Podcasts about dns

Welcome back to our weekend Cabral HouseCall shows! This is where we answer our community's wellness, weight loss, and anti-aging questions to help people get back on track! Check out today's questions:    Leah: Hi, I was wondering if you know about how to deal with constipation and stuck poop due to tortuous colon. Thank you!                                                                                                                                                                                 Bettina: Dear Dr. Cabral, I'm reaching out regarding my husband, who is 47 years old and experiencing a range of symptoms that we're hoping to better understand. He has sensitive gums that are gradually receding, and he produces an excessive amount of earwax. He blows his nose daily and often feels tightness and tension in his neck, throat, and upper body. He is gluten intolerant and also reacts to milk sugar and lactose. Additionally, he frequently struggles to fall asleep. While these symptoms may not be directly related, I'd greatly appreciate your insight into any potential underlying connections or contributing factors and ideas to what my husband can do to change this. Thank you very much for your time and expertise.                                                                                                                                                                        Ellen: I have a question about high serum vitamin B12 levels. The normal range on the lab is 232 - 946. I am more than double the high end of the range at 1945. I take a daily multivitamin with with 400 mcg of B12, and take no other B12 supplement. Why is my number so high?                                                                                           Diana: Hi Dr. Cabral, My liver is stressed. Found out I have fatty liver in May, but am already doing everything I should to help reverse it. I'm wondering what you would do in my situation. For background, I have Ehlers Danlos & ME/CFS for 30 years (I'm 42). Have horrible PEM (can't walk for 5 mins, have to carefully plan all exertion), so can't exercise. Hypometabolic & blood glucose constantly elevated & spikes with exertion (walking to my kitchen, etc.), but eat healthy & no spikes with food. EBV reactivated 5 years ago & won't go away. Did Big 5 last year, nothing with liver came up. Have mold toxicity & SIBO, took binders to help. Did CBO protocol, but SIBO & mold won't go away. Do 21-day detox regularly, take DNS powder 2x per day + almost all supplements suggested in NAFLD podcast.                                                                                                   Allen: I am new to your podcast but saw you are offering the First Labs Program for 50% off labs. Is this all labs like the Big 5, or only certain ones. Can I run all of them? Thanks for all your help and work you are putting out!     Thank you for tuning into today's Cabral HouseCall and be sure to check back tomorrow where we answer more of our community's questions!    - - - Show Notes and Resources: StephenCabral.com/3508 - - - Get a FREE Copy of Dr. Cabral's Book: The Rain Barrel Effect - - - Join the Community & Get Your Questions Answered: CabralSupportGroup.com - - - Dr. Cabral's Most Popular At-Home Lab Tests: > Complete Minerals & Metals Test (Test for mineral imbalances & heavy metal toxicity) - - - > Complete Candida, Metabolic & Vitamins Test (Test for 75 biomarkers including yeast & bacterial gut overgrowth, as well as vitamin levels) - - - > Complete Stress, Mood & Metabolism Test (Discover your complete thyroid, adrenal, hormone, vitamin D & insulin levels) - - - > Complete Food Sensitivity Test (Find out your hidden food sensitivities) - - - > Complete Omega-3 & Inflammation Test (Discover your levels of inflammation related to your omega-6 to omega-3 levels) - - - Get Your Question Answered On An Upcoming HouseCall: StephenCabral.com/askcabral - - - Would You Take 30 Seconds To Rate & Review The Cabral Concept? The best way to help me spread our mission of true natural health is to pass on the good word, and I read and appreciate every review!    

Ep 267Best 80 Mac PodcastsCitymapper: All Live Transit podržava i Beograd!Mis-issued certificates for 1.1.1.1 DNS service pose a threat to the InternetAtlassian Acquires The Browser Company for $610 Million - TidBITSThe $69 Billion Domino Effect: How VMware's Debt-Fueled Acquisition Is Killing Open Source, One Repository at a TimeCourt Allows Google-Apple Search Deal to Continue With ConditionsPozadina 'suludog' plana kojim EU želi čitati sve naše porukeThe EU's “Encryption Roadmap” Makes Everyone Less SafeThe EU wants to introduce a mass surveilance system onto your phoneIzgleda neće proći...Memory Integrity Enforcement: A complete vision for memory safety in Apple devices - Apple Security ResearchIntroducing AirPods Pro 3, the ultimate audio experienceApple debuts Apple Watch Series 11, featuring groundbreaking health insightsIntroducing Apple Watch Ultra 3Apple introduces Apple Watch SE 3Apple debuts iPhone 17Apple unveils iPhone 17 Pro and iPhone 17 Pro MaxIntroducing iPhone Air, a powerful new iPhone with a breakthrough designiPhone Air and iPhone 17 Limited to USB 2New Live Translation Feature Coming to AirPods 4, AirPods Pro 2Apple blocks translation AirPods in EU over regulatory concernsHypertension Alerts Coming to Older Apple Watch ModelsiOS 26 divota 1, divota 2, divota 3Jerry Schulze:Affordable 6K Displays have arrived! Asus ProArt PA32QCVDid you know your MacBook has a sensor that knows the exact angle of the screen hinge?Vintage Macintosh Programming Book LibraryOd izdvojenih mogućih naslova, izabran je broj 4:Pegi, pokaži svoje zmijsko teloPa to ti je, bre, eUpravaNema džabe ni kod babeTreba mi ozbiljna koncentracija da se ne ispovraćamZahvalniceSnimano 12.9.2025.Uvodna muzika by Vladimir Tošić, stari sajt je ovde.Logotip by Aleksandra Ilić.Artwork epizode by Saša Montiljo, njegov kutak na Devianartu

This week, we dig into Atlassian buying The Browser Company, whether Pay Per Crawl makes sense, and Oracle's cloud jackpot. Plus, a quick lesson in Aussie slang. Watch the YouTube Live Recording of Episode (https://www.youtube.com/live/iTFrzM8U2hQ?si=XaRjUM0tMr2aOLVZ) 537 (https://www.youtube.com/live/iTFrzM8U2hQ?si=XaRjUM0tMr2aOLVZ) Runner-up Titles "I have a plan to make things slightly better.” Matt Ray comes off the top rope We are in that demographic Flip-flops, thongs, and slides. No Translation Needed Do we have a fashion channel? Why not us too? Let's just try it Hooters adjacent tech story Pay-per-crawl. I don't know how DNS works, nobody does Cool, copyright, I love it Just lots of weird stuff going on. Y'all are weird Rundown Final thought on Australia (https://walkingtheworld.substack.com/p/final-thought-on-australia) Atlassian agrees to acquire The Browser Company for $610 million (https://www.cnbc.com/2025/09/04/atlassian-the-browser-company-deal.html) VMware buying Slide Rocket in 2011 (https://techcrunch.com/2011/04/26/vmware-acquires-online-presentation-application-sliderocket/), which is now ClearSlide (https://www.clearslide.com/product/sliderocket/) An Interview with Cloudflare Founder and CEO Matthew Prince About Internet History and Pay-per-crawl (https://stratechery.com/2025/an-interview-with-cloudflare-founder-and-ceo-matthew-prince-about-internet-history-and-pay-per-crawl/) Anthropic Agrees to Pay $1.5 Billion to Settle Lawsuit With Book Authors (https://www.nytimes.com/2025/09/05/technology/anthropic-settlement-copyright-ai.html) Apple unveils iPhone 17 Pro and iPhone 17 Pro Max (https://www.apple.com/newsroom/2025/09/apple-unveils-iphone-17-pro-and-iphone-17-pro-max/) Catch up quick | Apple September event highlights (https://youtu.be/31MbUHX7W8k?si=lmDZqRp_SsQykqsr) Apple introduces AirPods Pro 3 with live translation feature (https://arstechnica.com/gadgets/2025/09/new-airpods-pro-3-turn-apples-earbuds-into-fitness-tracker-universal-translator/) Nvidia's top two mystery customers made up 39% of the chipmaker's Q2 revenue (https://www.cnbc.com/2025/08/28/nvidias-top-two-mystery-customers-made-up-39percent-of-its-q2-revenue-.html) Oracle Financial's US parent jumps 27% in extended trading on Tuesday; Here's why - CNBC TV18 (https://www.cnbctv18.com/market/oracle-corp-share-price-jump-q1-results-guidance-data-centre-india-listed-stock-19668521.htm) Relevant to your Interests Google, Apple, and Mozilla Win in the Antitrust Case Google Lost (https://spyglass.org/google-apple-and-mozilla-win-in-the-antitrust-case-google-lost/) Privacy Nightmare: Your Doorbell Camera Is Snitching to Insurance Companies (https://www.gadgetreview.com/privacy-nightmare-your-doorbell-camera-is-snitching-to-insurance-companies) Broadcom Stock Soars as AI Demand Drives Strong Earnings—Crucial Price Levels to Monitor (https://www.investopedia.com/broadcom-stock-soars-as-ai-demand-drives-strong-earnings-crucial-price-levels-to-monitor-11804068) Addressing the unauthorized issuance of multiple TLS certificates for 1.1.1.1 (https://blog.cloudflare.com/unauthorized-issuance-of-certificates-for-1-1-1-1/) Exclusive | Databricks Crosses $4 Billion in Annual Revenue Rate (https://www.wsj.com/tech/ai/databricks-increases-revenue-forecast-to-4-billion-a-year-642897c8) SpaceX strikes $17B deal to buy EchoStar's spectrum for Starlink's direct-to-phone service (https://techcrunch.com/2025/09/08/spacex-strikes-17b-deal-to-buy-echostars-spectrum-for-starlinks-direct-to-phone-service/) Google Cloud CEO sees sunny prospects thanks to AI demand (https://www.theregister.com/2025/09/09/google_cloud_ceo_sees_sunny/) Apple unveils iPhone 17 Pro and iPhone 17 Pro Max (https://www.apple.com/newsroom/2025/09/apple-unveils-iphone-17-pro-and-iphone-17-pro-max/) Catch up quick | Apple September event highlights (https://youtu.be/31MbUHX7W8k?si=lmDZqRp_SsQykqsr) Apple introduces AirPods Pro 3 with live translation feature (https://arstechnica.com/gadgets/2025/09/new-airpods-pro-3-turn-apples-earbuds-into-fitness-tracker-universal-translator/) Claude can now create and use files (https://www.anthropic.com/news/create-files) The $69 Billion Domino Effect: How VMware's Debt-Fueled Acquisition Is Killing Open Source, One Repository at a Time (https://fastcode.io/2025/08/30/the-69-billion-domino-effect-how-vmwares-debt-fueled-acquisition-is-killing-open-source-one-repository-at-a-time/) Nonsense 2025 AI Darwin Award Nominees - Worst AI Failures of the Year (https://aidarwinawards.org/nominees-2025.html) Ground staff strike: KLM cancels over 100 flights on Wednesday - DutchNews.nl (https://www.dutchnews.nl/2025/09/ground-staff-strike-klm-cancels-over-100-flights-on-wednesday/) Listener Feedback Carless People (https://www.amazon.com/Careless-People-Cautionary-Power-Idealism/dp/1250391237) What We've Learned About the Kawhi Leonard Situation—and What We Haven't (https://www.theringer.com/2025/09/09/nba/kawhi-leonard-los-angeles-clippers-steve-ballmer-aspiration-salary-cap-circumvention) Conferences VMUG London (https://my.vmug.com/s/event/a4pVs000000eX25IAE/uk-usercon?filters=%257B%2522baseConditions%2522%3A%255B%257B%2522fieldName%2522%3A%2522acem__Zone__c%2522%2C%2522fieldType%2522%3A%2522ID%2522%2C%2522fieldValue%2522%3A%2522a4vVs0000002wkgIAA%2522%257D%255D%2C%2522tabCondition%2522%3A%2522Upcoming%2522%2C%2522textAreaConditions%2522%3A%255B%255D%2C%2522picklistConditions%2522%3A%255B%255D%2C%2522chatterGroupCondition%2522%3A%257B%2522chatterGroupId%2522%3Anull%257D%2C%2522page%2522%3A5%257D&chatterGroupId&utm_source&utm_medium&utm_campaign), Coté speaking, September 18th. SREDay London (https://sreday.com/2025-london-q3/), Coté speaking, September 18th and 19th. Civo Navigate London (https://www.civo.com/navigate/london/2025), Coté speaking, September 30th. Texas Linux Fest (https://2025.texaslinuxfest.org), Austin, October 3rd to 4th. CF Day EU (https://events.linuxfoundation.org/cloud-foundry-day-europe/), Coté speaking, Frankfurt, October 7th, 2025. AI for the Rest of Us (https://aifortherestofus.live/london-2025), Coté speaking, October 15th-16th, London. Use code SDT20 for 20% off. Wiz Wizdom Conferences (https://www.wiz.io/wizdom), NYC November 3-5, London November 17-19 SREDay Amsterdam (https://sreday.com/2025-amsterdam-q4/), Coté speaking, November 7th. SDT News & Community Join our Slack community (https://softwaredefinedtalk.slack.com/join/shared_invite/zt-1hn55iv5d-UTfN7mVX1D9D5ExRt3ZJYQ#/shared-invite/email) Email the show: questions@softwaredefinedtalk.com (mailto:questions@softwaredefinedtalk.com) Free stickers: Email your address to stickers@softwaredefinedtalk.com (mailto:stickers@softwaredefinedtalk.com) Follow us on social media: Twitter (https://twitter.com/softwaredeftalk), Threads (https://www.threads.net/@softwaredefinedtalk), Mastodon (https://hachyderm.io/@softwaredefinedtalk), LinkedIn (https://www.linkedin.com/company/software-defined-talk/), BlueSky (https://bsky.app/profile/softwaredefinedtalk.com) Watch us on: Twitch (https://www.twitch.tv/sdtpodcast), YouTube (https://www.youtube.com/channel/UCi3OJPV6h9tp-hbsGBLGsDQ/featured), Instagram (https://www.instagram.com/softwaredefinedtalk/), TikTok (https://www.tiktok.com/@softwaredefinedtalk) Book offer: Use code SDT for $20 off "Digital WTF" by Coté (https://leanpub.com/digitalwtf/c/sdt) Sponsor the show (https://www.softwaredefinedtalk.com/ads): ads@softwaredefinedtalk.com (mailto:ads@softwaredefinedtalk.com) Recommendations Brandon: Python: The Documentary | An origin story (https://www.youtube.com/watch?v=GfH4QL4VqJ0) Matt: macOS - Sound Output → another computer beats using a headphone switcher Coté: back to Obsidian (https://obsidian.md). Marriott lifetime platinum luggage tags (https://www.reddit.com/r/marriott/comments/17vtenx/life_time_platinum_luggage_tags_thats_it/), check out this deep dive (https://phillipsloop.com/2024/05/10/review-complimentary-marriott-bonvoy-lifetime-elite-gift/). Photo Credits Header (https://unsplash.com/photos/opera-house-sydney-australia-r2L6vCKaVRk)

