Sargent Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: helixsleep.com/twit canary.tools/twit - use code: TWIT Melissa.com/twit expressvpn.com/twit box.com/AI

Big Tech is pouring hundreds of billions into AI, but with rising signs of an industry bubble and some real-world fallout, this week's episode digs into who actually wins, who stands to lose, and whether Apple's patient strategy may outsmart the hype. Big Tech firms beat earnings expectations amid AI spending questions RIP the $599 Mac Mini, you were too beautiful for this world Microsoft lifts 2026 AI spend by $25 billion to cover component price rises Microsoft speeds up in Big Tech's data center spend-off Crosswording the Situation Meta's historic loss in court could cost a lot more than $375 million Utah first state to hold websites liable for users who mask their location with VPNs — law goes into effect, designed to prevent bypassing age checks Australia unveils a 2.25% levy on Meta, Google, and TikTok Meta found in breach of EU law for failing to keep children off Facebook and Instagram Meta inks deal for solar power at night, beamed from space Musk v. Altman week 1: Elon Musk says he was duped, warns AI could kill us all, and admits that xAI distills OpenAI's models OpenAI-backed 1X opens California factory targeting 10,000 home humanoid robots in year one Sam Altman asked GPT-5.5 to plan its own launch party. Its requests were 'beautiful' but 'strange.' Sam Altman says Elon Musk can come to his GPT 5.5 party: 'World needs more love' The US Senate unanimously passed a rule barring senators from trading on prediction markets like Kalshi and Polymarket, amid rising concern over insider trading 'We Know You Live Right Here': No Secrets in America's New Surveillance Dragnet California to begin ticketing driverless cars that violate traffic laws China Suspends New Autonomous Driving Permits After Baidu Outage China has decided that firing a worker because an AI can do their job is illegal. No Western country has done the same. Maryland Is First to Ban A.I.-Driven Price Increases in Grocery Stores The most severe Linux threat to surface in years catches the world flat-footed Hackers are actively exploiting a bug in cPanel, used by millions of websites The Hottest Anti-AI Gadget Is a Cyberdeck Jack Dorsey-backed Vine reboot Divine launches to the public GameStop eyes eBay takeover in audacious $46 billion bet on Ryan Cohen's e-commerce vision AI-generated actors and scripts are now ineligible for Oscars Ukraine says it's training drone pilots in 'Grand Theft Auto V' This free website is like Wikipedia meets the CIA Light Phone III Is a Delightfully Minimalist Smartphone Alternative Valve Steam Controller is here, it's a gamepad in search of a console Bluetooth Connected - The Voices Behind the Connection Spirit Airlines shuts down after Trump's war on Iran doubled jet fuel prices Ask.com has shut down, marking the official farewell to the Internet's favorite butler Pioneering geneticist and decoder of the human genome J. Craig Venter dies at age 79 Host: Leo Laporte Guests: Nicholas De Leon, Devindra Hardawar, and Mikah Sargent Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: helixsleep.com/twit canary.tools/twit - use code: TWIT Melissa.com/twit expressvpn.com/twit box.com/AI

Microsoft Defender Deletes Trusted Certificates | 44,000 cPanel Servers Hit by Ransomware Microsoft Defender mistakenly flagged legitimate DigiCert root certificates as malware and removed them from Windows systems, breaking trust chains and causing widespread application failures. The issue was traced to a faulty detection signature (Trojan:Win32/CertyAgent), now fixed in update version 1.449.430.0.  At the same time, DigiCert confirmed a separate security incident where attackers compromised support systems and used internal tools to issue valid code-signing certificates. At least 60 certificates were revoked, including 27 linked to the Zong Stealer malware campaign.  Meanwhile, a critical cPanel vulnerability (CVE-2026-41940) is being actively exploited. Attackers used the flaw as a zero-day since February, compromising at least 44,000 servers and deploying new SORI ransomware using ChaCha20 and RSA-2048 encryption.  Also in this episode: The Linux "Copyfail" privilege escalation bug is now confirmed exploited and added to CISA's Known Exploited Vulnerabilities list A 10/10 critical vulnerability (CVE-2026-37541) in Open Vehicle Monitoring System could allow remote code execution in connected car environments This episode breaks down how these attacks work, why patch timing matters, and where organizations are most exposed right now. Cybersecurity Today would like to thank Material Security for supporting this podcast.  Material security provides. faster, more complete detection and response for email, identity, and data threats inside Google Workspace and Microsoft 365.  Contact them at  material[dot]security  Suggested Chapters (for retention and SEO) 00:00 Microsoft Defender deletes trusted certificates 02:20 DigiCert breach and stolen code-signing certificates 05:20 cPanel zero-day exploited, 44,000 servers compromised 08:40 Linux Copyfail vulnerability now actively exploited 10:40 Critical flaw in open-source car software  

Telegram Mini Apps deliver Android malware CISA orders Federal agencies to patch cPanel bug by Sunday British cyber agency warns of looming 'patch wave' due to speedy AI flaw discovery Get the show notes here: https://cisoseries.com/cybersecurity-news-telegram-mini-apps-malware-cpanel-is-sorry-patch-wave-warning/ Thanks to our episode sponsor, Vanta Risk and regulation ramping up—and customers expect proof of security just to do business. Vanta's automation brings compliance, risk, and customer trust together on one AI-powered platform. So whether you're prepping for a SOC 2 or running an enterprise GRC program, Vanta keeps you secure—and keeps your deals moving. Learn more at vanta.com/ciso.

Big Tech is pouring hundreds of billions into AI, but with rising signs of an industry bubble and some real-world fallout, this week's episode digs into who actually wins, who stands to lose, and whether Apple's patient strategy may outsmart the hype. Big Tech firms beat earnings expectations amid AI spending questions RIP the $599 Mac Mini, you were too beautiful for this world Microsoft lifts 2026 AI spend by $25 billion to cover component price rises Microsoft speeds up in Big Tech's data center spend-off Crosswording the Situation Meta's historic loss in court could cost a lot more than $375 million Utah first state to hold websites liable for users who mask their location with VPNs — law goes into effect, designed to prevent bypassing age checks Australia unveils a 2.25% levy on Meta, Google, and TikTok Meta found in breach of EU law for failing to keep children off Facebook and Instagram Meta inks deal for solar power at night, beamed from space Musk v. Altman week 1: Elon Musk says he was duped, warns AI could kill us all, and admits that xAI distills OpenAI's models OpenAI-backed 1X opens California factory targeting 10,000 home humanoid robots in year one Sam Altman asked GPT-5.5 to plan its own launch party. Its requests were 'beautiful' but 'strange.' Sam Altman says Elon Musk can come to his GPT 5.5 party: 'World needs more love' The US Senate unanimously passed a rule barring senators from trading on prediction markets like Kalshi and Polymarket, amid rising concern over insider trading 'We Know You Live Right Here': No Secrets in America's New Surveillance Dragnet California to begin ticketing driverless cars that violate traffic laws China Suspends New Autonomous Driving Permits After Baidu Outage China has decided that firing a worker because an AI can do their job is illegal. No Western country has done the same. Maryland Is First to Ban A.I.-Driven Price Increases in Grocery Stores The most severe Linux threat to surface in years catches the world flat-footed Hackers are actively exploiting a bug in cPanel, used by millions of websites The Hottest Anti-AI Gadget Is a Cyberdeck Jack Dorsey-backed Vine reboot Divine launches to the public GameStop eyes eBay takeover in audacious $46 billion bet on Ryan Cohen's e-commerce vision AI-generated actors and scripts are now ineligible for Oscars Ukraine says it's training drone pilots in 'Grand Theft Auto V' This free website is like Wikipedia meets the CIA Light Phone III Is a Delightfully Minimalist Smartphone Alternative Valve Steam Controller is here, it's a gamepad in search of a console Bluetooth Connected - The Voices Behind the Connection Spirit Airlines shuts down after Trump's war on Iran doubled jet fuel prices Ask.com has shut down, marking the official farewell to the Internet's favorite butler Pioneering geneticist and decoder of the human genome J. Craig Venter dies at age 79 Host: Leo Laporte Guests: Nicholas De Leon, Devindra Hardawar, and Mikah Sargent Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: helixsleep.com/twit canary.tools/twit - use code: TWIT Melissa.com/twit expressvpn.com/twit box.com/AI

Big Tech is pouring hundreds of billions into AI, but with rising signs of an industry bubble and some real-world fallout, this week's episode digs into who actually wins, who stands to lose, and whether Apple's patient strategy may outsmart the hype. Big Tech firms beat earnings expectations amid AI spending questions RIP the $599 Mac Mini, you were too beautiful for this world Microsoft lifts 2026 AI spend by $25 billion to cover component price rises Microsoft speeds up in Big Tech's data center spend-off Crosswording the Situation Meta's historic loss in court could cost a lot more than $375 million Utah first state to hold websites liable for users who mask their location with VPNs — law goes into effect, designed to prevent bypassing age checks Australia unveils a 2.25% levy on Meta, Google, and TikTok Meta found in breach of EU law for failing to keep children off Facebook and Instagram Meta inks deal for solar power at night, beamed from space Musk v. Altman week 1: Elon Musk says he was duped, warns AI could kill us all, and admits that xAI distills OpenAI's models OpenAI-backed 1X opens California factory targeting 10,000 home humanoid robots in year one Sam Altman asked GPT-5.5 to plan its own launch party. Its requests were 'beautiful' but 'strange.' Sam Altman says Elon Musk can come to his GPT 5.5 party: 'World needs more love' The US Senate unanimously passed a rule barring senators from trading on prediction markets like Kalshi and Polymarket, amid rising concern over insider trading 'We Know You Live Right Here': No Secrets in America's New Surveillance Dragnet California to begin ticketing driverless cars that violate traffic laws China Suspends New Autonomous Driving Permits After Baidu Outage China has decided that firing a worker because an AI can do their job is illegal. No Western country has done the same. Maryland Is First to Ban A.I.-Driven Price Increases in Grocery Stores The most severe Linux threat to surface in years catches the world flat-footed Hackers are actively exploiting a bug in cPanel, used by millions of websites The Hottest Anti-AI Gadget Is a Cyberdeck Jack Dorsey-backed Vine reboot Divine launches to the public GameStop eyes eBay takeover in audacious $46 billion bet on Ryan Cohen's e-commerce vision AI-generated actors and scripts are now ineligible for Oscars Ukraine says it's training drone pilots in 'Grand Theft Auto V' This free website is like Wikipedia meets the CIA Light Phone III Is a Delightfully Minimalist Smartphone Alternative Valve Steam Controller is here, it's a gamepad in search of a console Bluetooth Connected - The Voices Behind the Connection Spirit Airlines shuts down after Trump's war on Iran doubled jet fuel prices Ask.com has shut down, marking the official farewell to the Internet's favorite butler Pioneering geneticist and decoder of the human genome J. Craig Venter dies at age 79 Host: Leo Laporte Guests: Nicholas De Leon, Devindra Hardawar, and Mikah Sargent Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: helixsleep.com/twit canary.tools/twit - use code: TWIT Melissa.com/twit expressvpn.com/twit box.com/AI

Big Tech is pouring hundreds of billions into AI, but with rising signs of an industry bubble and some real-world fallout, this week's episode digs into who actually wins, who stands to lose, and whether Apple's patient strategy may outsmart the hype. Big Tech firms beat earnings expectations amid AI spending questions RIP the $599 Mac Mini, you were too beautiful for this world Microsoft lifts 2026 AI spend by $25 billion to cover component price rises Microsoft speeds up in Big Tech's data center spend-off Crosswording the Situation Meta's historic loss in court could cost a lot more than $375 million Utah first state to hold websites liable for users who mask their location with VPNs — law goes into effect, designed to prevent bypassing age checks Australia unveils a 2.25% levy on Meta, Google, and TikTok Meta found in breach of EU law for failing to keep children off Facebook and Instagram Meta inks deal for solar power at night, beamed from space Musk v. Altman week 1: Elon Musk says he was duped, warns AI could kill us all, and admits that xAI distills OpenAI's models OpenAI-backed 1X opens California factory targeting 10,000 home humanoid robots in year one Sam Altman asked GPT-5.5 to plan its own launch party. Its requests were 'beautiful' but 'strange.' Sam Altman says Elon Musk can come to his GPT 5.5 party: 'World needs more love' The US Senate unanimously passed a rule barring senators from trading on prediction markets like Kalshi and Polymarket, amid rising concern over insider trading 'We Know You Live Right Here': No Secrets in America's New Surveillance Dragnet California to begin ticketing driverless cars that violate traffic laws China Suspends New Autonomous Driving Permits After Baidu Outage China has decided that firing a worker because an AI can do their job is illegal. No Western country has done the same. Maryland Is First to Ban A.I.-Driven Price Increases in Grocery Stores The most severe Linux threat to surface in years catches the world flat-footed Hackers are actively exploiting a bug in cPanel, used by millions of websites The Hottest Anti-AI Gadget Is a Cyberdeck Jack Dorsey-backed Vine reboot Divine launches to the public GameStop eyes eBay takeover in audacious $46 billion bet on Ryan Cohen's e-commerce vision AI-generated actors and scripts are now ineligible for Oscars Ukraine says it's training drone pilots in 'Grand Theft Auto V' This free website is like Wikipedia meets the CIA Light Phone III Is a Delightfully Minimalist Smartphone Alternative Valve Steam Controller is here, it's a gamepad in search of a console Bluetooth Connected - The Voices Behind the Connection Spirit Airlines shuts down after Trump's war on Iran doubled jet fuel prices Ask.com has shut down, marking the official farewell to the Internet's favorite butler Pioneering geneticist and decoder of the human genome J. Craig Venter dies at age 79 Host: Leo Laporte Guests: Nicholas De Leon, Devindra Hardawar, and Mikah Sargent Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: helixsleep.com/twit canary.tools/twit - use code: TWIT Melissa.com/twit expressvpn.com/twit box.com/AI

Big Tech is pouring hundreds of billions into AI, but with rising signs of an industry bubble and some real-world fallout, this week's episode digs into who actually wins, who stands to lose, and whether Apple's patient strategy may outsmart the hype. Big Tech firms beat earnings expectations amid AI spending questions RIP the $599 Mac Mini, you were too beautiful for this world Microsoft lifts 2026 AI spend by $25 billion to cover component price rises Microsoft speeds up in Big Tech's data center spend-off Crosswording the Situation Meta's historic loss in court could cost a lot more than $375 million Utah first state to hold websites liable for users who mask their location with VPNs — law goes into effect, designed to prevent bypassing age checks Australia unveils a 2.25% levy on Meta, Google, and TikTok Meta found in breach of EU law for failing to keep children off Facebook and Instagram Meta inks deal for solar power at night, beamed from space Musk v. Altman week 1: Elon Musk says he was duped, warns AI could kill us all, and admits that xAI distills OpenAI's models OpenAI-backed 1X opens California factory targeting 10,000 home humanoid robots in year one Sam Altman asked GPT-5.5 to plan its own launch party. Its requests were 'beautiful' but 'strange.' Sam Altman says Elon Musk can come to his GPT 5.5 party: 'World needs more love' The US Senate unanimously passed a rule barring senators from trading on prediction markets like Kalshi and Polymarket, amid rising concern over insider trading 'We Know You Live Right Here': No Secrets in America's New Surveillance Dragnet California to begin ticketing driverless cars that violate traffic laws China Suspends New Autonomous Driving Permits After Baidu Outage China has decided that firing a worker because an AI can do their job is illegal. No Western country has done the same. Maryland Is First to Ban A.I.-Driven Price Increases in Grocery Stores The most severe Linux threat to surface in years catches the world flat-footed Hackers are actively exploiting a bug in cPanel, used by millions of websites The Hottest Anti-AI Gadget Is a Cyberdeck Jack Dorsey-backed Vine reboot Divine launches to the public GameStop eyes eBay takeover in audacious $46 billion bet on Ryan Cohen's e-commerce vision AI-generated actors and scripts are now ineligible for Oscars Ukraine says it's training drone pilots in 'Grand Theft Auto V' This free website is like Wikipedia meets the CIA Light Phone III Is a Delightfully Minimalist Smartphone Alternative Valve Steam Controller is here, it's a gamepad in search of a console Bluetooth Connected - The Voices Behind the Connection Spirit Airlines shuts down after Trump's war on Iran doubled jet fuel prices Ask.com has shut down, marking the official farewell to the Internet's favorite butler Pioneering geneticist and decoder of the human genome J. Craig Venter dies at age 79 Host: Leo Laporte Guests: Nicholas De Leon, Devindra Hardawar, and Mikah Sargent Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: helixsleep.com/twit canary.tools/twit - use code: TWIT Melissa.com/twit expressvpn.com/twit box.com/AI

Referências do EpisódioAnti-DDoS Firm Heaped Attacks on Brazilian ISPsClickFix Removes Your Background but Leaves the MalwareInside Shadow-Earth-053: A China-Aligned Cyberespionage Campaign Against Government and Defense Sectors in AsiaImportant Update From TrellixCritrical (sic) cPanel flaw mass-exploited in "Sorry" ransomware attacksRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Meta acquires Assured Robot Intelligence, CISA orders a cPanel and WHM patch by May 3rd, NASA targets late 2027 launch for Artemis III. MP3   Please SUBSCRIBE HERE for free or get DTNS shows ad-free. A special thanks to all our supporters–without you, none of this would be possible. If you enjoy what you seeContinue reading "DOD Strikes Deals With AWS, Microsoft, Nvidia, Oracle, Reflection AI – DTH"

Intel is making BANK on their stocks, but still not getting respect on their CPUs, GALAX is shutting down (mostly), Microsoft is trying REALLY hard now, does ASUS have the 12vhpwr cabling answer?, and patch your damn cPanel right now.  Plus cool gaming tidbits and more on that router ban.  Enjoy all that and even slightly more!0:00 Intro0:39 Patreon2:18 Food with Josh3:55 Intel stock hits record high12:06 Microsoft feels enough pressure to fix Update16:29 GALAX shuts down19:11 Portable hotspots face US ban just like routers22:44 57 Right to Repair bills in 27 states26:25 NES or Acemagic Retro X5 AMD Ryzen AI 9 HX 370 Mini PC?30:40 Fractal Pop 2 Vision33:49 Some discussion of the ROG Equalizer40:37 We look at a 2080Ti Super eBay listing here42:24 (In)Security Corner49:03 Gaming Quick Hits59:47 Picks of the Week1:07:39 Outro ★ Support this podcast on Patreon ★

Some of the big internet infrastructure tools have revealed major production security issues A lot of these are not household names, but just this week we've seen critical patches released to fix things that would, could, or have, caused real world harm. There's a bug on Linux that allows an unprivileged local user to gain root/admin access. Another on the CPanel server application that also allows unauthenticated remote attackers to bypass authentication and gain unauthorized administrative access. That means they could take your server down, or post malicious content on your site. If you're a business owner with a hosting provider, I'd check in with them to make sure both their Linux backbone and WHM/CPanel software is patched – both are major players in the market. These security issues come after Anthropic shared their incredibly power Mythos model with selected partners One of those was Linux (see above!) It's unclear if it was the AI that found the exploit, but this is the type of thing Anthropic said it could do. OpenAI is also launching its own "Cyber" model to select security partners before a public release. It's amusing because Sam Altman openly mocked Anthropic for the move to 'create marketing' around the hush hush model. The Pentagon has made its AI partnerships On the list are Nvidia, Microsoft, and AWS. They'll be able to deploy their models onto classified networks for "lawful operational use". What constitutes “legal use” is what got Anthropic designated a supply chain risk – it didn't want to be used for mass surveillance or autonomous weapons. The DoD says 1.3 million personnel have used their "GenAI.mil" application, which gives access to a range of models in a classified setting. LISTEN ABOVE See omnystudio.com/listener for privacy information.