BASE64 Over DNS The base64 character set exceeds what is allowable in DNS. However, some implementations will work even with these invalid characters. https://isc.sans.edu/diary/BASE64%20Over%20DNS/32274 Google Chrome Update Google released an update for Google Chrome, addressing two vulnerabilities. One of the vulnerabilities is rated critical and may allow code execution. https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_9.html Ivanti Updates Ivanti patched a number of vulnerabilities, several of them critical, across its product portfolio. https://forums.ivanti.com/s/article/September-Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-and-Neurons-for-Secure-Access-Multiple-CVEs Sophos Patches Sophos resolved authentication bypass vulnerability in Sophos AP6 series wireless access point firmware (CVE-2025-10159) https://www.sophos.com/en-us/security-advisories/sophos-sa-20250909-ap6 Apple Introduces Memory Integrity Enforcement With the new hardware promoted in yesterday s event, Apple also introduced new memory integrity features based on this new hardware. https://security.apple.com/blog/memory-integrity-enforcement/

Today we talk about measuring IPv6 and IPv6 statistics. We talk about why it’s useful to measure IPv6, how to track v6 deployment initiatives, and tools to help with your measurements. Episode Links: Google IPv6 – Google IPv6 Global Statistics Dashboard IPv6 Enabled – Hexabuild Episode Transcript: This episode was transcribed by AI and lightly... Read more »

This episode features Jake Hildreth, Principal Security Consultant at Semperis.With nearly 25 years of IT experience, Jake has seen how Active Directory Certificate Services (AD CS) can quietly become the most fragile, and most dangerous, part of an enterprise's identity infrastructure. Misunderstood, neglected, and often misconfigured, AD CS can hand attackers the ability to impersonate anyone in the organization.In this episode, Jake demystifies why certificates feel like “cult knowledge,” explains how simple missteps in AD CS cascade into critical risks, and shares real-world lessons from the front lines. He also introduces tools designed to help overworked admins find and fix issues before adversaries exploit them.This is a candid look at one of the least understood but most critical components of identity security, and the steps every security team should take now to avoid becoming the slowest gazelle in the herd.Guest BioJake Hildreth is a Principal Security Consultant at Semperis, Microsoft MVP, and longtime builder of tools that make identity security suck a little less. With nearly 25 years in IT (and the battle scars to prove it), he specializes in helping orgs secure Active Directory and survive the baroque disaster that is Active Directory Certificate Services.He's the creator of Locksmith, BlueTuxedo, and PowerPUG!, open-source tools built to make life easier for overworked identity admins. When he's not untangling Kerberos or wrangling DNS, he's usually hanging out with his favorite people and most grounding reality check: his wife and daughter.Guest Quote" The thing that you practice, whether it's one or a million things you're going to practice will never happen, but the thing that does will be informed by the muscle memory you've developed over that practice period. And you'll know that you either can or cannot weather the storm with your own resources.”Time stamps05:00 Why Are People Afraid of Certificates?07:52 Basics of Public Key Infrastructure (PKI)17:36 How AD CS Integrates with Active Directory20:20 Setting Up and Configuring AD CS23:19 Active Directory and Certificate Services Integration23:54 Consequences of a Compromised AD25:55 Primary Use Cases for AD CS28:39 Recommendations for Managing AD CS30:46 Locksmith: A Tool for AD CS Issues34:06 Common Security Issues in AD CS38:28 Steps to Improve AD CS SecuritySponsorThe HIP Podcast is brought to you by Semperis, the leader in identity-driven cyber resilience for the hybrid enterprise. Trusted by the world's leading businesses, Semperis protects critical Active Directory environments from cyberattacks, ensuring rapid recovery and business continuity when every second counts. Visit semperis.com to learn more.Links Connect with Jake on LinkedIn Learn about Locksmith Learn about Purple Knight Connect with Sean on LinkedIn Don't miss future episodes Register for HIP Conf 2025 Learn more about Semperis

Your tools say “secure.” Your headers say “leaking.”In this Threat Talks Deep Dive, ON2IT's Luca Cipriano (CTI & Red Team Lead) exposes Data Bouncing—a stealthy exfiltration trick that hides inside HTTP headers and abuses DNS lookups through trusted third parties. We show the demo, decode the psychology of the attack, and translate it into Zero Trust moves you can deploy today.(00:00) - – Why your defenses aren't enough (00:11) - – What is Data Bouncing? (01:22) - – How attackers exfiltrate data via DNS & headers (05:20) - – Live demo: DNS lookups & Burp Suite interception (10:48) - – Reassembling stolen files undetected (15:24) - – Can you defend against Data Bouncing? (19:20) - – Testing it in your own environment (21:00) - – Key takeaways & call to action Key Topics Covered•  How Data Bouncing enables covert data exfiltration•  Abuse of headers like X-Forwarded-For to bypass firewalls•  Live demo: attacker vs. victim scenario•  Defensive measures: decryption, inspection, Zero Trust, and SOC awarenessAdditional Resources• ON2IT Threat Talks Podcast: https://www.on2it.net/threat-talks• Zero Trust Resources: https://www.on2it.net/zero-trust/Guest & Host Links:• Luca Cipriano, Cyber Threat Intelligence Program Lead, ON2IT: https://www.linkedin.com/in/luca-c-914973124/• Rob Maas, Field CTO, ON2IT: https://www.linkedin.com/in/robmaas83/ Click here to view the episode transcript.

AWS Morning Brief for the week of September 8th, with Corey Quinn. Links:Amazon disrupts watering hole campaign by Russia's APT29AWS IAM launches new VPC endpoint condition keys for network perimeter controlsRDS Data API now supports IPv6Now Open — AWS Asia Pacific (New Zealand) RegionAWS Resource Explorer is now available in AWS Asia Pacific (Taipei) RegionProtect your Amazon Route 53 DNS zones and records Efficiently verify Amazon S3 data at scale with compute checksum operationAWS Elemental celebrates 10 years of innovationChoosing the right AWS live streaming solution for your use case

In this solo deep dive, I explore Freename, the blockchain-based domain platform that's reimagining digital identity—one TLD at a time. With a fresh $6.5M Series A (July 2025) and cross-chain support, Freename lets anyone not just register domains—but own and monetize entire top-level domains (TLDs) like .studio, .dao, or .creator. We unpack: Why Web2 domains are broken How Freename bridges Web2 + Web3 (yes, DNS compatible!) Why TLD ownership is the new frontier of identity and revenue Its approach to trademark protection, royalties, and decentralized naming infrastructure In a world where digital identity is fragmented and rented, Freename offers sovereignty.

In this episode of The Bitcoin Brief, Max and Q delve into the latest happenings in the world of Bitcoin and privacy. AOBQ gonna be in Madrid for WoBQ also gonna be in Manchester for BitfestMax AOBNEWSGoogle will soon required dev KYCBitcoin brief coverageCrypto asset tracing handbookBIS paper proposes self-KYC for non-custodial walletsUPDATES/RELEASESNunchuk adds MiniscriptRoninDojo v2.3.0Mostro v1.0.0+13 AlphaZeus v0.11.4 alphaCake Wallet v5.3.0Everything powered by ARK video from RigaBIP 39 PASSPHRASE TIPShttps://coldbit.com/blogs/blog/can-bip-39-passphrase-be-crackedIMPORTANT LINKS https://freesamourai.comhttps://p2prights.org/donate.htmlhttps://ungovernablemisfits.comVALUE FOR VALUEThanks for listening you Ungovernable Misfits, we appreciate your continued support and hope you enjoy the shows.You can support this episode using your time, talent or treasure.TIME:- create fountain clips for the show- create a meetup- help boost the signal on social mediaTALENT:- create ungovernable misfit inspired art, animation or music- design or implement some software that can make the podcast better- use whatever talents you have to make a contribution to the show!TREASURE:- BOOST IT OR STREAM SATS on the Podcasting 2.0 apps @ https://podcastapps.com- DONATE via Monero @ https://xmrchat.com/ugmf- BUY SOME STICKERS @ https://www.ungovernablemisfits.com/shop/FOUNDATIONhttps://foundation.xyz/ungovernableFoundation builds Bitcoin-centric tools that empower you to reclaim your digital sovereignty.As a sovereign computing company, Foundation is the antithesis of today's tech conglomerates. Returning to cypherpunk principles, they build open source technology that “can't be evil”.Thank you Foundation Devices for sponsoring the show!Use code: Ungovernable for $10 off of your purchaseCAKE WALLEThttps://cakewallet.comCake Wallet is an open-source, non-custodial wallet available on Android, iOS, macOS, and Linux.Features:- Built-in Exchange: Swap easily between Bitcoin and Monero.- User-Friendly: Simple interface for all users.Monero Users:- Batch Transactions: Send multiple payments at once.- Faster Syncing: Optimized syncing via specified restore heights- Proxy Support: Enhance privacy with proxy node options.Bitcoin Users:- Coin Control: Manage your transactions effectively.- Silent Payments: Static bitcoin addresses- Batch Transactions: Streamline your payment process.Thank you Cake Wallet for sponsoring the show!MYNYMBOXhttps://mynymbox.netYour go-to for anonymous server hosting solutions, featuring: virtual private & dedicated servers, domain registration and DNS parking. We don't require any of your personal information, and you can purchase using Bitcoin, Lightning, Monero and many other cryptos.Explore benefits such as No KYC, complete privacy & security, and human support.

Jak dnes firmy musí adaptovat svoje IT zabezpečení na neustále se měnící hrozby? Jak se mění povaha útoků? Lze při dnešním trendu remote práce uhlídat perimetr? A jakou roli hraje lidský faktor a provozní slepota? Lukáš Engler je Security Consultant ve společnosti DNS. Poskytuje poradenství a řešení v oblasti kybernetické bezpečnosti, spolupracuje na projektech v rámci portfolia firem DNS a jejich technologických partnerů. DNS je technologická společnost s 25 lety zkušeností, zajišťuje kompletní cyklus přípravy a realizace náročných IT projektů a dodává řešení od významných výrobců.