DOS, 0x1A4, Seneca the Younger, Outlook, Copy/Fail, cPanel, QR, Ruby, Go, Talkie, Josh Marpet, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-577

Critical cPanel and WHM bug exploited as zero-day Swiss police arrest suspected members of Black Axe group HHS ponders government posture for protecting data centers Get the show notes here: https://cisoseries.com/cybersecurity-news-critical-cpanel-zero-day-swiss-black-axe-arrests-hhs-data-center-questions/ Thanks to our episode sponsor, Guardsqaure Attackers are treating your mobile app like an open book. Sixty-three percent of security leaders recently detected app tampering, cloning, or unauthorized modifications. When your code runs in an untrusted environment, you need runtime self-protection and code hardening to keep attackers out. Address tampering before it starts. Learn more at Guardsquare.com. 

DOS, 0x1A4, Seneca the Younger, Outlook, Copy/Fail, cPanel, QR, Ruby, Go, Talkie, Josh Marpet, and More on this episode of the Security Weekly News. Show Notes: https://securityweekly.com/swn-577

DOS, 0x1A4, Seneca the Younger, Outlook, Copy/Fail, cPanel, QR, Ruby, Go, Talkie, Josh Marpet, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-577

The security news was out of hand this week, so we had to pick our spots. We start with the nasty cPanel/WHM vulnerability that affects tens of millions of domains in shared hosting environments, then we discuss the Copy Fail Linux bug and its effects before seguing into the delightful history of branded bugs, logos, and parodies. LinksBranded bugs and logos: https://io.netgarage.org/logo/

El programa 2866 de Radiogeek, les habló de varios temas importantes. OnePlus se une a Realme; Huawei trae a Argentina la evolución de la serie Mate; Google Translate ahora te permite practicar la pronunciación; Mientras Tim Cook deja su cargo, Apple alcanza ventas récord, pero se avecina una escasez de chips; Gemini ahora puede generar archivos, incluso word excel pdf y LaTex; YouTube libera el modo Picture-in-Picture para todos los usuarios a nivel mundial; Los hackers están explotando activamente una vulnerabilidad en cPanel; y por último Instagram toma medidas enérgicas contra los agregadores de contenido. Toda esta información la pueden encontrar desde nuestra web www.infosertec.com.ar o bien desde el canal de Telegram/Whastapp, o Instagram. Esperamos sus comentarios.

Apple said it will be supply-constrained on Mac Mini, Studio, and Neo in the next quarter, too. Plus, web hosts are scrambling to fix the bug under active attack by hackers. One company said hackers have been abusing the bug for months. Learn more about your ad choices. Visit podcastchoices.com/adchoices

The Copy Fail vulnerability impacts all Linux distros going back to 2017, hackers are exploiting a cPanel auth bypass, every Moldovan citizen has their data stolen, and some scam compounds got raided raided… in Dubai. Show notes Risky Bulletin: The mysterious hack of Moldova's healthcare database

DOS, 0x1A4, Seneca the Younger, Outlook, Copy/Fail, cPanel, QR, Ruby, Go, Talkie, Josh Marpet, and More on this episode of the Security Weekly News. Show Notes: https://securityweekly.com/swn-577

A critical Linux flaw dubbed “Copy Fail” raises alarm. The House moves to extend Section 702. The White House pushes back on expanded Mythos access. cPanel and SonicWall rush out security patches. Researchers warn AI agents may leak credentials. Smishing targets key industries. Ukrainian police arrest suspects in a massive Roblox account theft scheme. Our guest is Jamie Moles, technical manager at ExtraHop, discussing how the pace of vibe coding is creating major AI blind spots. Honeypot hijinks get halted by curious clicks.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Jamie Moles, technical manager at ExtraHop, discussing how the pace of vibe coding is creating major AI blind spots. Selected Reading Copy Fail (Copy.Fail) House extends a controversial spy tool, but Senate path is unclear ahead of deadline (NPR) White House Opposes Anthropic's Plan to Expand Access to Mythos Model (WSJ) Critical Authentication Vulnerability in cPanel and WHM (Beyond Machines) Security Advisory: Firmware Update Required — Gen 6, Gen 7, and Gen 8 Firewalls (Sonic Wall) Phishing the agent: Why AI guardrails aren't enough (Okta) Phoenix Rising: Exposing the PhaaS Kit Behind Global Mass Phishing Campaigns (Group-IB Blog) Ukrainian police detain hackers suspected of stealing thousands of Roblox accounts for resale (The Record) I accidentally made law enforcement shut down their stresser honeypot (lina's blog) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Referências do EpisódioAll supported cPanel versions hit by critical auth bug, now patchedThe Internet Is Falling Down, Falling Down, Falling Down (cPanel & WHM Authentication Bypass CVE-2026-41940)Copy Fail: 732 Bytes to Root on Every Major Linux Distribution.Official SAP npm packages compromised to steal credentialsSupply Chain Campaign Targets SAP npm Packages with Credential-Stealing MalwareClaude adds malware to crypto agentRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

In questa puntata, Alex Raccuglia racconta in stile flusso di coscienza la creazione in tempi rapidi di un sistema di newsletter management “vibe coding”: come ha sostituito servizi come MailChimp con Amazon SES, come ha costruito da zero le basi per l'iscrizione/disiscrizione e l'invio di email, e come l'uso dell'AI lo aiuta a occuparsi della logica tattica mentre lui resta focalizzato sulla strategia. Tra errori, innovazioni rapide, bounce management e riflessioni su etica e uso consapevole dell'AI, emerge il potenziale di strumenti AI per accelerare lo sviluppo software e le campagne marketing, senza perdere controllo.Brand, nomi, servizi e link (URL) presenti, con breve descrizione- Runtime Radio – network che ospita Techno Pillz.  - URL: https://runtimeradio.it / https://runtimeradio.com  - Descrizione: casa del podcast e dei programmi di Runtime Radio.- MailChimp  - URL: https://mailchimp.com  - Descrizione: servizio di email marketing utilizzato in passato per invii massivi e gestione degli iscritti.- Amazon Simple Email Service (SES)  - URL: https://aws.amazon.com/ses/  - Descrizione: servizio di invio email da server SMTP; costo base citato di circa 1 USD per 10k email (versione standard). Il relatore lo usa come alternativa a MailChimp.- cPanel  - URL: https://cpanel.net  - Descrizione: pannello di controllo hosting usato per configurare i parametri di invio email (autorizzazioni domini per SES).- Curl  - URL: https://curl.se  - Descrizione: motore di internet/strumento a riga di comando utilizzato per inviare email (supporto al vibe coding).- Final Cut Pro (FCP)  - URL: https://www.apple.com/final-cut-pro/  - Descrizione: software di montaggio/video usato dall'autore, citato nel contesto della gestione creativa dei contenuti.- Telegram  - URL: https://telegram.org  - Descrizione: piattaforma di messaggistica citata come canale di interazione (glupotelegram).- Google Gemini (AI)  - Descrizione: suite di modelli AI di Google citata come fonte di supporto AI (denominata “Gemini” nel racconto). Nota: non viene fornito URL esplicito nel testo; Gemini è la linea di modelli AI di Google.- Nano Banana Pro  - Descrizione: personaggio/strumento AI usato dall'autore per generare contenuti e interfacce; non ha URL ufficiale citato nel testo.- Final Cut Pro / FCP Autodac (contestualizzato)  - Descrizione: menzione di strumenti/prodotti legati al flusso di lavoro video; presente nel racconto come riferimento, ma non sempre con URL specifico.- Curl (già menzionato) e prompt AI  - Descrizione: elementi tecnici usati per il flusso di lavoro con API e automazioni AI; inclusi nel racconto per illustrare il vibe coding.[00:13:54] Spot[00:17:23] Spot[00:21:12] Spot[00:26:37] Il riassunto di Sciatta GPT