A Quick Look at Sextortion at Scale Jan analyzed 1900 different sextortion messages using 205 different Bitcoin addresses to look at the success rate, lifetime, and other metrics defining these campaigns. https://isc.sans.edu/diary/A%20quick%20look%20at%20sextortion%20at%20scale%3A%201%2C900%20messages%20and%20205%20Bitcoin%20addresses%20spanning%20four%20years/32252 Azure AD Client Secret Leak Attackers are stealing Azure AD client secrets from websites that are leaving them exposed. https://www.resecurity.com/blog/article/azure-ad-client-secret-leak-the-keys-to-cloud Covert Channel via ICMP and DNS A new bot combines ICMP and DNS in new ways for covert communication. The DNS requests use domains with a fixed prefix followed by a base64 encoded command, and the ICMP echo request packets include commands as a payload. https://blog.xlab.qianxin.com/mystrodx_covert_dual-mode_backdoor_en/ Official Release of Critical FreePBX Patch Sangoma has announced that the experimental patch released for the exploited FreePBX vulnerability is now considered stable, and users should update to apply it. https://community.freepbx.org/t/security-advisory-please-lock-down-your-administrator-access/107203

A monthly show where Max and Seth take a trip down memory lane to see what happened in the last 4 weeks of Monero.Proposed Monero improvementsDetective Mininghttps://github.com/monero-project/research-lab/issues/140Finality Layerhttps://github.com/monero-project/research-lab/issues/135Time-adjusted blockweighthttps://x.com/BawdyAnarchist_/status/1956537556532597238Software Updates (up to Aug 25th)Cake Wallet v5.3.0Doge supportBetter swapsBroad continued UI improvementsCake Wallet's Cupcake app now out of betav1.0Bitcoin and Monero supportPairs with Cake Wallet or Monero.com Stack Wallet releases v2.3.2https://monero.observer/rehrar-releases-stack-wallet-v2.3.2/Haveno v.1.2.0 releasedhttps://monero.observer/woodser-releases-haveno-v1.2.0-mandatory-update/https://github.com/retoaccess1/haveno-reto/releases/tag/1.2.1-1IMPORTANT LINKS https://freesamourai.comhttps://p2prights.org/donate.htmlhttps://ungovernablemisfits.comVALUE FOR VALUEThanks for listening you Ungovernable Misfits, we appreciate your continued support and hope you enjoy the shows.You can support this episode using your time, talent or treasure.TIME:- create fountain clips for the show- create a meetup- help boost the signal on social mediaTALENT:- create ungovernable misfit inspired art, animation or music- design or implement some software that can make the podcast better- use whatever talents you have to make a contribution to the show!TREASURE:- BOOST IT OR STREAM SATS on the Podcasting 2.0 apps @ https://podcastapps.com- DONATE via Monero @ https://xmrchat.com/ugmf- BUY SOME STICKERS @ https://www.ungovernablemisfits.com/shop/FOUNDATIONhttps://foundation.xyz/ungovernableFoundation builds Bitcoin-centric tools that empower you to reclaim your digital sovereignty.As a sovereign computing company, Foundation is the antithesis of today's tech conglomerates. Returning to cypherpunk principles, they build open source technology that “can't be evil”.Thank you Foundation Devices for sponsoring the show!Use code: Ungovernable for $10 off of your purchaseCAKE WALLEThttps://cakewallet.comCake Wallet is an open-source, non-custodial wallet available on Android, iOS, macOS, and Linux.Features:- Built-in Exchange: Swap easily between Bitcoin and Monero.- User-Friendly: Simple interface for all users.Monero Users:- Batch Transactions: Send multiple payments at once.- Faster Syncing: Optimized syncing via specified restore heights- Proxy Support: Enhance privacy with proxy node options.Bitcoin Users:- Coin Control: Manage your transactions effectively.- Silent Payments: Static bitcoin addresses- Batch Transactions: Streamline your payment process.Thank you Cake Wallet for sponsoring the show!MYNYMBOXhttps://mynymbox.netYour go-to for anonymous server hosting solutions, featuring: virtual private & dedicated servers, domain registration and DNS parking. We don't require any of your personal information, and you can purchase using Bitcoin, Lightning, Monero and many other cryptos.Explore benefits such as No KYC, complete privacy & security, and human support.

In this must-see BlackHat 2025 interview, Doug White sits down with Michael Callahan, CMO at Salt Security, for a high-stakes conversation about Agentic AI, Model Context Protocol (MCP) servers, and the massive API security risks reshaping the cyber landscape. Broadcast live from the CyberRisk TV studio at Mandalay Bay, Las Vegas, the discussion pulls back the curtain on how autonomous AI agents and centralized MCP hubs could supercharge productivity—while also opening the door to unprecedented supply chain vulnerabilities. From “shadow MCP servers” to the concept of an “API fabric,” Michael explains why these threats are evolving faster than traditional security measures can keep up, and why CISOs need to act before it's too late. Viewers will get rare insight into the parallels between MCP exploitation and DNS poisoning, the hidden dangers of API sprawl, and why this new era of AI-driven communication could become a hacker's dream. Blog: https://salt.security/blog/when-ai-agents-go-rogue-what-youre-missing-in-your-mcp-security Survey Report: https://content.salt.security/AI-Agentic-Survey-2025_LP-AI-Agentic-Survey-2025.html This segment is sponsored by Salt Security. Visit https://securityweekly.com/saltbh for a free API Attack Surface Assessment! At Black Hat 2025, live from the Cyber Risk TV studio in Las Vegas, Jackie McGuire sits down with Apiiro Co-Founder & CEO Idan Plotnik to unpack the real-world impact of AI code assistants on application security, developer velocity, and cloud costs. With experience as a former Director of Engineering at Microsoft, Idan dives into what drove him to launch Apiiro — and why 75% of engineers will be using AI assistants by 2028. From 10x more vulnerabilities to skyrocketing API bloat and security blind spots, Idan breaks down research from Fortune 500 companies on how AI is accelerating both innovation and risk. What you'll learn in this interview: - Why AI coding tools are increasing code complexity and risk - The massive cost of unnecessary APIs in cloud environments - How to automate secure code without slowing down delivery - Why most CISOs fail to connect security to revenue (and how to fix it) - How Apiiro's Autofix AI Agent helps organizations auto-fix and auto-govern code risks at scale This isn't just another AI hype talk. It's a deep dive into the future of secure software delivery — with practical steps for CISOs, CTOs, and security leaders to become true business enablers. Watch till the end to hear how Apiiro is helping Fortune 500s bridge the gap between code, risk, and revenue. Apiiro AutoFix Agent. Built for Enterprise Security: https://youtu.be/f-_zrnqzYsc Deep Dive Demo: https://youtu.be/WnFmMiXiUuM This segment is sponsored by Apiiro. Be one of the first to see their new AppSec Agent in action at https://securityweekly.com/apiirobh. Is Your AI Usage a Ticking Time Bomb? In this exclusive Black Hat 2025 interview, Matt Alderman sits down with GitLab CISO Josh Lemos to unpack one of the most pressing questions in tech today: Are executives blindly racing into AI adoption without understanding the risks? Filmed live at the CyberRisk TV Studio in Las Vegas, this eye-opening conversation dives deep into: - How AI is being rapidly adopted across enterprises — with or without security buy-in - Why AI governance is no longer optional — and how to actually implement it - The truth about agentic AI, automation, and building trust in non-human identities - The role of frameworks like ISO 42001 in building AI transparency and assurance - Real-world examples of how teams are using LLMs in development, documentation & compliance Whether you're a CISO, developer, or business exec — this discussion will reshape how you think about AI governance, security, and adoption strategy in your org. Don't wait until it's too late to understand the risks. The Economics of Software Innovation: $750B+ Opportunity at a Crossroads Report: http://about.gitlab.com/software-innovation-report/ For more information about GitLab and their report, please visit: https://securityweekly.com/gitlabbh Live from Black Hat 2025 in Las Vegas, Jackie McGuire sits down with Chris Boehm, Field CTO at Zero Networks, for a high-impact conversation on microsegmentation, shadow IT, and why AI still struggles to stop lateral movement. With 15+ years of cybersecurity experience—from Microsoft to SentinelOne—Chris breaks down complex concepts like you're a precocious 8th grader (his words!) and shares real talk on why AI alone won't save your infrastructure. Learn how Zero Networks is finally making microsegmentation frictionless, how summarization is the current AI win, and what red flags to look for when evaluating AI-infused security tools. If you're a CISO, dev, or just trying to stay ahead of cloud threats—this one's for you. This segment is sponsored by Zero Networks. Visit https://securityweekly.com/zerobh to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-346

In this episode, Max sits down with RandomNym, a long-time supporter and sponsor of the show, to discuss the intricacies of privacy-focused hosting services. RandomNym shares insights into his company's approach to providing secure hosting solutions without compromising user privacy.They also explore the broader implications of privacy in the tech industry, discussing the legal and ethical considerations of running a privacy-focused business. RandomNym explains the strategic decisions behind choosing the right jurisdictions for hosting services and the importance of decentralization and off-site backups. VALUE FOR VALUEThanks for listening you Ungovernable Misfits, we appreciate your continued support and hope you enjoy the shows.You can support this episode using your time, talent or treasure.TIME:- create fountain clips for the show- create a meetup- help boost the signal on social mediaTALENT:- create ungovernable misfit inspired art, animation or music- design or implement some software that can make the podcast better- use whatever talents you have to make a contribution to the show!TREASURE:- BOOST IT OR STREAM SATS on the Podcasting 2.0 apps @ https://podcastapps.com- DONATE via Monero @ https://xmrchat.com/ugmf- BUY SOME STICKERS @ https://www.ungovernablemisfits.com/shop/FOUNDATIONhttps://foundation.xyz/ungovernableFoundation builds Bitcoin-centric tools that empower you to reclaim your digital sovereignty.As a sovereign computing company, Foundation is the antithesis of today's tech conglomerates. Returning to cypherpunk principles, they build open source technology that “can't be evil”.Thank you Foundation Devices for sponsoring the show!Use code: Ungovernable for $10 off of your purchaseCAKE WALLEThttps://cakewallet.comCake Wallet is an open-source, non-custodial wallet available on Android, iOS, macOS, and Linux.Features:- Built-in Exchange: Swap easily between Bitcoin and Monero.- User-Friendly: Simple interface for all users.Monero Users:- Batch Transactions: Send multiple payments at once.- Faster Syncing: Optimized syncing via specified restore heights- Proxy Support: Enhance privacy with proxy node options.Bitcoin Users:- Coin Control: Manage your transactions effectively.- Silent Payments: Static bitcoin addresses- Batch Transactions: Streamline your payment process.Thank you Cake Wallet for sponsoring the show!MYNYMBOXhttps://mynymbox.netYour go-to for anonymous server hosting solutions, featuring: virtual private & dedicated servers, domain registration and DNS parking. We don't require any of your personal information, and you can purchase using Bitcoin, Lightning, Monero and many other cryptos.Explore benefits such as No KYC, complete privacy & security, and human support.(00:00:00) INTRO(00:00:41) BOOSTS(00:08:55) THANK YOU FOUNDATION(00:09:39) THANK YOU CAKE WALLET(00:10:30) Welcome to the Show RandomNym(00:11:33) Go Qubes Or Go Home(00:15:06) What is MyNymBox?(00:17:12) Services Offered by MyNymBox(00:24:26) The Zero Trust Network Principle(00:30:43) Why Did You Start The Business?(00:43:34) Bitcoin, Monero, and Privacy Concerns(00:48:20) Using Gift Cards and Prepaid Cards for Privacy(00:51:56) Freedom of Choice in Cryptocurrency(01:01:25) Company Structures and Flag Theory(01:03:38) Vist MyNymBox, Talk Soon!

In this must-see BlackHat 2025 interview, Doug White sits down with Michael Callahan, CMO at Salt Security, for a high-stakes conversation about Agentic AI, Model Context Protocol (MCP) servers, and the massive API security risks reshaping the cyber landscape. Broadcast live from the CyberRisk TV studio at Mandalay Bay, Las Vegas, the discussion pulls back the curtain on how autonomous AI agents and centralized MCP hubs could supercharge productivity—while also opening the door to unprecedented supply chain vulnerabilities. From “shadow MCP servers” to the concept of an “API fabric,” Michael explains why these threats are evolving faster than traditional security measures can keep up, and why CISOs need to act before it's too late. Viewers will get rare insight into the parallels between MCP exploitation and DNS poisoning, the hidden dangers of API sprawl, and why this new era of AI-driven communication could become a hacker's dream. Blog: https://salt.security/blog/when-ai-agents-go-rogue-what-youre-missing-in-your-mcp-security Survey Report: https://content.salt.security/AI-Agentic-Survey-2025_LP-AI-Agentic-Survey-2025.html This segment is sponsored by Salt Security. Visit https://securityweekly.com/saltbh for a free API Attack Surface Assessment! At Black Hat 2025, live from the Cyber Risk TV studio in Las Vegas, Jackie McGuire sits down with Apiiro Co-Founder & CEO Idan Plotnik to unpack the real-world impact of AI code assistants on application security, developer velocity, and cloud costs. With experience as a former Director of Engineering at Microsoft, Idan dives into what drove him to launch Apiiro — and why 75% of engineers will be using AI assistants by 2028. From 10x more vulnerabilities to skyrocketing API bloat and security blind spots, Idan breaks down research from Fortune 500 companies on how AI is accelerating both innovation and risk. What you'll learn in this interview: - Why AI coding tools are increasing code complexity and risk - The massive cost of unnecessary APIs in cloud environments - How to automate secure code without slowing down delivery - Why most CISOs fail to connect security to revenue (and how to fix it) - How Apiiro's Autofix AI Agent helps organizations auto-fix and auto-govern code risks at scale This isn't just another AI hype talk. It's a deep dive into the future of secure software delivery — with practical steps for CISOs, CTOs, and security leaders to become true business enablers. Watch till the end to hear how Apiiro is helping Fortune 500s bridge the gap between code, risk, and revenue. Apiiro AutoFix Agent. Built for Enterprise Security: https://youtu.be/f-_zrnqzYsc Deep Dive Demo: https://youtu.be/WnFmMiXiUuM This segment is sponsored by Apiiro. Be one of the first to see their new AppSec Agent in action at https://securityweekly.com/apiirobh. Is Your AI Usage a Ticking Time Bomb? In this exclusive Black Hat 2025 interview, Matt Alderman sits down with GitLab CISO Josh Lemos to unpack one of the most pressing questions in tech today: Are executives blindly racing into AI adoption without understanding the risks? Filmed live at the CyberRisk TV Studio in Las Vegas, this eye-opening conversation dives deep into: - How AI is being rapidly adopted across enterprises — with or without security buy-in - Why AI governance is no longer optional — and how to actually implement it - The truth about agentic AI, automation, and building trust in non-human identities - The role of frameworks like ISO 42001 in building AI transparency and assurance - Real-world examples of how teams are using LLMs in development, documentation & compliance Whether you're a CISO, developer, or business exec — this discussion will reshape how you think about AI governance, security, and adoption strategy in your org. Don't wait until it's too late to understand the risks. The Economics of Software Innovation: $750B+ Opportunity at a Crossroads Report: http://about.gitlab.com/software-innovation-report/ For more information about GitLab and their report, please visit: https://securityweekly.com/gitlabbh Live from Black Hat 2025 in Las Vegas, Jackie McGuire sits down with Chris Boehm, Field CTO at Zero Networks, for a high-impact conversation on microsegmentation, shadow IT, and why AI still struggles to stop lateral movement. With 15+ years of cybersecurity experience—from Microsoft to SentinelOne—Chris breaks down complex concepts like you're a precocious 8th grader (his words!) and shares real talk on why AI alone won't save your infrastructure. Learn how Zero Networks is finally making microsegmentation frictionless, how summarization is the current AI win, and what red flags to look for when evaluating AI-infused security tools. If you're a CISO, dev, or just trying to stay ahead of cloud threats—this one's for you. This segment is sponsored by Zero Networks. Visit https://securityweekly.com/zerobh to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-346

In this must-see BlackHat 2025 interview, Doug White sits down with Michael Callahan, CMO at Salt Security, for a high-stakes conversation about Agentic AI, Model Context Protocol (MCP) servers, and the massive API security risks reshaping the cyber landscape. Broadcast live from the CyberRisk TV studio at Mandalay Bay, Las Vegas, the discussion pulls back the curtain on how autonomous AI agents and centralized MCP hubs could supercharge productivity—while also opening the door to unprecedented supply chain vulnerabilities. From “shadow MCP servers” to the concept of an “API fabric,” Michael explains why these threats are evolving faster than traditional security measures can keep up, and why CISOs need to act before it's too late. Viewers will get rare insight into the parallels between MCP exploitation and DNS poisoning, the hidden dangers of API sprawl, and why this new era of AI-driven communication could become a hacker's dream. Blog: https://salt.security/blog/when-ai-agents-go-rogue-what-youre-missing-in-your-mcp-security Survey Report: https://content.salt.security/AI-Agentic-Survey-2025_LP-AI-Agentic-Survey-2025.html This segment is sponsored by Salt Security. Visit https://securityweekly.com/saltbh for a free API Attack Surface Assessment! At Black Hat 2025, live from the Cyber Risk TV studio in Las Vegas, Jackie McGuire sits down with Apiiro Co-Founder & CEO Idan Plotnik to unpack the real-world impact of AI code assistants on application security, developer velocity, and cloud costs. With experience as a former Director of Engineering at Microsoft, Idan dives into what drove him to launch Apiiro — and why 75% of engineers will be using AI assistants by 2028. From 10x more vulnerabilities to skyrocketing API bloat and security blind spots, Idan breaks down research from Fortune 500 companies on how AI is accelerating both innovation and risk. What you'll learn in this interview: - Why AI coding tools are increasing code complexity and risk - The massive cost of unnecessary APIs in cloud environments - How to automate secure code without slowing down delivery - Why most CISOs fail to connect security to revenue (and how to fix it) - How Apiiro's Autofix AI Agent helps organizations auto-fix and auto-govern code risks at scale This isn't just another AI hype talk. It's a deep dive into the future of secure software delivery — with practical steps for CISOs, CTOs, and security leaders to become true business enablers. Watch till the end to hear how Apiiro is helping Fortune 500s bridge the gap between code, risk, and revenue. Apiiro AutoFix Agent. Built for Enterprise Security: https://youtu.be/f-_zrnqzYsc Deep Dive Demo: https://youtu.be/WnFmMiXiUuM This segment is sponsored by Apiiro. Be one of the first to see their new AppSec Agent in action at https://securityweekly.com/apiirobh. Is Your AI Usage a Ticking Time Bomb? In this exclusive Black Hat 2025 interview, Matt Alderman sits down with GitLab CISO Josh Lemos to unpack one of the most pressing questions in tech today: Are executives blindly racing into AI adoption without understanding the risks? Filmed live at the CyberRisk TV Studio in Las Vegas, this eye-opening conversation dives deep into: - How AI is being rapidly adopted across enterprises — with or without security buy-in - Why AI governance is no longer optional — and how to actually implement it - The truth about agentic AI, automation, and building trust in non-human identities - The role of frameworks like ISO 42001 in building AI transparency and assurance - Real-world examples of how teams are using LLMs in development, documentation & compliance Whether you're a CISO, developer, or business exec — this discussion will reshape how you think about AI governance, security, and adoption strategy in your org. Don't wait until it's too late to understand the risks. The Economics of Software Innovation: $750B+ Opportunity at a Crossroads Report: http://about.gitlab.com/software-innovation-report/ For more information about GitLab and their report, please visit: https://securityweekly.com/gitlabbh Live from Black Hat 2025 in Las Vegas, Jackie McGuire sits down with Chris Boehm, Field CTO at Zero Networks, for a high-impact conversation on microsegmentation, shadow IT, and why AI still struggles to stop lateral movement. With 15+ years of cybersecurity experience—from Microsoft to SentinelOne—Chris breaks down complex concepts like you're a precocious 8th grader (his words!) and shares real talk on why AI alone won't save your infrastructure. Learn how Zero Networks is finally making microsegmentation frictionless, how summarization is the current AI win, and what red flags to look for when evaluating AI-infused security tools. If you're a CISO, dev, or just trying to stay ahead of cloud threats—this one's for you. This segment is sponsored by Zero Networks. Visit https://securityweekly.com/zerobh to learn more about them! Show Notes: https://securityweekly.com/asw-346

Miért nem úgy halad a céged, ahogy szeretnéd? A piac a hibás – vagy hiányzik mögüle a stratégia?Ebben az epizódban Foris Attila beszélget Marjai Viktorral, aki nemcsak a DISC elemzésről ismert, hanem arról is, hogy képes rendszerszinten újragondoltatni a vállalkozásokat.Viktor nem ad tanácsokat. Kérdéseket tesz fel. Keményeket. Olyanokat, amiket ritkán mersz magadnak megfogalmazni.✅ Meddig működik a céged nélküled?✅ Milyen jövőképre épül a napi hajtásod?✅ Tudod, miért akarsz vállalkozni egyáltalán?Az epizód olyan vállalkozóknak szól, akik már nem az első milliójukat hajszolják, hanem rendszerben gondolkodnak, stratégiát akarnak és stabil jövőt építenek – nem tűzoltanak.Marjai Viktor megmutatja:- hogyan gondolkodj hosszú távban,- miért nem működik a motiváció mint vezérfonal,- hogyan tervezz 10 évre előre úgy, hogy a céged akkor is működjön, ha te már kiszállsz.Kiderül, mit jelent valójában újratervezni a vállalkozás DNS-ét – és miért fájdalmas, de elengedhetetlen lépés, ha növekedni akarsz.

Transitioning from IPv4 to IPv6, or at least IPv6-mostly, is no easy task. Today’s show provides some education and advice about IPv6 transition mechanisms. We cover options such as NAT64, DNS64, PREF64, and more, as well as use cases. Also, if your technology vendors aren’t offering some of these mechanisms, ask for them – you’re... Read more »

The Domain Name System (DNS)—the system that turns numerical IP addresses into easy-to-read website names—has become highly competitive at the registrar level, with potentially harmful consequences when it comes to leasing domain names for criminal activities. Today, the DNS infrastructure is increasingly exploited for cybercrimes, such as phishing and scams. Why is ignoring the identity of the parties behind the crime more than just a technical DNS infrastructure abuse issue?In this episode, Shane is joined by Karen Rose. Rose was an early architect of internet policy and has had a substantial impact on global web infrastructure as one of the primary Department of Commerce authors of the policy white paper that created the Internet Corporation for Assigned Names and Numbers (ICANN) and a senior executive at the Internet Society. Today, she consults on technology issues focused on securing the next generation of communications infrastructure.