Technical SEO Study with Favour Obasi-Ike: Website Speed / Content Delivery Network (CDN) / Content Management System (CMS) = Why Is My Website Slow?| Get exclusive SEO newsletters in your inbox.Technical SEO is a major common issue for websites causing them to start loading slowly. We discuss that slow speeds are often caused by poor hosting platforms lacking sufficient bandwidth and uncompressed media, particularly images and videos.Crucially, we emphasize the importance of acquiring and maintaining intellectual property ownership, including the domain and C panel (Control Panel) access, to prevent developers from holding site information hostage.Additionally, the conversation highlights technical aspects like utilizing a Content Delivery Network (CDN), compressing files using tools like compressor.io, and employing proper image file types and alt text for improved search engine optimization.Next Steps for Digital Marketing + SEO Services:>> ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Need SEO Services? Book a Complimentary SEO Discovery Call with Favour Obasi-Ike⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠>> Need more information? Visit our Work and PLAY Entertainment website to learn about our digital marketing services.>> Visit our Official website for the best digital marketing, SEO, and AI strategies today!Answer Key1. What is "Technical SEO"? Technical SEO, or "technical search engine (everywhere) optimization," refers to the technical methods used to ensure a brand or business shows up on web servers and desired websites, typically in the form of a link. It involves optimizing the underlying infrastructure of a website to improve its visibility and performance in search results.2. Identify and explain the two primary factors discussed that cause a website to load slowly. The two primary factors are the hosting platform and the presence of numerous uncompressed images. A poor hosting platform may have insufficient bandwidth or be an overloaded shared server, while large, uncompressed image files significantly increase the amount of data a user must download, slowing the entire loading process.3. What is a "high bounce rate," and how does it relate to a website's performance? A high bounce rate occurs when a visitor comes to a website and leaves quickly without interacting further. This is often caused by slow loading times, as users lack the patience to wait for content; another website might provide the same information three seconds faster, which is enough to make a user leave.4. Define what a Content Delivery Network (CDN) is and name the two types of servers that comprise its network. A CDN, or Content Delivery Network, is a system that stands between a website's hosting (the origin) and the end-user. It caches and compresses website files, like images, across multiple geographic locations to deliver them to users more quickly. The two types of servers within a CDN are the origin server, where the website's original content is stored, and the edge server, which is geographically closer to the end-user and delivers the cached content.5. Why is it crucial for a business owner to have direct ownership of their website's hosting server? Direct ownership of the hosting server ensures control over one's intellectual property and prevents being held "hostage" by a developer. If a business is on someone else's overloaded shared server, performance issues on one site can affect all sites (a "domino effect"). Owning the server provides direct access to the control panel, backups, and the website's blueprint, which is vital for management and troubleshooting.6. Explain the role of "alt text" and how it contributes to a website's visibility and accessibility. Alt text, or alternative text, is a description added to an image's code. It provides context to search engines like Google and AI indexers, making the images searchable and improving the site's overall SEO. Furthermore, alt text is critical for accessibility, as it allows screen reading software to describe the image to visually impaired users.7. What is a "cPanel," and what critical functions can be performed by accessing it? "cPanel" stands for Control Panel. It is the administrative dashboard for a website's hosting server. Accessing the cPanel is critical because it allows a user to get backup data, access the actual blueprint of the website, and see technical details like the file sizes of stored images.8. Describe the significant negative impact that uncompressed images can have on a website, using the specific numerical example from the discussion. Uncompressed images drastically increase a website's loading time because of their large file size. The example given was an online store with 50 products, each with two image variations. If each uncompressed image is 5 megabytes, the total data added to the site's front-loading speed would be 500 megabytes, whereas compressing those same images could reduce the total size to just 50 megabytes (10% of the original) without losing quality.9. What are the two recommended methods for incorporating video content on a website without negatively affecting its load speed? We strongly advises against directly uploading video files (e.g., MP4s). Instead, the two recommended methods are: 1) converting the video into a GIF and uploading the much smaller GIF file, or 2) embedding the video from a third-party platform like YouTube, which ensures the video is streamed from YouTube's servers and not the website's own server.10. Name at least three free tools mentioned that can be used to analyze a website's performance and health. Three of these are GTmetrix, Google Page Speed Insights, and Siteliner. Other mentioned tools include Compressor.io and iLoveIMG.com for image compression and iLovePDF.com for documents.Digital Marketing SEO Resources:>> ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Join our exclusive SEO Marketing community⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠>> Read SEO Articles>> ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Need SEO Services? Book a Complimentary SEO Discovery Call with Favour Obasi-Ike⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠>> ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Subscribe to the We Don't PLAY Podcast⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Brands We Love and SupportDiscover Vegan-based Luxury Experiences | ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Loving Me Beauty Beauty ProductsSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

I just launched a new DNS Course for Web Designers, specifically to help you get a 101, foundational understanding of all things domains, DNS records, email, security, performance, etc.It replaced what was formerly my cPanel course. It's a short, snappy, “what you need to know” DNS course without getting too technical or overwhelming. In this podcast episode, I'm giving you a little teaser!Included in the episode:A few personal DNS horror stories (to illustrate how important it is to know this stuff as a web designer)The most popular lesson so far on ‘Domain Types'And I'm even including the DNS Checklist from the course FOR FREE! Think of it as your DNS SOP for you and your team.Again, be sure to download the DNS Checklist I've made available to you for free. It also includes a special offer if you'd like to dive into the full course!Show notes at joshhall.co/393