Transitioning from IPv4 to IPv6, or at least IPv6-mostly, is no easy task. Today’s show provides some education and advice about IPv6 transition mechanisms. We cover options such as NAT64, DNS64, PREF64, and more, as well as use cases. Also, if your technology vendors aren’t offering some of these mechanisms, ask for them – you’re... Read more »

DNS security is our topic on today's Tech Bytes podcast, sponsored by Palo Alto Networks. Specifically, Palo Alto Networks is here to talk about its Advanced DNS Resolver, or ADNSR, which provides a security-centric, cloud-delivered DNS resolution service. We talk about how ADNSR works, its features and capabilities, and how it differs from other DNS... Read more »

I just launched a new DNS Course for Web Designers, specifically to help you get a 101, foundational understanding of all things domains, DNS records, email, security, performance, etc.It replaced what was formerly my cPanel course. It's a short, snappy, “what you need to know” DNS course without getting too technical or overwhelming. In this podcast episode, I'm giving you a little teaser!Included in the episode:A few personal DNS horror stories (to illustrate how important it is to know this stuff as a web designer)The most popular lesson so far on ‘Domain Types'And I'm even including the DNS Checklist from the course FOR FREE! Think of it as your DNS SOP for you and your team.Again, be sure to download the DNS Checklist I've made available to you for free. It also includes a special offer if you'd like to dive into the full course!Show notes at joshhall.co/393

DNS security is our topic on today's Tech Bytes podcast, sponsored by Palo Alto Networks. Specifically, Palo Alto Networks is here to talk about its Advanced DNS Resolver, or ADNSR, which provides a security-centric, cloud-delivered DNS resolution service. We talk about how ADNSR works, its features and capabilities, and how it differs from other DNS... Read more »

Thank you for joining us for our 2nd Cabral HouseCall of the weekend! I'm looking forward to sharing with you some of our community's questions that have come in over the past few weeks…   Anonymous: Hi Dr. Cabral, My OATs test came back with normal markers for bacteria and fungus. I was on an extremely low carb diet when I took the test and was wondering if that could cause a false negative. I have taken herbal Antimicrobials and garlic in the past which sometimes eliminates the bloating and brain fog and does so within a few days but only at double doses and only working temporarily. I have a few mild chronic fungal infections, IBS, cognitive symptoms, and MCAS. Do you think the issue is more likely related to an overgrowth or intestinal permeability caused by MCAS? How should I begin treatment since I am sensitive to many supplements? My food sensitivity test unfortunately showed a false negative to all foods.                                                                                                                                                                Zonia: Hello Dr. Cabral, Thank you for all your insightful information! My husband has lipoma's all over his body ranging from dime size to 1/2 tennis ball. His mom has them too, but very few. He started getting them removed by the dozen and I understand they can regrow. How can we help prevent the regrowth? Also, we have twins (B/G)and are there any labs that can determine if either have the genes or how to minimize the chances they will have any? Thank you in advance!      Chris: Hi Dr Cabral, regarding magnesium intake and supplemental H2: The tablets we have include 80 mg of magnesium for 8ppm H2. If you were going to rely on H2 tablets for your exclusive molecular hydrogen source, how many tablets would you take per day to maximize H2 benefits while maintaining advisable magnesium levels and not too much? Assuming 2 scoops of DNS at breakfast (50mg magnesium) + 2 Full Spectrum Magnesium caps at dinner (250mg). I've been varying from 1-3 H2 tablets/daily throughout the week. I stopped taking a scoop of your very delicious & effective Calming Magnesium before bed (300mg) in order to prioritize the benefits of Molecular Hydrogen, however, would love to add this back in if its not too much Magnesium with everything else. Thank you always.           Anonymous: Hi! I have a couple questions. Might have to submit two for the length. First is about thyroid. My thyroid labs are showing normal TSH .56, low free T4 1.33, low total T3 114, high reverse T3 17.20 & TPO high at 25. Does this indicate Hashimoto hypothyroidism? Is this fixable or will I be on supplements or meds for ever? Is TPO specific to the thyroid or is this indicative of autoimmune issues in general? Im curious what even causes these issues to begin with Thank you so much!                                                                                                                                                                    Anonymous: Hi again, 2nd question. I have a hard time gaining muscle & showing tone. I'm a petite person, and have never really shown muscle tone even in high school despite being in sports.After my third baby I lost muscle. I can tell by my body composition changes.I weigh less but look and feel like it's no muscle & more fat. A PT once was shocked at my glute weakness comparing it to the elder. If I ever take a break in exercising, for about two weeks or more I feel much weaker than before I even started, seems like my strength is decreasing rapidly if I get sedentary for even 2 weeks. Could this have an underlying cause or is this just how some of us are? Should I accept the fact that maybe I won't ever build or show much muscle tone? For reference, 33 y/o female, possible hashimotos and lipedema.       Thank you for tuning into this weekend's Cabral HouseCalls and be sure to check back tomorrow for our Mindset & Motivation Monday show to get your week started off right! - - - Show Notes and Resources: StephenCabral.com/3488 - - - Get a FREE Copy of Dr. Cabral's Book: The Rain Barrel Effect - - - Join the Community & Get Your Questions Answered: CabralSupportGroup.com - - - Dr. Cabral's Most Popular At-Home Lab Tests: > Complete Minerals & Metals Test (Test for mineral imbalances & heavy metal toxicity) - - - > Complete Candida, Metabolic & Vitamins Test (Test for 75 biomarkers including yeast & bacterial gut overgrowth, as well as vitamin levels) - - - > Complete Stress, Mood & Metabolism Test (Discover your complete thyroid, adrenal, hormone, vitamin D & insulin levels) - - - > Complete Food Sensitivity Test (Find out your hidden food sensitivities) - - - > Complete Omega-3 & Inflammation Test (Discover your levels of inflammation related to your omega-6 to omega-3 levels) - - - Get Your Question Answered On An Upcoming HouseCall: StephenCabral.com/askcabral - - - Would You Take 30 Seconds To Rate & Review The Cabral Concept? The best way to help me spread our mission of true natural health is to pass on the good word, and I read and appreciate every review!  

Welcome back to our weekend Cabral HouseCall shows! This is where we answer our community's wellness, weight loss, and anti-aging questions to help people get back on track! Check out today's questions:    Sarah: Hello! Back with another question.. Im 28 female from scotland, and have had hair growing in places I shouldn't since age 24. The hair under my chin and a bit on my neck/cheeks is what gets me down the most. My doctor has checked me for PCOS through bloodwork and said everything was fine. I've recently did your hormone test. Testosterone was great, estrogen good, progesterone was low and cortisol was low. I've been on progesterone support, adrenal energy aswell as DNS, greens, omegas etc for some time now. I also take pumpkin seed oil and saw palmetto. The hair just keeps growing. What else can I do? I've tried countless rounds of laser but it just returns. Is hair in this area always related to PCOS/hormones? Can it just be genetics? Thank you!!                                                            Larissa: Hello! I was exposed to black mold for 6 yrs about 5yrs ago. Although my most severe symptoms went away, some longer. I've been working with a naturopath whom recommended a protocol with cholestyramine, charcoal, and minerals for about 1M. However, I've read Andrew Campbell mold protocol and he recommends itraconazole for 7 days. I did my urine mycotoxin testing FYI which still shows a high load of most all strains. Which do you recommend? I want to get rid of all the mold with the least side effects and avoiding constipation (I already have to take daily magnesium citrate to have daily bowel movements). Thank you!!!                                                                                                          Sabrina: Hi doctor Cabral. I'm hoping you can help me with something that is super frustrating. My stomach craves large meals for satisfaction, yet they cause bloating. Conversely, small-volume meals, despite being calorie-dense, just don't register as filling, leaving me wanting more. Is there a way to solve this, meaning training your stomach to be satisfied with smaller meals? Thanks so much for your help!                     Lisa: I am a 48yr old female and have elevated kidney function. 1.1.  have been told not to take creatine. I have heard multiple times that to much protein can have an effect on kidney function also. I love to workout and fir my age high protein and creatine is suppose to be good for someone who works out. Will these things truly hinder or further hinder my kidney function.                                                                                   Cassi: Just completed your book, The Rain Barrel Effect, and was wondering if you have worked with anyone with EOE (Eosinophilic esophagitis) to successfully get them off of PPIs? I've also dealt with histamine intolerance, that I've actually been able to reverse through a lot of what you teach in the book, and I have also gotten down from 20mg of omeprazole twice a day to 20mg once every other day but if I go longer than that I find myself choking on food again no matter how little I eat at a time or how well I chew it.      Thank you for tuning into today's Cabral HouseCall and be sure to check back tomorrow where we answer more of our community's questions!    - - - Show Notes and Resources: StephenCabral.com/3487 - - - Get a FREE Copy of Dr. Cabral's Book: The Rain Barrel Effect - - - Join the Community & Get Your Questions Answered: CabralSupportGroup.com - - - Dr. Cabral's Most Popular At-Home Lab Tests: > Complete Minerals & Metals Test (Test for mineral imbalances & heavy metal toxicity) - - - > Complete Candida, Metabolic & Vitamins Test (Test for 75 biomarkers including yeast & bacterial gut overgrowth, as well as vitamin levels) - - - > Complete Stress, Mood & Metabolism Test (Discover your complete thyroid, adrenal, hormone, vitamin D & insulin levels) - - - > Complete Food Sensitivity Test (Find out your hidden food sensitivities) - - - > Complete Omega-3 & Inflammation Test (Discover your levels of inflammation related to your omega-6 to omega-3 levels) - - - Get Your Question Answered On An Upcoming HouseCall: StephenCabral.com/askcabral - - - Would You Take 30 Seconds To Rate & Review The Cabral Concept? The best way to help me spread our mission of true natural health is to pass on the good word, and I read and appreciate every review!  

Don't Forget The "-n" Command Line Switch Disabling reverse DNS lookups for IP addresses is important not just for performance, but also for opsec. Xavier is explaining some of the risks. https://isc.sans.edu/diary/Don%27t%20Forget%20The%20%22-n%22%20Command%20Line%20Switch/32220 watchTowr releases details about recent Commvault flaws Users of the Commvault enterprise backup solution must patch now after watchTowr released details about recent vulnerabilities https://labs.watchtowr.com/guess-who-would-be-stupid-enough-to-rob-the-same-vault-twice-pre-auth-rce-chains-in-commvault/?123 Docker Desktop Vulnerability CVE-2025-9074 A vulnerability in Docker Desktop allows attackers to escape from containers to attack the host. https://docs.docker.com/desktop/release-notes/#4443

Kristelig Folkeparti casher inn både penger og velgere på sin nye og skarpere profil. Holder det hele veien inn til valget?Krf-leder Dag-Inge Ulstein gjester ukens podkast på telefon fra Mørekysten. Der driver han valgkamp blant venner og donorer i næringslivet. Og han opplever ikke bare en bølge av støtte for KrFs konservative verdier og familiepolitikk. Han opplever rent ut en bevegelse, et tidevann som reiser seg, langt større enn et opprør blant sinte unge menn, kan han fortelle.Men det er tøft å lese om seg selv som en mann uten hjerte, slik Aftenposten denne uken skrev i en kommentar etter partilederdebatten i TV 2 tirsdag.Men hvordan går det an for Ulstein å ikke fordømme det Israel gjør på humanitært grunnlag? Det er vanskelig å forstå. Ulstein forsøker seg på et svar til DNs kommentator Eva Grinde. Hosted on Acast. See acast.com/privacy for more information.

In this episode of The Bitcoin Brief, Max and Q delve into the latest happenings in the world of Bitcoin and privacy. AOBBack after a 1 show hiatusFreedom Tech FridayRiga recapCore shippingPrime video from ZachNEWSSamourai devs take plea dealRoman storm found guilt of unlicensed money transmissionArk Labs runs mainnet test in RigaBlock launches modular Bitcoin minerGoogle gives the industry a scareUPDATES/RELEASESEnvoy v2.0.2Passport v2.3.9Phoenix v2.6.4Zeus v0.11.3Cake v5.2.0Robosats v0.8.1 alphaBluewallet v7.2.0IMPORTANT LINKS https://freesamourai.comhttps://p2prights.org/donate.htmlhttps://ungovernablemisfits.comVALUE FOR VALUEThanks for listening you Ungovernable Misfits, we appreciate your continued support and hope you enjoy the shows.You can support this episode using your time, talent or treasure.TIME:- create fountain clips for the show- create a meetup- help boost the signal on social mediaTALENT:- create ungovernable misfit inspired art, animation or music- design or implement some software that can make the podcast better- use whatever talents you have to make a contribution to the show!TREASURE:- BOOST IT OR STREAM SATS on the Podcasting 2.0 apps @ https://podcastapps.com- DONATE via Monero @ https://xmrchat.com/ugmf- BUY SOME STICKERS @ https://www.ungovernablemisfits.com/shop/FOUNDATIONhttps://foundation.xyz/ungovernableFoundation builds Bitcoin-centric tools that empower you to reclaim your digital sovereignty.As a sovereign computing company, Foundation is the antithesis of today's tech conglomerates. Returning to cypherpunk principles, they build open source technology that “can't be evil”.Thank you Foundation Devices for sponsoring the show!Use code: Ungovernable for $10 off of your purchaseCAKE WALLEThttps://cakewallet.comCake Wallet is an open-source, non-custodial wallet available on Android, iOS, macOS, and Linux.Features:- Built-in Exchange: Swap easily between Bitcoin and Monero.- User-Friendly: Simple interface for all users.Monero Users:- Batch Transactions: Send multiple payments at once.- Faster Syncing: Optimized syncing via specified restore heights- Proxy Support: Enhance privacy with proxy node options.Bitcoin Users:- Coin Control: Manage your transactions effectively.- Silent Payments: Static bitcoin addresses- Batch Transactions: Streamline your payment process.Thank you Cake Wallet for sponsoring the show!MYNYMBOXhttps://mynymbox.ioYour go-to for anonymous server hosting solutions, featuring: virtual private & dedicated servers, domain registration and DNS parking. We don't require any of your personal information, and you can purchase using Bitcoin, Lightning, Monero and many other cryptos.Explore benefits such as No KYC, complete privacy & security, and human support.