Tom MacWright is a prolific contributor in the geospatial open source community. He made geojson.io, Mapbox Studio, and was the lead developer on the OpenStreetMap editor. He's currently on the team at Val Town. In 2021 he bootstrapped a solo business and created the Placemark mapping application. He acquired customers and found steady growth but after spending two years on the project he decided it was financially unsustainable. He open sourced the code and shut down the business. In this interview Tom speaks candidly about why geospatial is difficult, chasing technical rabbit holes, the mental impact of bootstrapping, and his struggles to grow a customer base. If you're interested in geospatial or the good and bad of running a solo business I think you'll enjoy this conversation with Tom. Related Links Tom's blog Placemark Play Placemark GitHub Placemark archive geojson.io Valtown Datawrapper (Visualization tool) Geospatial Companies mentioned Mapbox ArcGIS QGIS Carto -- Transcript You can help correct transcripts on GitHub. [00:00:00] Introduction Jeremy: Today I'm talking to Tom MacWright. He worked at Mapbox as a, a very early employee. He's had a lot of experience in the geospatial community, the open source community. One of his most recent projects was a mapping project called Placemark he started and ran on his own. So I wanted to talk to Tom about his experience going solo and, eventually having to, shut that down. Tom, thanks for agreeing to chat today. Tom: Yeah, thanks for having me. [00:00:32] Tools and Open Source at Mapbox Jeremy: So maybe to give everyone some context on, what your background was before you started Placemark. Um, let's talk a little bit about your experience at, at Mapbox. What did you work on there and, and what would you say are like the big things you learned from that experience? Tom: Yeah, so if you include the time that I was at Development Seed, which essentially turned into Mapbox, I kind of signed the paper to get fired from Development Seed and hired at Mapbox within the same 20 seconds. Uh, I was there for eight and a half years. so it was a lifetime in tech years. and the company really evolved from, uh, working for Human Rights Watch and Amnesty International and the World Bank and doing these small, little like micro websites to the point at which I left it. It had. Raised a lot of money, had a lot of employees. I think it was 350 or so when I left. and yeah, just expanded into a lot of different, uh, try trying to own more and more of the mapping stack. but yeah, I was kind of really focused on the creative and tooling side of it. that's kind of where I see a lot of the, the fun and programming is making these tools where, uh, they can give people the same kind of fun like interaction loop that programming has where you, you know, you do a little bit of math and you see the result and you're able to just play with, uh, what you're working on, letting people have that in other domains. so it was really cool to figure out how to get A map design tool where somebody changes the background color and it just automatically changes that in your browser. and it covered like data editing. It covered, um, map styling and we did, uh, three different versions of that tool over the years. and then Mapbox is also a company that was, it came from, kind of people who are working on the Howard Dean campaign. And so it was pretty ideological and part of the ideology was being pretty hardcore about open source. we hired a lot of people who were working on open source projects before and basically just paid them to work on the open source projects, uh, for their whole time there. And during my time there, I just tried to make as much of my work, uh, open as possible, which was, you know, at the time it was, it was pretty great. I think in the long term it's been, o open source has changed a lot. but during the time that we were there, we both kind of, helped things like leaflet and mapnik and openstreetmap, uh, but also made like some larger contributions to the open source world. yeah, that, that's kind of like the, the internal company facing side. And also like what I try to create as like a more of a, uh, enduring work. I think the open source stuff will hopefully have more of a, a long term, uh, benefit. [00:03:40] How open source has changed (value capture by large companies) Jeremy: When I was working on a project that needed offline maps, um, we couldn't use Google Maps or any of the, the other publicly available, cloud APIs. So yeah, we actually used a, a tool, called Tile Mill that I, I hadn't known that you'd worked on, but recently found out you did. So that actually let us pull in OpenStreetMap data and then use this style, uh, language called carto to, to basically let us choose what the colors would be and how the different, uh, the roads and the buildings would look. What's kind of interesting to me is that it being open source really let us, um, build something we otherwise wouldn't have been able to do. But like, at the same time, we also didn't pay Mapbox any money. (laughs) So I'm, I'm kind of curious, like, if it's changed, like what the thinking was in terms of, you know, we pay for people to build all these things. We make it open source. but then people may just not ever pay us, you know, for all these things we did. Tom: Yeah. Yeah. I think that the main thing that's changed since the era of tilemill is, the dominance of cloud platforms. Like back then, I think, uh, Mapbox was still using, we were using like a little bit of AWS but people were still just on like VPSs and, uh, configuring things in cPanel and sometimes even running their own servers. And the, the danger of people using the product for free was such a small thing for us. especially when tile Mill was also funded by the Knight Foundation, so, you know, that at least paid half of my salary for, or, well, sorry, probably, yeah, maybe half of my salary for the first year that I was there and half of three other people's salaries. but that, yeah, so like when we built Tile Mill, a few companies have really like built on those same tools. Uh, there's a company called Carto coincidentally, they had the same name as Carto CSS, and they built on a lot of the same stack they built on mapnik. Um, and it was, was... I mean, I'm not gonna say that it was all like, you know, sunshine and roses, but it was never a thing that we talked about in terms of like this being a brutal competition between us and these other startups. Mapbox eventually closed source some stuff. they made it a source available license. and eventually Mapbox Studio was a closed source product. Um, and that was actually a decision that I advocated for. And that's mostly just because at one point, Esri, Microsoft, Amazon, all had whitelisted versions of Mapbox code, which, uh, hurts a little bit on a personal level and also makes it pretty hard to think about. working almost like it. You don't want to go to your scrappy open source company and do unpaid labor for Amazon. Uh, you know, Bezos can afford to pay for the labor himself. that's just kind of my personal, uh, that I'm obviously, I haven't worked there in a long time, so I'm not speaking for the company, but that's kind of how it felt like. and it yeah, kind of changed the arithmetic of open source in this way that. It made it less fun and, more risky, um, for people I think. [00:07:11] Don't worry about the small free users Jeremy: Yeah. So it sounds like the thinking was if someone on a small team or an individual, they took the open source software and they used it for their own projects, that was fine. Like you expected that and didn't worry about it. It's more that when these really large organizations like a, a Microsoft comes in and, just like you said, white labels the software, and doesn't really contribute significantly back. That's, that's when it, the, the thinking sort of shifted. Tom: Yeah, like a lot of the people who can't pay full price in USD to use your product are great users and they're doing cool stuff. Like when I was working on Placemark and when I was like selling. The theme for my blog, I would get emails from like some kid in India and it's like, you know, you're selling this for a hundred dollars, which is a ton of money. And like, you know, why, why should I care? Why shouldn't I like, just send them the zip file for free? it's like nothing to me and a lot to them. and mapping tools are really, really expensive. So the fact that Mapbox was able to create a free alternative when, you know, ArcGIS was $500 a month sometimes, um, depending on your license, obviously. That's, that's good. You're always gonna find a way for, like, your salespeople are gonna find a way to charge the big companies a lot of money. They're great at that. Um, and that's what matters really for your, for the revenue. [00:08:44] ESRI to Google Maps with little in-between Jeremy: That's a a good point too about like the, my impression of the, the mapping space, and maybe this has changed more recently, but you had the, probably the biggest player Esri, who's selling things at enterprise prices and then there were, or there are like a few open source options. but they feel like the, the barrier to entry feels a little high. And so, and then I guess you have stuff like Google Maps, right? That's, um, that's very accessible, but it's pretty limited, so. There's this big gap, it feels like right between the, the Esri and the, the Google Maps and open source. It's, it's sort of like, there's almost like there's no sweet spot. guess May, maybe it's just because people's uses are so different, but I'm, I'm not sure, um, what makes maps so unique in that way Tom: Yeah, I have come to understand what Esri and QGIS do as like an extension of what CAD is like. And if you've used CAD software recently, it's just as crazy and as expensive and as powerful. and it's really hard to capture like the people who are motivated enough to make a map but don't want to go down the whole rabbit hole. I think that was one of the hardest things about Placemark was trying to be in the middle of those things and half of the people were mystified by the complexity and half the people wanted more complexity. Uh, and I just couldn't figure out how to get it to the right in between spot. [00:10:25] Placemark and its origins in geojson.io Jeremy: Yeah. So let's, let's talk a little bit about Placemark then, in terms of from its start. What was your, your goal with Placemark and, and what was the product itself? Tom: So the seed of the idea for Placemark, uh, is this website called geojson.io, uh, which is still around. And, Chris Fong (correction -- Whong) at, at Mapbox is still, uh, developing it. And that had become pretty useful for a lot of people who I knew in the industry who were in this position of managing geospatial data but not wanting to boot up ArcGIS uh, geojson.io is based on, I just tweeted, I was like, why? Why is there not a thing where you can edit data on a map and have a GeoJSON representation and just go Back and forth between the two really easily. and it started with that, and then it kind of grew to be a little bit more powerful. And then it was just a tool that was useful for everyone. And my theory was just that I wanted that to be more useful. And I knew just like anything else that you build and you work on for a long time, you know exactly how it could be so much better. And, uh, all the things that you would do better if you did it again. And I was, uh, you know, hoping that there was something where like if you make that more powerful and you make it something that's like so essential that somebody's using every day, then maybe there's some some value in that. And so Placemark kind of started as being like, oh, this is the thing where if you're tasking a satellite and you need a bounding box on a specific city, this is the easiest way to do that. Um, and it grew a little bit into being like a tool for collaborating because people were collaborating on it. And I thought that that would be, you know, an interesting thing to support. but yeah, I think it, it like tried to be in that middle of like, not exactly Google my Maps and certainly a lot, uh, simpler than, uh, QGIS or ArcGIS Jeremy: something I noticed, so I've actually used geojson.io as well when I was first learning how to put stuff on a map and learning that GeoJSON was a format that a lot of things were using, it was actually really helpful to, to be able to draw, uh, polygons and see, okay, this is how the JSO looks and all that stuff. And it was. Like just very simple. I think there's something like very powerful about, websites or applications like that where it, it does this one thing and when you go there, you're like, oh, okay, I, I, I know what I'm doing and it's, it's, uh, you know, it's gonna help me do the, this very specific thing I'm trying to do. [00:13:16] Placemark use cases (Farming, Transportation, Interior mapping, Satellite viewsheds) Jeremy: I think with Placemark, so, one question I would have is, you gave an example of, uh, someone, I think you said for a satellite, they're, are they drawing the, the area? What, what was the area specifically for? Tom: the area of interest, the area where they want the, uh, to point the camera. Jeremy: so yeah, with, with Placemark, I mean, were there, what were some of the specific customers or use cases you had in mind? 