DNS 277 Dave Crosland & Scott McNally 2:45 The Evolution of Old School Cycles 19:00 Do you want a Superdrol Breakdown again? 20:40 Risk of infection from L-Carnitine 23:20 Training hard without joint issues as you age 29:46 Short 4 wk, low dose cycles with 4 wks TRT between 33:00 Cycle Planning for older guy 34:45 Getting stronger but not growing 39:20 3 wks off cycle and missing the pumps 44:00 Anadrol for a Sprinter ? 46:00 Scott's Client dieted on TRT with 3 wks Winny 48:50 Teenage gyno but no sensitivity as an adult 52:30 Uncle Dave's Wisdom - Controlling Tempter 58:30 Picking up girls, uncle Dave style 1:02:00 Struggle Balancing bodybuilding and life ✅ ✅ Modern Aminos New Peptide and Research Chem Affiliate : https://tinyurl.com/y4nts94n ✅ ✅Code THINKBIG ✅ Parabolic Peptides Great Research Tabs and Peps https://tinyurl.com/ycpnbjzd ✅ ✅Code THINK ✅ ✅SomaChems https://somachems.com ✅ ✅Code THINK

You’ve sent in questions and on today’s IPv6 Buzz episode Ed, Nick, and Tom answer them. Questions include using DHCPv6 versus SLAAC in a home network, IPv6 and email services, a NAT66 recap, and more. Stay tuned for full episodes coming up that cover Path MTU discovery and IPv6 and containers.  Episode Links: Google IPv6... Read more »

Matt wonders why there are so many face computers, Niléane has an awesome podcast app update, and Chris figures out which of two compelling pitches he gets to buy. How would you have done our challenges? How would you answer the question at the end of the show? Let us know! Main Topics Meta Ray-Bans Castro Other stuff Adam's HTTP, DNS, and SMTP stickers Meta Reality Labs is losing tons of money Eve Flare…aka the big ball Nomad Slim Wallet Nomadic wallet Follow the Hosts Chris on YouTube Matt on Birchtree Niléane on Mastodon Comfort Zone on Mastodon Comfort Zone on Bluesky

You’ve sent in questions and on today’s IPv6 Buzz episode Ed, Nick, and Tom answer them. Questions include using DHCPv6 versus SLAAC in a home network, IPv6 and email services, a NAT66 recap, and more. Stay tuned for full episodes coming up that cover Path MTU discovery and IPv6 and containers.  Episode Links: Google IPv6... Read more »