'cause that's, that's something about. Um, placemark as a product I noticed was it's sort of like, here's this thing where you can draw polygons put markers and there's all these like things you can do, but I think unless you already have the specific use case, it's not super clear, who uses it for what. So maybe you could give some examples of what you had in mind. Tom: I didn't have much in mind, but I can tell you what people, what some people used it for. so some of the more interesting uses of it, a bunch of, uh, farming oriented use cases, uh, especially like indoor and small scale farming. Um, there were some people who, uh, essentially had a bunch of flower farms and had polygons on the map, and they wanted to, uh, mark the ones that had mites or needed to be watered, other things that could spread in a geometric way. And so it's pretty important to have that geospatial component to it. and then a few places were using it for basically transportation planning. Um, so drawing out routes of where buses would go, uh, in Luxembourg. And, then there was also a little bit of like, kind of interesting, planning of what to buy more or less. Uh, so something of like, do we want to buy this tract of land or do we wanna buy this tract of land or do we wanna buy access to this one high speed internet cable or this other high speed internet cable? and yeah, a lot of those things were kind of like emergent use cases. Um, there's a lot of people who were doing either architecture or internal or in interior mapping essentially. Jeremy: Interior, you mean, inside of a building Tom: yeah. yeah. Jeremy: Hmm. Okay. Tom: Which I don't think it was the best tool for. Uh, but you know, people used it for that. Jeremy: Interesting. Yeah. I guess, would people normally use some kind of a CAD tool for that, or Tom: Yeah. Uh, there's CAD tools and there are a few, uh, companies that do just, there's a company that just does interior maps especially of airports, and that's their whole business model. Um, but it's, it's kind of an interesting, uh, problem because most CAD architecture work is done with like a local coordinate system, and you have like very good resolution of everything, and then you eventually place it in geo geospatial space. Uh, but if you do it all in latitude and longitude, you know, you're, you're moving a door and it's moving the 10th or 12th decimal point, and eventually you have some precision problems. Jeremy: So it's almost like if you start with latitude and longitude, it's hard to go the other way. Right? you have to start more specific and then you can move it into the, the geospatial, uh, area. Tom: Yeah. Uh, that's kind of why we have local projections for towns is that you can do a lot of work just in that local projection. And the numbers are kind of small 'cause your town's small, relatively. Jeremy: yeah, those are kind of interesting. So it sounds like just anytime somebody wants to, like you gave the example of transportation planning or you want to visually see where things are, like your crops or things like that, and that, that kind of makes sense. I mean, I think if you just think about paper maps, if somebody wants to sketch something out and, and sort of track the layout of something, this could serve the same purpose but be editable. and like you said, I think it's also. Collaborative so you can have multiple people editing the same, um, map. that makes sense. I think something that I believe I saw on your website is you said though that it was, it's like an editing tool, but it's not necessarily a visualization tool. Uh, I'm kind of curious what you, what you meant by that. [00:17:39] An editing tool that allows you to export data not a visualization tool Tom: Yeah, I, when you say a map, I think there's, people can interpret that as everything from raw data to satellite imagery and raster data. and then a lot of it is like, can I use this to make a choropleth map of the voter turnout in our, in my country? and that placemark did a little bit, but I think that it was, it was never going to be the, the thing that it did super well. and so, yeah, and also like the, the two things kind of, don't mesh all that well. Like if you have a scale point map and you have that kind of visualization of it and then you're editing the points at the same time and you're dragging around these like gigantic points because this point means a lot of population, it just doesn't really make that much sense. There are probably ways to square that circle and have different views, but, uh, I felt like for visualizations, I mean partly I just think data wrapper is kind of great and uh, I had already worked for observable at that point, which is also, which I think also does like great visualization work. Jeremy: Would that be the case of somebody could make a map inside a placemark and then they would take the GeoJSON and then import that into another visualization tool? Is that what you were kind of imagining people would do? Tom: Yeah. Yeah, exactly. Jeremy: And I could see from the customer's perspective, a lot of them, they may have that end, uh, visualization in mind. So they might look for a tool that kind of just does both. Right. Tom: Yeah. Yeah. Certain people definitely, wanted that. And yeah, it was an interesting direction to go down. I think that market was going to be a lot different than the people who wanted to manage and edit data. And also, I, one thing that I had in mind a lot, uh, was if Placemark didn't work out, how much would people be burned? and I think if I, if I built it in a way that like everyone was heavily relying on the API and embeds, people would be suffer a lot more, if I eventually had to shut it down. every API that you release is really a, a long-term commitment. And instead for me, like guilt wise, having a product where you can easily export everything that you ever did in any format that you want was like the least lock in, kind of. Jeremy: Yeah. And I imagine the, the scope of the project too, you're making it much smaller if you, if you stick to that editing experience and not try to do everything. Tom: Yeah. Yeah. I, the scope was already pretty big. as you can tell from the open source project, it's, it's bigger than I wish it was. the whole time I was really hoping that I could figure out some niche that was much more compact. there's, I forget the name, but there's somebody who has a, an application that's very similar to Placemark in. Technical terms, but is just a hundred percent focused on planning septic systems. And I'm just like, if I just did this just for septic systems, like would that be a much, would that be 10,000 lines of code instead of 40,000 lines of code? And it would be able to perfectly serve those customers. but you know, that I didn't do enough experimentation to figure that out. Um, I, that's, I think one thing that I wish I had done a lot more was, pivot and do experiments. Jeremy: that septic example, do you know if it's a, a business in and of itself where it can actually support one person or a staff of people? Or is it, is that market just too small? Tom: I think it's still a solo bootstrapped project. yeah. And it's, it's so hard to tell whether a company's doing well or not. I could ask the person over DM. [00:21:58] Built the base technology before going public Jeremy: So when you were first starting. placemark. You were, you were doing it as a solo, developer. A solo entrepreneur, reallyyou worked on it for quite a while, I think before you announced, right? Like maybe a year or so? Tom: Yeah, yeah. Almost, almost a year, I think, maybe, maybe 10 months in the dark. Jeremy: I think that there's, there was a lot of overlap between the different directions that I would eventually go in and. So just building a collaborative editor that can edit map data fairly quickly and checks all the boxes of being able to import and export things, um, that is, was a lot of work. and I mean also I, I was, uh, freelancing during part of it, so it wasn't a hundred percent of my time. Tom: But that, that core, I think even now if I were to build something similar, I would probably still use that work. because that, whether you're doing the septic planning application or you're doing a general purpose kind of map editor or some kind of social application, a lot of that stuff will be in common. Um, and so I wanted to really get, like, to figure out that problem space and get a few solutions that I could live with. Jeremy: The base. libraries or technologies you were gonna pick to get the map and have the collaborative aspect. Those are all things you wanted to get settled first. And then you figured, okay, once I have this base, then I can go find the, you know, the, the, the customers or, or find the specifics of what I'm gonna build. Tom: Yeah, exactly. Jeremy: I I think you had said that going forward when you're gonna work on another project, you would probably still start the same way. [00:23:51] Geospatial is a tough industry, no public companies Tom: if I was working on a project in the geospatial space, I would probably heavily reference the work that I already did here. but I don't know if I'll go back to, to maps again. It's a tough industry. Jeremy: Is it because of the, the customer base? Is it because like people don't really understand the market in terms of who actually needs the maps? I'm kind of curious what you feel makes it tough. Tom: I think, well there are no, there are no public mapping companies. Esri is I think one of the 10 largest private companies in the us. but it's not like any of these geospatial companies have ever been like a pure play. And I think that makes it hard. I think maps are just, they're kind of like fonts in a way in which they are this. Very deep well of complexity, which is absolutely fascinating. If you're in it, it's enough fun and engineering to spend an entire career just working on that stuff. And then once you're out of it, you talk to somebody and you're just like, oh, I work on this thing. And they're like, oh, that you Google maps. Um, or, you know, I work at a font type like a, you know, a type factory and it's like, oh, do you make, uh, you know, courier in, uh, word. It's really infrastructure, uh, that we mostly take for granted, which is, that's, that means it's good in some ways. but at the same time, I, it's hard to really find a niche in which the mapping component is that, that is that useful. A lot of the companies that are kind of mapping companies. Like, I think you could say that like Strava and Palantir are kind of geospatial companies, both of them. but Strava is a fitness company and Palantir is a military company. so if you're, uh, a mapping expert, you kind of have to figure out what, how it ties into the real world, how it ties into the business world and revenue. And then maps might be 50% of the solution or 75% of the solution, but it's probably not going to be, this is the company that makes mapping software. Jeremy: Yeah, it's more like, I have this product that I'm gonna sell and it happens to have a map as a part of it. versus I'm going to sell you, tools that, uh, you know, help you make your own map. That seems like a, a harder, harder sell. Tom: yeah. And especially pro tools like the. The idea of people being both invested in terms of paying and invested in terms of wanting to learn the tool. That's, uh, that's a lot to ask out of people. [00:26:49] Knowing the market is tough but going for it anyways Jeremy: I think the things we had just talked about, about mapping being a tough industry and about there being like the low end is taken care of by Google, the high end is taken care of by Esri with ArcGIS. Uh, I think you mentioned in a blog post that when you started Placemark you, you, you knew all this from the start. So I'm kind of curious, like, knowing that, what made you decide like, I'm gonna, I'm gonna go for it and, you know, do it anyways. Tom: uh, I, well, I think that having seen, I, like I am a co-founder of val.town now, and every company that I've worked for, I've been pretty early enough to see how the sausage is made and the sausage is made with chaos. Like every company doesn't know what it's doing and is in an impossible fight against some Goliath figure. And the product that succeeds, if it ever does succeed, is something that you did not think of two or three years in advance. so I looked at this, I looked at the odds, and I was like, oh, these are the typical odds, you know, maybe someday I'll see something where it's, uh, it's an obvious open blue water market opportunity. But I think for the, for the most part, I was expecting to grind. Uh, you know, like even, even if, uh, the odds were worse, I probably would've still done it. I think I, I learned a lot. I should have done a lot more marketing and business and, but I have, I have no regrets about, you know, taking, taking a one try at solving a very hard to solve problem. Jeremy: Yeah, that's a good point in that the, the odds, like you said, are already stacked against you. but sometimes you just gotta try it and see how it goes, Tom: Yeah. And I had the, like I was at a time where I was very aware of how my life was set up. I was like, I could do a startup right now and kind of burn money for a little while and have enough time to work on it, and I would not be abandoning an infant child or, you know, like all of the things that, all the life responsibilities that I will have in the near future. Um. So, you know, uh, the, the time was then, I guess, [00:29:23] Being a solo developer Jeremy: And comparing it to your time at Mapbox and the other startups and, and I suppose now at val.town, when you were working on Placemark, you're the sole developer, you're in charge of everything. how did that feel? Did you enjoy that experience or was it more like, I, I really wish I had other people to, you know, to kind of go through this with, Tom: Uh, around the end I started to chat with people who, like might be co-founders and I even entertained some chats with, uh, venture capital people. I am fine with the, the day to day of working on stuff alone of making a lot of decisions. That's what I have done in a lot of companies anyway. when you're building the prototype or turning a prototype into something that can be in production, I think that having, uh, having other people there, It would've been better for my mentality in terms of not feeling like it was my thing. Um, you know, like