Arnaud et Guillaume explore l'évolution de l'écosystème Java avec Java 25, Spring Boot et Quarkus, ainsi que les dernières tendances en intelligence artificielle avec les nouveaux modèles comme Grok 4 et Claude Code. Les animateurs font également le point sur l'infrastructure cloud, les défis MCP et CLI, tout en discutant de l'impact de l'IA sur la productivité des développeurs et la gestion de la dette technique. Enregistré le 8 août 2025 Téléchargement de l'épisode LesCastCodeurs-Episode–329.mp3 ou en vidéo sur YouTube. News Langages Java 25: JEP 515 : Profilage de méthode en avance (Ahead-of-Time) https://openjdk.org/jeps/515 Le JEP 515 a pour but d'améliorer le temps de démarrage et de chauffe des applications Java. L'idée est de collecter les profils d'exécution des méthodes lors d'une exécution antérieure, puis de les rendre immédiatement disponibles au démarrage de la machine virtuelle. Cela permet au compilateur JIT de générer du code natif dès le début, sans avoir à attendre que l'application soit en cours d'exécution. Ce changement ne nécessite aucune modification du code des applications, des bibliothèques ou des frameworks. L'intégration se fait via les commandes de création de cache AOT existantes. Voir aussi https://openjdk.org/jeps/483 et https://openjdk.org/jeps/514 Java 25: JEP 518 : Échantillonnage coopératif JFR https://openjdk.org/jeps/518 Le JEP 518 a pour objectif d'améliorer la stabilité et l'évolutivité de la fonction JDK Flight Recorder (JFR) pour le profilage d'exécution. Le mécanisme d'échantillonnage des piles d'appels de threads Java est retravaillé pour s'exécuter uniquement à des safepoints, ce qui réduit les risques d'instabilité. Le nouveau modèle permet un parcours de pile plus sûr, notamment avec le garbage collector ZGC, et un échantillonnage plus efficace qui prend en charge le parcours de pile concurrent. Le JEP ajoute un nouvel événement, SafepointLatency, qui enregistre le temps nécessaire à un thread pour atteindre un safepoint. L'approche rend le processus d'échantillonnage plus léger et plus rapide, car le travail de création de traces de pile est délégué au thread cible lui-même. Librairies Spring Boot 4 M1 https://spring.io/blog/2025/07/24/spring-boot–4–0–0-M1-available-now Spring Boot 4.0.0-M1 met à jour de nombreuses dépendances internes et externes pour améliorer la stabilité et la compatibilité. Les types annotés avec @ConfigurationProperties peuvent maintenant référencer des types situés dans des modules externes grâce à @ConfigurationPropertiesSource. Le support de l'information sur la validité des certificats SSL a été simplifié, supprimant l'état WILL_EXPIRE_SOON au profit de VALID. L'auto-configuration des métriques Micrometer supporte désormais l'annotation @MeterTag sur les méthodes annotées @Counted et @Timed, avec évaluation via SpEL. Le support de @ServiceConnection pour MongoDB inclut désormais l'intégration avec MongoDBAtlasLocalContainer de Testcontainers. Certaines fonctionnalités et API ont été dépréciées, avec des recommandations pour migrer les points de terminaison personnalisés vers les versions Spring Boot 2. Les versions milestones et release candidates sont maintenant publiées sur Maven Central, en plus du repository Spring traditionnel. Un guide de migration a été publié pour faciliter la transition depuis Spring Boot 3.5 vers la version 4.0.0-M1. Passage de Spring Boot à Quarkus : retour d'expérience https://blog.stackademic.com/we-switched-from-spring-boot-to-quarkus-heres-the-ugly-truth-c8a91c2b8c53 Une équipe a migré une application Java de Spring Boot vers Quarkus pour gagner en performances et réduire la consommation mémoire. L'objectif était aussi d'optimiser l'application pour le cloud natif. La migration a été plus complexe que prévu, notamment à cause de l'incompatibilité avec certaines bibliothèques et d'un écosystème Quarkus moins mature. Il a fallu revoir du code et abandonner certaines fonctionnalités spécifiques à Spring Boot. Les gains en performances et en mémoire sont réels, mais la migration demande un vrai effort d'adaptation. La communauté Quarkus progresse, mais le support reste limité comparé à Spring Boot. Conclusion : Quarkus est intéressant pour les nouveaux projets ou ceux prêts à être réécrits, mais la migration d'un projet existant est un vrai défi. LangChain4j 1.2.0 : Nouvelles fonctionnalités et améliorations https://github.com/langchain4j/langchain4j/releases/tag/1.2.0 Modules stables : Les modules langchain4j-anthropic, langchain4j-azure-open-ai, langchain4j-bedrock, langchain4j-google-ai-gemini, langchain4j-mistral-ai et langchain4j-ollama sont désormais en version stable 1.2.0. Modules expérimentaux : La plupart des autres modules de LangChain4j sont en version 1.2.0-beta8 et restent expérimentaux/instables. BOM mis à jour : Le langchain4j-bom a été mis à jour en version 1.2.0, incluant les dernières versions de tous les modules. Principales améliorations : Support du raisonnement/pensée dans les modèles. Appels d'outils partiels en streaming. Option MCP pour exposer automatiquement les ressources en tant qu'outils. OpenAI : possibilité de définir des paramètres de requête personnalisés et d'accéder aux réponses HTTP brutes et aux événements SSE. Améliorations de la gestion des erreurs et de la documentation. Filtering Metadata Infinispan ! (cc Katia( Et 1.3.0 est déjà disponible https://github.com/langchain4j/langchain4j/releases/tag/1.3.0 2 nouveaux modules expérimentaux, langchain4j-agentic et langchain4j-agentic-a2a qui introduisent un ensemble d'abstractions et d'utilitaires pour construire des applications agentiques Infrastructure Cette fois c'est vraiment l'année de Linux sur le desktop ! https://www.lesnumeriques.com/informatique/c-est-enfin-arrive-linux-depasse-un-seuil-historique-que-microsoft-pensait-intouchable-n239977.html Linux a franchi la barre des 5% aux USA Cette progression s'explique en grande partie par l'essor des systèmes basés sur Linux dans les environnements professionnels, les serveurs, et certains usages grand public. Microsoft, longtemps dominant avec Windows, voyait ce seuil comme difficilement atteignable à court terme. Le succès de Linux est également alimenté par la popularité croissante des distributions open source, plus légères, personnalisables et adaptées à des usages variés. Le cloud, l'IoT, et les infrastructures de serveurs utilisent massivement Linux, ce qui contribue à cette augmentation globale. Ce basculement symbolique marque un changement d'équilibre dans l'écosystème des systèmes d'exploitation. Toutefois, Windows conserve encore une forte présence dans certains segments, notamment chez les particuliers et dans les entreprises classiques. Cette évolution témoigne du dynamisme et de la maturité croissante des solutions Linux, devenues des alternatives crédibles et robustes face aux offres propriétaires. Cloud Cloudflare 1.1.1.1 s'en va pendant une heure d'internet https://blog.cloudflare.com/cloudflare–1–1–1–1-incident-on-july–14–2025/ Le 14 juillet 2025, le service DNS public Cloudflare 1.1.1.1 a subi une panne majeure de 62 minutes, rendant le service indisponible pour la majorité des utilisateurs mondiaux. Cette panne a aussi causé une dégradation intermittente du service Gateway DNS. L'incident est survenu suite à une mise à jour de la topologie des services Cloudflare qui a activé une erreur de configuration introduite en juin 2025. Cette erreur faisait que les préfixes destinés au service 1.1.1.1 ont été accidentellement inclus dans un nouveau service de localisation des données (Data Localization Suite), ce qui a perturbé le routage anycast. Le résultat a été une incapacité pour les utilisateurs à résoudre les noms de domaine via 1.1.1.1, rendant la plupart des services Internet inaccessibles pour eux. Ce n'était pas le résultat d'une attaque ou d'un problème BGP, mais une erreur interne de configuration. Cloudflare a rapidement identifié la cause, corrigé la configuration et mis en place des mesures pour prévenir ce type d'incident à l'avenir. Le service est revenu à la normale après environ une heure d'indisponibilité. L'incident souligne la complexité et la sensibilité des infrastructures anycast et la nécessité d'une gestion rigoureuse des configurations réseau. Web L'évolution des bonnes pratiques de Node.js https://kashw1n.com/blog/nodejs–2025/ Évolution de Node.js en 2025 : Le développement se tourne vers les standards du web, avec moins de dépendances externes et une meilleure expérience pour les développeurs. ES Modules (ESM) par défaut : Remplacement de CommonJS pour un meilleur outillage et une standardisation avec le web. Utilisation du préfixe node: pour les modules natifs afin d'éviter les conflits. API web intégrées : fetch, AbortController, et AbortSignal sont maintenant natifs, réduisant le besoin de librairies comme axios. Runner de test intégré : Plus besoin de Jest ou Mocha pour la plupart des cas. Inclut un mode “watch” et des rapports de couverture. Patterns asynchrones avancés : Utilisation plus poussée de async/await avec Promise.all() pour le parallélisme et les AsyncIterators pour les flux d'événements. Worker Threads pour le parallélisme : Pour les tâches lourdes en CPU, évitant de bloquer l'event loop principal. Expérience de développement améliorée : Intégration du mode --watch (remplace nodemon) et du support --env-file (remplace dotenv). Sécurité et performance : Modèle de permission expérimental pour restreindre l'accès et des hooks de performance natifs pour le monitoring. Distribution simplifiée : Création d'exécutables uniques pour faciliter le déploiement d'applications ou d'outils en ligne de commande. Sortie de Apache EChart 6 après 12 ans ! https://echarts.apache.org/handbook/en/basics/release-note/v6-feature/ Apache ECharts 6.0 : Sortie officielle après 12 ans d'évolution. 12 mises à niveau majeures pour la visualisation de données. Trois dimensions clés d'amélioration : Présentation visuelle plus professionnelle : Nouveau thème par défaut (design moderne). Changement dynamique de thème. Prise en charge du mode sombre. Extension des limites de l'expression des données : Nouveaux types de graphiques : Diagramme de cordes (Chord Chart), Nuage de points en essaim (Beeswarm Chart). Nouvelles fonctionnalités : Jittering pour nuages de points denses, Axes coupés (Broken Axis). Graphiques boursiers améliorés Liberté de composition : Nouveau système de coordonnées matriciel. Séries personnalisées améliorées (réutilisation du code, publication npm). Nouveaux graphiques personnalisés inclus (violon, contour, etc.). Optimisation de l'agencement des étiquettes d'axe. Data et Intelligence Artificielle Grok 4 s'est pris pour un nazi à cause des tools https://techcrunch.com/2025/07/15/xai-says-it-has-fixed-grok–4s-problematic-responses/ À son lancement, Grok 4 a généré des réponses offensantes, notamment en se surnommant « MechaHitler » et en adoptant des propos antisémites. Ce comportement provenait d'une recherche automatique sur le web qui a mal interprété un mème viral comme une vérité. Grok alignait aussi ses réponses controversées sur les opinions d'Elon Musk et de xAI, ce qui a amplifié les biais. xAI a identifié que ces dérapages étaient dus à une mise à jour interne intégrant des instructions encourageant un humour offensant et un alignement avec Musk. Pour corriger cela, xAI a supprimé le code fautif, remanié les prompts système, et imposé des directives demandant à Grok d'effectuer une analyse indépendante, en utilisant des sources diverses. Grok doit désormais éviter tout biais, ne plus adopter un humour politiquement incorrect, et analyser objectivement les sujets sensibles. xAI a présenté ses excuses, précisant que ces dérapages étaient dus à un problème de prompt et non au modèle lui-même. Cet incident met en lumière les défis persistants d'alignement et de sécurité des modèles d'IA face aux injections indirectes issues du contenu en ligne. La correction n'est pas qu'un simple patch technique, mais un exemple des enjeux éthiques et de responsabilité majeurs dans le déploiement d'IA à grande échelle. Guillaume a sorti toute une série d'article sur les patterns agentiques avec le framework ADK pour Java https://glaforge.dev/posts/2025/07/29/mastering-agentic-workflows-with-adk-the-recap/ Un premier article explique comment découper les tâches en sous-agents IA : https://glaforge.dev/posts/2025/07/23/mastering-agentic-workflows-with-adk-sub-agents/ Un deuxième article détaille comment organiser les agents de manière séquentielle : https://glaforge.dev/posts/2025/07/24/mastering-agentic-workflows-with-adk-sequential-agent/ Un troisième article explique comment paralleliser des tâches indépendantes : https://glaforge.dev/posts/2025/07/25/mastering-agentic-workflows-with-adk-parallel-agent/ Et enfin, comment faire des boucles d'amélioration : https://glaforge.dev/posts/2025/07/28/mastering-agentic-workflows-with-adk-loop-agents/ Tout ça évidemment en Java :slightly_smiling_face: 6 semaines de code avec Claude https://blog.puzzmo.com/posts/2025/07/30/six-weeks-of-claude-code/ Orta partage son retour après 6 semaines d'utilisation quotidienne de Claude Code, qui a profondément changé sa manière de coder. Il ne « code » plus vraiment ligne par ligne, mais décrit ce qu'il veut, laisse Claude proposer une solution, puis corrige ou ajuste. Cela permet de se concentrer sur le résultat plutôt que sur l'implémentation, comme passer de la peinture au polaroid. Claude s'avère particulièrement utile pour les tâches de maintenance : migrations, refactors, nettoyage de code. Il reste toujours en contrôle, révise chaque diff généré, et guide l'IA via des prompts bien cadrés. Il note qu'il faut quelques semaines pour prendre le bon pli : apprendre à découper les tâches et formuler clairement les attentes. Les tâches simples deviennent quasi instantanées, mais les tâches complexes nécessitent encore de l'expérience et du discernement. Claude Code est vu comme un très bon copilote, mais ne remplace pas le rôle du développeur qui comprend l'ensemble du système. Le gain principal est une vitesse de feedback plus rapide et une boucle d'itération beaucoup plus courte. Ce type d'outil pourrait bien redéfinir la manière dont on pense et structure le développement logiciel à moyen terme. Claude Code et les serveurs MCP : ou comment transformer ton terminal en assistant surpuissant https://touilleur-express.fr/2025/07/27/claude-code-et-les-serveurs-mcp-ou-comment-transformer-ton-terminal-en-assistant-surpuissant/ Nicolas continue ses études sur Claude Code et explique comment utiliser les serveurs MCP pour rendre Claude bien plus efficace. Le MCP Context7 montre comment fournir à l'IA la doc technique à jour (par exemple, Next.js 15) pour éviter les hallucinations ou les erreurs. Le MCP Task Master, autre serveur MCP, transforme un cahier des charges (PRD) en tâches atomiques, estimées, et organisées sous forme de plan de travail. Le MCP Playwright permet de manipuler des navigateurs et d'executer des tests E2E Le MCP Digital Ocean permet de déployer facilement l'application en production Tout n'est pas si ideal, les quotas sont atteints en quelques heures sur une petite application et il y a des cas où il reste bien plus efficace de le faire soit-même (pour un codeur expérimenté) Nicolas complète cet article avec l'écriture d'un MVP en 20 heures: https://touilleur-express.fr/2025/07/30/comment-jai-code-un-mvp-en-une-vingtaine-dheures-avec-claude-code/ Le développement augmenté, un avis politiquement correct, mais bon… https://touilleur-express.fr/2025/07/31/le-developpement-augmente-un-avis-politiquement-correct-mais-bon/ Nicolas partage un avis nuancé (et un peu provoquant) sur le développement augmenté, où l'IA comme Claude Code assiste le développeur sans le remplacer. Il rejette l'idée que cela serait « trop magique » ou « trop facile » : c'est une évolution logique de notre métier, pas un raccourci pour les paresseux. Pour lui, un bon dev reste celui qui structure bien sa pensée, sait poser un problème, découper, valider — même si l'IA aide à coder plus vite. Il raconte avoir codé une app OAuth, testée, stylisée et déployée en quelques heures, sans jamais quitter le terminal grâce à Claude. Ce genre d'outillage change le rapport au temps : on passe de « je vais y réfléchir » à « je tente tout de suite une version qui marche à peu près ». Il assume aimer cette approche rapide et imparfaite : mieux vaut une version brute livrée vite qu'un projet bloqué par le perfectionnisme. L'IA est selon lui un super stagiaire : jamais fatigué, parfois à côté de la plaque, mais diablement productif quand bien briefé. Il conclut que le « dev augmenté » ne remplace pas les bons développeurs… mais les développeurs moyens doivent s'y mettre, sous peine d'être dépassés. ChatGPT lance le mode d'étude : un apprentissage interactif pas à pas https://openai.com/index/chatgpt-study-mode/ OpenAI propose un mode d'étude dans ChatGPT qui guide les utilisateurs pas à pas plutôt que de donner directement la réponse. Ce mode vise à encourager la réflexion active et l'apprentissage en profondeur. Il utilise des instructions personnalisées pour poser des questions et fournir des explications adaptées au niveau de l'utilisateur. Le mode d'étude favorise la gestion de la charge cognitive et stimule la métacognition. Il propose des