feeling detached enough from the product to really see its flaws and really be open to, taking more radical shifts in approach. whereas when it's just you, you know, it's like you and the customers and your email inbox and, uh, your conscience and your existential dread. Uh, and you know, it's not like a co-founder or, uh, somebody to work with is gonna solve all of that stuff for you, but, uh, it probably would've been maybe a little bit better. I don't know. but then again, like I've also seen those kinds of relationships blow up a lot. and I wanted to kind of figure out what I was doing before, adding more people, more complexity, more money into the situation. But maybe you, maybe doing that at the beginning is kind of the same, you know, like you, other people are down for the same kind of risk that you are. Jeremy: I'm sure it's always different trade offs. I mean, I, I think there probably is a power to being able to unilaterally say like, Hey, this is, this is what I wanna do, so I'm gonna do it. Tom: Yeah. [00:31:52] Spending too much time on multiplayer without a business case Jeremy: You mentioned how there were certain flaws or things you may not have seen because you were so in it. Looking back, what, what were some of those things? Tom: I think that, uh, probably the, I I don't think that most technical decisions are all that important, um, that it never seems like the thing that means life or death for companies. And, you know, Facebook is still on PHP, they've fought, fixed, the problem with, with money. but I think I got rabbit holed into a few things where if I had like a business co-founder, then they would've grilled me about like, why are we spending? The, the main thing that comes to mind, uh, is real time multiplayer, real time. It was a fascinating problem and I was so ready to think about that all the time and try to solve it. And I think that took up a lot of my time and energy. And in the long term, most people are not editing a map. At the same time, seeing the cursors move around is a really fun party trick, and it's great for marketing, but I think that if I were to take a real look at that, that was, that was a mistake. Especially when the trade off was things that actually mattered. Like the amount of time, the amount, the amount of data that the, that could be handled at. At the same time, I could have figured out ways to upload a one gigabyte or two gigabyte or three gigabyte shape file and for it to just work in that same time, whereas real time made it harder to solve that problem, which was a lot closer to what, Paying customers cared about and where people's expectations were? Jeremy: When you were working on this realtime collaborative functionality, was this before the product was public? Was this something you, built from the start? Tom: Yeah. I built the whole thing without it and then added it in. Not as like a rewrite, but like as a, as a big change to a lot of stuff. Jeremy: Yeah, I, I could totally see how that could happen because you are trying to envision people using this product, and you think of something like Google Docs, right? It's very powerful to be typing in a document and see the other cursors and, um, see other people typing. So, I could see how you, you would make that leap and say like, oh, the map should, should do that too. Yeah. [00:34:29] Financial pressures of bootstrapping, high COL, and healthcare Tom: Yeah. Yeah. Um, and, you know, Figma is very cool. Like the, it's, it's amazing. It's an amazing thing. But the Figma was in the dark for way longer than I was, and uh, Evan is a lot smarter than I was. Jeremy: He probably had a big bag of money too. Right. Tom: Yeah. Jeremy: I, I don't actually know the history of Figma, but I'm assuming it's, um, it's VC funded, right? Tom: Uh, yeah, they're, they're kind of famous for just having, I don't think they raised that much in the beginning, but they just didn't hire very much and it was just like the two co-founders, or two or three people and they just kept building for long time. I feel like it's like well over three years. Jeremy: Oh wow. Okay. I think like in your case, I, I saw a comment from you where you were saying, this was your sole source of income and you gotta pay for your health insurance, and so you have no outside investments. So, the pressures are, are very different I think. Tom: Yeah. Yeah. And that's really something to on, to appreciate about venture capital. It gives you the. Slack in your, in your budget to make some mistakes and not freak out about it. and sadly, the rent is not going down anytime soon in, in Brooklyn, and the health insurance is not going down anytime soon. I think it's, it's kind of brutal to like leave a job and then realize that like, you know, to, to be admitted to a hospital, you have to pay $500 a month. Jeremy: I'm, I'm sure that was like, shocking, right? The first time you had to pay for it yourself. Tom: Yeah. And it's not even good. Uh, we need to fix this like that. If there's anything that we could do to fix entrepreneurship in this country, it's just like, make it possible to do this without already being wealthy. Um, it was, it was a constant stress. [00:36:29] Growth and customers Jeremy: As you worked on it, and maybe especially as you, after you had shipped, was there a period where. You know, things were going really well in terms of customers and you felt like, okay, this is really gonna work. Tom: I was, so, like, I basically started out by dropping, I think $5,000 in the business bank account. And I was like, if I break even soon, then I'll be happy. And I broke even in the first month. And that was amazing. I mean, the costs were low and everything, but I was really happy to just be at that point and that like, it never went down. I think that probably somebody with more, uh, determination would've kept going after, after I had stopped. but yeah, like, and also The people who used Placemark, who I actually chatted with, and, uh, all that stuff, they were awesome. I wish that there were more of them. but like a lot of the customers were doing cool stuff. They were supportive. They gave me really informative feedback. Um, and that felt really good. but there was never a point at which like the, uh, the growth scale looked like, oh, we're going to hit a point at which this will be a sustainable business within a year. I think it, according to the growth when I left it, it would've been like maybe three years until I would've been, able to pay my rent and health insurance and, live a comfortable life in, in New York. Jeremy: So when you mentioned you broke even that was like the expenses into the business, but not for actually like rent and health insurance and food and all that. Okay. Okay. can you say like roughly how much was coming in or how many customers you had? Tom: Uh, yeah, the revenue initially I think was, uh, 1500 MRR, and eventually it was like 4,000 or so. Jeremy: And the growth was pretty steady. [00:38:37] Bootstrapping vs fundraising Tom: Um, so yeah, I mean, the numbers where you're just like, maybe I could have kept going. but it's, the other weird thing about VCs is just that I think I have this rich understanding of like, if you're, if you're running a business that will be stressful, but be able to pay your bills and you're in control of it, versus running a startup where you might make life changing money and then not have to run a business again. It's like the latter is kind of better. Uh, if stress affects you a lot, and if you're not really wedded to being super independent. so yeah, I don't know between the two ways of like living your life, I, I have some appreciation for, for both. doing what Placemark entailed if I was living cheaply in a, in a cheap city and it didn't stress me out all the time, would've been a pretty good deal. Um, but doing it in Brooklyn with all the stress was not it, it wasn't affecting my life in positive ways and I, I wanted to, you know, go see shows at night with my friends and not worry about the servers going down. Jeremy: Even putting the money aside, I think that's being the only person responsible for the app, right? Probably feels like you can't really take a vacation. Right. Tom: Yeah, I did take a vacation during it. Like I went to visit my partner who was in, uh, Germany at the time, and we were like on a boat, uh, between Germany, across the lake to Switzerland, and like the servers went down and I opened up my laptop and fixed the servers. It's just like, that is, it's a sacrifice that people make, but it is hard. Jeremy: There's, there's on call, but usually it's not just you 24 7. Tom: Yeah. If you don't pick up somebody else [00:40:28] Financial stress and framing money spent as an investment Jeremy: Yeah, yeah, yeah, I guess at what point, because I'm trying to think. You started in 2021 and then maybe wrapped up, was it sometime in 2024? Tom: Uh, I took a job in, uh, I, I mean I joined val.town in the early 2023 and then wrapped up in November, 2023. Jeremy: At what point did you really start feeling the, the stress? Like I, I imagine maybe when you first started out, you said you were doing consulting and stuff, so, um, probably things were okay, but once you kind of shifted away from that, is that kind of when the, the, the worries about money started coming in? Tom: Yeah. Um, I think maybe it was like six or eight months, um, in. Just that I felt like I wasn't finding, uh, like a, a way to grow the product without adding lots of complexity to it. and being a solo founder, the idea of succeeding, but having built like this hulking mess of a product felt just as bad as not succeeding. like ideally it would be something that I could really be happy maintaining for the long term. Uh, but I was just seeing like, oh, maybe I could succeed by adding every feature in QGIS and that's just not, not a, not something that I wanted to commit to. but yeah, I don't, I don't know. I've been, uh, do you know, uh, Ramit Sethie he's like a, Jeremy: I don't. Tom: an internet money guy. He's less scummy than the rest of them, but still, I. an internet money guy. Um, but he does adjust a lot of stuff about like, money psychology. And that has made me realize that a lot of what I thought at the time and even think now is kind of a rational, you know, like, I think one of the main things that I would do differently is just set a budget for Placemark. Like if I had just set away, like, you know, enough money to live on for a year and put that in, like the, this is for Placemark bucket, then it would've felt better to me then having it all be ad hoc, month to month, feeling like you're burning money instead of investing money in a thing. but yeah, nobody told me, uh, how to, how to think about it then. Uh, yeah, you only get experience by experiencing it. Jeremy: You're just seeing your, your bank account shrinking and there's this, psychological toll, right? Where you're not, you're not used to that feeling and it, it probably feels like something's wrong, Tom: Yeah, yeah. I'm, I think it, I'm really impressed by people who can say, oh, I invested, uh, you know, 50 or a hundred thousand dollars into this business and was comfortable with that risk. And like, maybe it works out, maybe it doesn't. Maybe you just like threw a lot of money down into that. and the people, I think with the healthy, productive, uh, relationship with it. Do think of it as like, oh, I, I paid for kind of a bet on a risk. and that's, that's what I was doing anyway. You know, like I was paying my rent and my health insurance and spending all my time working on the product instead of paying, uh, freelance work. but if you don't frame it that way, it doesn't feel like an investment. It feels like you're making a risky gamble. Jeremy: Yeah. And I think that makes sense to, to actually, I think, like you were saying, have a separate account or a separate thing set aside where you are like, this is, this is this money for this purpose. And like you said, look at it as an investment, which with regular investments can go down. Tom: Yeah, exactly. Yeah. Jeremy: Yeah [00:44:26] In hindsight might have raised money or tried smaller bets Jeremy: Were there, there other things, whether technical or or business wise, that, that if you were to to do it again, you would do differently? Tom: I go back and forth on whether I should have raised venture capital. there are, there's kind of a, an assumption in venture capital that once you're on it, you have to go the whole way. You have to become a billion dollar company, uh, or at least really tell people that you're going to be a billion dollar company and I am not. yeah, I, I don't know. I've seen, I've seen other companies in my space, or like our friends of my current company who are not really targeting that, or ones who were, and then they had somewhere in between the billion dollar and the very small outcome. Uh, and that's a little bit of a point in the favor of accepting a big pile of money from the venture capitalists. I'm also a little bit biased right now because val.town has one investor and he's like the, the best venture capitalist that I have ever met. Big fan. don't quote me on that. If he sacks me in like a year, we'll see. Um, but uh, yeah, there, I, I think that I understand more why people take that approach. or I've understood more why people take like the venture capital but not taking $300 million from SoftBank approach. yeah, and I don't know, I think that, trying a lot of things also seems really appealing. Uh, people who do the same kind of. of Maybe 10 months, but they build four or five different products or three different products instead of just one. I think that, that feels, feels like a good idea to me. Jeremy: And in doing that, would that be more of a, like as a solo entrepreneur or you, you're thinking you would take investment and then say, I'm gonna try all these things with, with your money. Tom: Oh, I've seen both. I, that I, yeah, one friend's company has pivoted like four times between very different ideas and yeah, it, it's one way to do it, but I think in the long term, I would want to do that as a solo developer and try to figure out, you know, something. but yeah, I, I think, uh, so much of it is mindset, that even then if I was working on like three different projects, I think I. My qualifications for something being worth, really adopting and spending all my time doing, you just have to accept, uh, a lot of hits and a lot of misses and a lot of like keeping things alive and finding out how to turn them into something. I am really inspired by my friends who like started around the same time that I did and they're not that much further in terms of revenue and they're like still, still doing it because that is what they want to do in life. and if you develop the whole ecosystem and mindset around it, I think that's somewhere that people can stay and, and be happy. just trying to find, trying to find a company that they own and control and they like. Jeremy: While, while making the the expenses work. Tom: Yeah. Yeah. that's the, that's the hard part, like freelancing on the side also. I probably could have kept that up. I liked my freelance clients. I would probably still work with them as well. but I kind of just wanted the, I wanted the focus, I wanted the motivation of, of being without a net. Jeremy: Yeah, I mean, energy wise, do you think that that would've worked? I mean, I imagine that Placemark took a lot of your time when you were working full time, so you're trying to balance, you know, clients and all your customers and everything you're doing with the software. It just feels like it might be a lot. Tom: Yeah. Yeah. Maybe with different freelance clients. I, I loved my freelance clients because I, after. leaving config. I, I wanted to work on climate change stuff and so I was working for climate change foundations and that is not the way to max out your paycheck. It's the way to feel good about your conscience. And so I still feel great about those projects, but in the future, yeah, I would probably just work for, uh, you know, a hedge fund or something. [00:49:02] Marketing to developers but not potential customers Jeremy: I think something you mentioned in one of your posts is that you maybe could have spent more time or had a different approach with marketing. Maybe you could kind of say what you did do and then what maybe worked and what didn't. Tom: Yeah. So I like my sweet spot is writing documentation and blog posts and technical stuff. And so I did a lot of that and a lot of that like worked in a way that didn't matter. I am at this point, weirdly good at writing stuff that gets on Hacker News. I've written a lot of stuff that's gotten to the top of Hacker News and unfortunately, writing about your technical approach and your geospatial project for handling errors, uh, in your JavaScript code is not really a way to get customers. and I think doing a lot of documentation was also great, but it was also, I think that the, the thing that was missing is the thing that I think Mapbox does fairly well now, in which the homepage really pushes you toward use cases immediately. and I should have been saying to each customer who had anything compelling as a use case, like, let's write an article about you and what you're doing, and here's how you use this in your industry. and that probably would've also been like a good, a good way to figure out which of those verticals was the one that was most worth spending all the time on. yeah. So it, it was, it was a lot of good marketing to nerds. and it could have been better in terms of marketing to actual customers and to people who are making the buying decisions. Jeremy: Yeah. Looking at the, the Placemark blog, I can definitely see how as a developer, a lot of the posts are appealing to me, right? It's about how you worked on a technical challenge or decisions you made, but maybe less so to somebody who they wanna. Draw a map to manage their crops. They're like, I don't care about any of this. Right. Tom: Yeah, like the Mapbox blog used to be, just all that stuff as well. We would write about designing protocol buffer layouts, and it was amazing for hiring and amazing for getting nerds in the door. But now it's just, Toyota is launching with, Mapbox Maps or something like that. And that's, that's what you, you should do if you're trying to sell a product. Jeremy: Yeah. And I think the, the sort of technical aspect, it makes sense too. If you're venture funded and you are looking to hire, right? You wanna build your team and you just want to increase like, the amount of stuff you're building and not worrying so much about, am I gonna have a paycheck next Tom: Yeah. Yeah. I, I just kind of do it because it's fun, which is not the right reason to do it, but, Yeah, I mean, I still write my blog mostly just because it's, it's a fun thing to do, but it's not the best way to, um, to run a business. Jeremy: Yeah. Well, the fun part is important too though. Tom: Yeah. Yeah. That's, that's maybe the whole thing. May, that's maybe the most important thing, but you can't do it if you don't do the, the money part. [00:52:35] Most customers came from existing audience Jeremy: Right. So the people who did find you, was it mostly word of mouth from people who did identify with the technical posts, or were there places that surprised you, that people found you? Tom: Uh, a lot of it was people who were familiar with the Mapbox ecosystem or with, with me. and then eventually, yeah, a few of the users came in through, um, through Hacker News, but it was mostly, mostly word of mouth also. The geospatial community is like fairly tight and it's, and it's not too hard to be the person who writes the article about some geospatial challenge that everyone finds. Jeremy: Hmm. Okay. Yeah, that's a good point about like being in that community, especially since you've done so much work in geospatial and in open source that you have this little, this built-in audience, I guess. Tom: yeah. Which I appreciate. It makes me nervous, but yeah. [00:53:43] Val.town marketing to developers Jeremy: Comparing that to something like val.town, how is val.town marketing? How is it finding users? 'cause from what I can tell, it's, it's getting a lot of, uh, a lot of people coming in, right? Tom: Yeah. Uh, well, right now our, our kind of target user, or the user that we think of is a hobbyist, is somebody who's, sometimes a pro developer or somebody, sometimes just somebody who's really interested in the field. And so writing these things that are just about, you know, programming, does super well. Uh, but it, we have exactly the same problem and that that is kind of being revamped as we speak. uh, we hired somebody who actually knows marketing and has a good sense for it. And so a lot of that stuff is shifting to show you what you can do with val.town because it, it suffers from the same problem as well. It's an empty text field in which you can type, type script, code, and it runs. And knowing what you can do with that or what you should do with that is, is hard if you don't have a grasp of TypeScript and web applications. so pretty soon we'll have pages which are like, here's how to connect linear and GitHub with OW Town, or, you know, two nouns connect them, for all of those companies and to do automations and all these like concrete applications. I think that's, you have to do it. You have to figure it out. Jeremy: Just briefly for someone who hasn't heard of val.town, like what, what does it do? Tom: Uh, val.town is a social website, so it has comments and likes and all of that stuff. but it's for writing these little snippets of TypeScript and JavaScript code that run. So a lot of them are websites, some of them are automations, so they receive emails or send emails or connect one service to another. And yeah, it's, it's like combining some aspects of, GitHub or like a code platform, uh, but with the assumption that every time that you save, everything's instantly deployed. Jeremy: So it's maybe a little bit like, um, like a glitch, I guess? Tom: Uh, yeah. Yeah, it takes a lot of experience, a lot of, uh, inspiration from Glitch. Jeremy: And I, I think, like you had mentioned, you enjoy writing the, the technical blog posts and the documentation. And so at least with val.town, your audience is developers versus, the geospatial community who probably largely doesn't care about, TypeScript and the, the different technical decisions there. Tom: Yeah, it, it makes it easier, that's for sure. The customer is, is me. [00:56:30] Shifting from solo to in-person teams Jeremy: Nice. Yeah. Looking at, you know, you, you worked as a, a solo developer for Placemark, and then now you've got a team of, is it like maybe five Tom: Uh, it is seven at the moment. Jeremy: Seven people. Okay. Are you all in person or is it, remote Tom: We all sit around two tables in Brooklyn. It's very nice. Jeremy: So how did that feel? Like shifting from, I'm in, I don't know if you worked from home while you were working on Placemark or if you were in coworking spaces, but you're, you're shifting from I'm like in my own head space doing everything myself to, to, I'm in a room with all these people and we're like working on this thing together. I'm kind of curious like how that felt for you. Tom: Yeah, it's been a big difference. And I think that I was just talking with, um, one, one of our, well an engineer at, at val.town about how everyone kind of had, had been working remote for obvious pandemic world reasons. And this kind of privilege of just being around the same table, if that's what you like is, a huge difference in terms of, I just remember having to. Trick myself into going on a walk around the block because I would get into such a dark mental head space of working on the same project for eight hours straight and skipping lunch. and now there's a little bit more structure. yeah, it's, it's been, it's been a overall, an improvement. Some days I wish that I could go on a run at noon 'cause that's the warmest time of the day. but, uh, overall, like it makes things so much easier. just reading the emotions in people's faces when they're telling you stuff and being able to, uh, not get into discussions that you don't need to get into because you can talk and just like understand each other very quickly. It's, it's very nice. I don't wanna force everyone to do it, you know, but it it for the people who want it, they, they, uh, really enjoy it. Jeremy: Yeah. I think if you have the right set of people, it's definitely more enjoyable. And um, if you don't, maybe not so Tom: Yeah, we haven't hired any, like, extremely loud chewers yet or anything like that, but yeah, maybe my story will change. Jeremy: No, no one microwaving fish. Tom: No, there's, uh, yeah, thankfully the microwave is outside of the office. Jeremy: Do you live close to the office? Tom: Yeah. Yeah. Like most of the team is within a 20 or 30 minute walk of the office and it's very fortunate. I think there's been something of a mass migration to New York. A lot of us didn't live in New York before four years ago, and now all of us do. it's, it's, uh, it's very comfortable to be here. Jeremy: I think that makes, uh, such a big difference. 'cause I think the majority of people, at least within the US you know, you're, you're getting in your car, you're sitting in traffic. and I know people who, during the pandemic, they actually moved further, right? Because they went, oh, like, uh, I don't need to come into the office. but yeah, if you are close enough where you can walk, yeah, I think that makes a big difference. Tom: Oh yeah. If I had to drive to work, I think my blood pressure would be so much higher. Uh, especially in New York. Oh, I feel so bad for the people who have to drive, whereas I'm just walking with, you know, a bagel in hand, enjoying listening to the birds. Jeremy: Yeah. Yeah. well now they have, what is it, the congestion pricing in Tom: Yeah. Yeah. We're all in Brooklyn, so it doesn't affect us that much, but it's supposedly, it's, it's working great. Um, yeah. I hope we can keep it. Jeremy: I've never driven in New York and I, I wouldn't want to Tom: Yeah. It's only for the brave or the crazy. [01:00:37] The value of public writing and work Jeremy: I think that's probably a good place to, to wrap up, but is there any other thoughts you had or things you wanted to mention? Tom: No, I've just, uh, thank you so much. This has been, this has been a lot of fun. You're, you're very good at this as well. I feel like it's, uh, Jeremy: Thank you Tom: It's not easy to, to steer a conversation in a way that makes awkward people sound, uh, normal. Jeremy: I wouldn't say that, but um, what's been actually pretty helpful to me is, you have such a body of work, I guess I would say, in terms of your blogging and, just the amount that you write and the long history of projects that, that there's, you know, there's a lot to talk about and I'm sure it helps, helps your thought process as well. Tom: Yeah. I, I've been lucky to have a lot of jobs where people, where companies were like, cool with publishing everything, you know? so a lot of what I've done is, uh, is public. it's, it's, uh, I'm very, very thankful for like, early on that being a big part of company culture. Jeremy: And you can definitely tell, I think for people who look at the Placemark blog posts or, or now your, your val.town blog posts, like there's, there's a clear difference when somebody like is very intentional and, um, you know, it's good at writing versus you're doing it because, um, it's your corporate responsibility or whatever, like people can tell. Yeah. Tom: Yeah. You can't fake being interested. so you gotta work on things that are interesting. Jeremy: Tom, thanks again for, for agreeing to chat. This was fun. Tom: Yeah thank you so much.