réponses structurées pour faciliter la compréhension progressive des sujets. Disponible dès maintenant pour les utilisateurs connectés, ce mode sera intégré dans ChatGPT Edu. L'objectif est de transformer ChatGPT en un véritable tuteur numérique, aidant les étudiants à mieux assimiler les connaissances. A priori Gemini viendrait de sortir un fonctionnalité similaire Lancement de GPT-OSS par OpenAI https://openai.com/index/introducing-gpt-oss/ https://openai.com/index/gpt-oss-model-card/ OpenAI a lancé GPT-OSS, sa première famille de modèles open-weight depuis GPT–2. Deux modèles sont disponibles : gpt-oss–120b et gpt-oss–20b, qui sont des modèles mixtes d'experts conçus pour le raisonnement et les tâches d'agent. Les modèles sont distribués sous licence Apache 2.0, permettant leur utilisation et leur personnalisation gratuites, y compris pour des applications commerciales. Le modèle gpt-oss–120b est capable de performances proches du modèle OpenAI o4-mini, tandis que le gpt-oss–20b est comparable au o3-mini. OpenAI a également open-sourcé un outil de rendu appelé Harmony en Python et Rust pour en faciliter l'adoption. Les modèles sont optimisés pour fonctionner localement et sont pris en charge par des plateformes comme Hugging Face et Ollama. OpenAI a mené des recherches sur la sécurité pour s'assurer que les modèles ne pouvaient pas être affinés pour des utilisations malveillantes dans les domaines biologique, chimique ou cybernétique. Anthropic lance Opus 4.1 https://www.anthropic.com/news/claude-opus–4–1 Anthropic a publié Claude Opus 4.1, une mise à jour de son modèle de langage. Cette nouvelle version met l'accent sur l'amélioration des performances en codage, en raisonnement et sur les tâches de recherche et d'analyse de données. Le modèle a obtenu un score de 74,5 % sur le benchmark SWE-bench Verified, ce qui représente une amélioration par rapport à la version précédente. Il excelle notamment dans la refactorisation de code multifichier et est capable d'effectuer des recherches approfondies. Claude Opus 4.1 est disponible pour les utilisateurs payants de Claude, ainsi que via l'API, Amazon Bedrock et Vertex AI de Google Cloud, avec des tarifs identiques à ceux d'Opus 4. Il est présenté comme un remplacement direct de Claude Opus 4, avec des performances et une précision supérieures pour les tâches de programmation réelles. OpenAI Summer Update. GPT–5 is out https://openai.com/index/introducing-gpt–5/ Détails https://openai.com/index/gpt–5-new-era-of-work/ https://openai.com/index/introducing-gpt–5-for-developers/ https://openai.com/index/gpt–5-safe-completions/ https://openai.com/index/gpt–5-system-card/ Amélioration majeure des capacités cognitives - GPT‑5 montre un niveau de raisonnement, d'abstraction et de compréhension nettement supérieur aux modèles précédents. Deux variantes principales - gpt-5-main : rapide, efficace pour les tâches générales. gpt-5-thinking : plus lent mais spécialisé dans les tâches complexes, nécessitant réflexion profonde. Routeur intelligent intégré - Le système sélectionne automatiquement la version la plus adaptée à la tâche (rapide ou réfléchie), sans intervention de l'utilisateur. Fenêtre de contexte encore étendue - GPT‑5 peut traiter des volumes de texte plus longs (jusqu'à 1 million de tokens dans certaines versions), utile pour des documents ou projets entiers. Réduction significative des hallucinations - GPT‑5 donne des réponses plus fiables, avec moins d'erreurs inventées ou de fausses affirmations. Comportement plus neutre et moins sycophant - Il a été entraîné pour mieux résister à l'alignement excessif avec les opinions de l'utilisateur. Capacité accrue à suivre des instructions complexes - GPT‑5 comprend mieux les consignes longues, implicites ou nuancées. Approche “Safe completions” - Remplacement des “refus d'exécution” par des réponses utiles mais sûres — le modèle essaie de répondre avec prudence plutôt que bloquer. Prêt pour un usage professionnel à grande échelle - Optimisé pour le travail en entreprise : rédaction, programmation, synthèse, automatisation, gestion de tâches, etc. Améliorations spécifiques pour le codage - GPT‑5 est plus performant pour l'écriture de code, la compréhension de contextes logiciels complexes, et l'usage d'outils de développement. Expérience utilisateur plus rapide et fluide- Le système réagit plus vite grâce à une orchestration optimisée entre les différents sous-modèles. Capacités agentiques renforcées - GPT‑5 peut être utilisé comme base pour des agents autonomes capables d'accomplir des objectifs avec peu d'interventions humaines. Multimodalité maîtrisée (texte, image, audio) - GPT‑5 intègre de façon plus fluide la compréhension de formats multiples, dans un seul modèle. Fonctionnalités pensées pour les développeurs - Documentation plus claire, API unifiée, modèles plus transparents et personnalisables. Personnalisation contextuelle accrue - Le système s'adapte mieux au style, ton ou préférences de l'utilisateur, sans instructions répétées. Utilisation énergétique et matérielle optimisée - Grâce au routeur interne, les ressources sont utilisées plus efficacement selon la complexité des tâches. Intégration sécurisée dans les produits ChatGPT - Déjà déployé dans ChatGPT avec des bénéfices immédiats pour les utilisateurs Pro et entreprises. Modèle unifié pour tous les usages - Un seul système capable de passer de la conversation légère à des analyses scientifiques ou du code complexe. Priorité à la sécurité et à l'alignement - GPT‑5 a été conçu dès le départ pour minimiser les abus, biais ou comportements indésirables. Pas encore une AGI - OpenAI insiste : malgré ses capacités impressionnantes, GPT‑5 n'est pas une intelligence artificielle générale. Non, non, les juniors ne sont pas obsolètes malgré l'IA ! (dixit GitHub) https://github.blog/ai-and-ml/generative-ai/junior-developers-arent-obsolete-heres-how-to-thrive-in-the-age-of-ai/ L'IA transforme le développement logiciel, mais les développeurs juniors ne sont pas obsolètes. Les nouveaux apprenants sont bien positionnés, car déjà familiers avec les outils IA. L'objectif est de développer des compétences pour travailler avec l'IA, pas d'être remplacé. La créativité et la curiosité sont des qualités humaines clés. Cinq façons de se démarquer : Utiliser l'IA (ex: GitHub Copilot) pour apprendre plus vite, pas seulement coder plus vite (ex: mode tuteur, désactiver l'autocomplétion temporairement). Construire des projets publics démontrant ses compétences (y compris en IA). Maîtriser les workflows GitHub essentiels (GitHub Actions, contribution open source, pull requests). Affûter son expertise en révisant du code (poser des questions, chercher des patterns, prendre des notes). Déboguer plus intelligemment et rapidement avec l'IA (ex: Copilot Chat pour explications, corrections, tests). Ecrire son premier agent IA avec A2A avec WildFly par Emmanuel Hugonnet https://www.wildfly.org/news/2025/08/07/Building-your-First-A2A-Agent/ Protocole Agent2Agent (A2A) : Standard ouvert pour l'interopérabilité universelle des agents IA. Permet communication et collaboration efficaces entre agents de différents fournisseurs/frameworks. Crée des écosystèmes multi-agents unifiés, automatisant les workflows complexes. Objet de l'article : Guide pour construire un premier agent A2A (agent météo) dans WildFly. Utilise A2A Java SDK pour Jakarta Servers, WildFly AI Feature Pack, un LLM (Gemini) et un outil Python (MCP). Agent conforme A2A v0.2.5. Prérequis : JDK 17+, Apache Maven 3.8+, IDE Java, Google AI Studio API Key, Python 3.10+, uv. Étapes de construction de l'agent météo : Création du service LLM : Interface Java (WeatherAgent) utilisant LangChain4J pour interagir avec un LLM et un outil Python MCP (fonctions get_alerts, get_forecast). Définition de l'agent A2A (via CDI) : ▪︎ Agent Card : Fournit les métadonnées de l'agent (nom, description, URL, capacités, compétences comme “weather_search”). Agent Executor : Gère les requêtes A2A entrantes, extrait le message utilisateur, appelle le service LLM et formate la réponse. Exposition de l'agent : Enregistrement d'une application JAX-RS pour les endpoints. Déploiement et test : Configuration de l'outil A2A-inspector de Google (via un conteneur Podman). Construction du projet Maven, configuration des variables d'environnement (ex: GEMINI_API_KEY). Lancement du serveur WildFly. Conclusion : Transformation minimale d'une application IA en agent A2A. Permet la collaboration et le partage d'informations entre agents IA, indépendamment de leur infrastructure sous-jacente. Outillage IntelliJ IDEa bouge vers une distribution unifiée https://blog.jetbrains.com/idea/2025/07/intellij-idea-unified-distribution-plan/ À partir de la version 2025.3, IntelliJ IDEA Community Edition ne sera plus distribuée séparément. Une seule version unifiée d'IntelliJ IDEA regroupera les fonctionnalités des éditions Community et Ultimate. Les fonctionnalités avancées de l'édition Ultimate seront accessibles via abonnement. Les utilisateurs sans abonnement auront accès à une version gratuite enrichie par rapport à l'édition Community actuelle. Cette unification vise à simplifier l'expérience utilisateur et réduire les différences entre les éditions. Les utilisateurs Community seront automatiquement migrés vers cette nouvelle version unifiée. Il sera possible d'activer les fonctionnalités Ultimate temporairement d'un simple clic. En cas d'expiration d'abonnement Ultimate, l'utilisateur pourra continuer à utiliser la version installée avec un jeu limité de fonctionnalités gratuites, sans interruption. Ce changement reflète l'engagement de JetBrains envers l'open source et l'adaptation aux besoins de la communauté. Prise en charge des Ancres YAML dans GitHub Actions https://github.com/actions/runner/issues/1182#issuecomment–3150797791 Afin d'éviter de dupliquer du contenu dans un workflow les Ancres permettent d'insérer des morceaux réutilisables de YAML Fonctionnalité attendue depuis des années et disponible chez GitLab depuis bien longtemps. Elle a été déployée le 4 aout. Attention à ne pas en abuser car la lisibilité de tels documents n'est pas si facile Gemini CLI rajoute les custom commands comme Claude https://cloud.google.com/blog/topics/developers-practitioners/gemini-cli-custom-slash-commands Mais elles sont au format TOML, on ne peut donc pas les partager avec Claude :disappointed: Automatiser ses workflows IA avec les hooks de Claude Code https://blog.gitbutler.com/automate-your-ai-workflows-with-claude-code-hooks/ Claude Code propose des hooks qui permettent d'exécuter des scripts à différents moments d'une session, par exemple au début, lors de l'utilisation d'outils, ou à la fin. Ces hooks facilitent l'automatisation de tâches comme la gestion de branches Git, l'envoi de notifications, ou l'intégration avec d'autres outils. Un exemple simple est l'envoi d'une notification sur le bureau à la fin d'une session. Les hooks se configurent via trois fichiers JSON distincts selon le scope : utilisateur, projet ou local. Sur macOS, l'envoi de notifications nécessite une permission spécifique via l'application “Script Editor”. Il est important d'avoir une version à jour de Claude Code pour utiliser ces hooks. GitButler permet desormais de s'intégrer à Claude Code via ces hooks: https://blog.gitbutler.com/parallel-claude-code/ Le client Git de Jetbrains bientot en standalone https://lp.jetbrains.com/closed-preview-for-jetbrains-git-client/ Demandé par certains utilisateurs depuis longtemps Ca serait un client graphique du même style qu'un GitButler, SourceTree, etc Apache Maven 4 …. arrive …. l'utilitaire mvnupva vous aider à upgrader https://maven.apache.org/tools/mvnup.html Fixe les incompatibilités connues Nettoie les redondances et valeurs par defaut (versions par ex) non utiles pour Maven 4 Reformattage selon les conventions maven … Une GitHub Action pour Gemini CLI https://blog.google/technology/developers/introducing-gemini-cli-github-actions/ Google a lancé Gemini CLI GitHub Actions, un agent d'IA qui fonctionne comme un “coéquipier de code” pour les dépôts GitHub. L'outil est gratuit et est conçu pour automatiser des tâches de routine telles que le triage des problèmes (issues), l'examen des demandes de tirage (pull requests) et d'autres tâches de développement. Il agit à la fois comme un agent autonome et un collaborateur que les développeurs peuvent solliciter à la demande, notamment en le mentionnant dans une issue ou une pull request. L'outil est basé sur la CLI Gemini, un agent d'IA open-source qui amène le modèle Gemini directement dans le terminal. Il utilise l'infrastructure GitHub Actions, ce qui permet d'isoler les processus dans des conteneurs séparés pour des raisons de sécurité. Trois flux de travail (workflows) open-source sont disponibles au lancement : le triage intelligent des issues, l'examen des pull requests et la collaboration à la demande. Pas besoin de MCP, le code est tout ce dont vous avez besoin https://lucumr.pocoo.org/2025/7/3/tools/ Armin souligne qu'il n'est pas fan du protocole MCP (Model Context Protocol) dans sa forme actuelle : il manque de composabilité et exige trop de contexte. Il remarque que pour une même tâche (ex. GitHub), utiliser le CLI est souvent plus rapide et plus efficace en termes de contexte que passer par un serveur MCP. Selon lui, le code reste la solution la plus simple et fiable, surtout pour automatiser des tâches répétitives. Il préfère créer des scripts clairs plutôt que se reposer sur l'inférence LLM : cela facilite la vérification, la maintenance et évite les erreurs subtiles. Pour les tâches récurrentes, si on les automatise, mieux vaut le faire avec du code reusable, plutôt que de laisser l'IA deviner à chaque fois. Il illustre cela en convertissant son blog entier de reStructuredText à Markdown : plutôt qu'un usage direct d'IA, il a demandé à Claude de générer un script complet, avec parsing AST, comparaison des fichiers, validation et itération. Ce workflow LLM→code→LLM (analyse et validation) lui a donné confiance dans le résultat final, tout en conservant un contrôle humain sur le processus. Il juge que MCP ne permet pas ce type de pipeline automatisé fiable, car il introduit trop d'inférence et trop de variations par appel. Pour lui, coder reste le meilleur moyen de garder le contrôle, la reproductibilité et la clarté dans les workflows automatisés. MCP vs CLI … https://www.async-let.com/blog/my-take-on-the-mcp-verses-cli-debate/ Cameron raconte son expérience de création du serveur XcodeBuildMCP, qui lui a permis de mieux comprendre le débat entre servir l'IA via MCP ou laisser l'IA utiliser directement les CLI du système. Selon lui, les CLIs restent préférables pour les développeurs experts recherchant contrôle, transparence, performance et simplicité. Mais les serveurs MCP excellent sur les workflows complexes, les contextes persistants, les contraintes de sécurité, et facilitent l'accès pour les utilisateurs moins expérimentés. Il reconnaît la critique selon laquelle MCP consomme trop de contexte (« context bloat ») et que les appels CLI peuvent être plus rapides et compréhensibles. Toutefois, il souligne que beaucoup de problèmes proviennent de la qualité des implémentations clients, pas du protocole MCP en lui‑même. Pour lui, un bon serveur MCP peut proposer des outils soigneusement définis qui simplifient la vie de l'IA (par exemple, renvoyer des données structurées plutôt que du texte brut à parser). Il apprécie la capacité des MCP à offrir des opérations état‑durables (sessions, mémoire, logs capturés), ce que les CLI ne gèrent pas naturellement. Certains scénarios ne peuvent pas fonctionner via CLI (pas de shell accessible) alors que MCP, en tant que protocole indépendant, reste utilisable par n'importe quel client. Son verdict : pas de solution universelle — chaque contexte mérite d'être évalué, et on ne devrait pas imposer MCP ou CLI à tout prix. Jules, l'agent de code asynchrone gratuit de Google, est sorti de beta et est disponible pour tout le monde https://blog.google/technology/google-labs/jules-now-available/ Jules, agent de codage asynchrone, est maintenant publiquement disponible. Propulsé par Gemini 2.5 Pro. Phase bêta : 140 000+ améliorations de code et retours de milliers de développeurs. Améliorations : interface utilisateur, corrections de bugs, réutilisation des configurations, intégration GitHub Issues, support multimodal. Gemini 2.5 Pro améliore les plans de codage et la qualité du code. Nouveaux paliers structurés : Introductif, Google AI Pro (limites 5x supérieures), Google AI Ultra (limites 20x supérieures). Déploiement immédiat pour les abonnés Google AI Pro et Ultra, incluant les étudiants éligibles (un an gratuit de AI Pro). Architecture Valoriser la réduction de la dette technique : un vrai défi https://www.lemondeinformatique.fr/actualites/lire-valoriser-la-reduction-de-la-dette-technique-mission-impossible–97483.html La dette technique est un concept mal compris et difficile à valoriser financièrement auprès des directions générales. Les DSI ont du mal à mesurer précisément cette dette, à allouer des budgets spécifiques, et à prouver un retour sur investissement clair. Cette difficulté limite la priorisation des projets de réduction de dette technique face à d'autres initiatives jugées plus urgentes ou stratégiques. Certaines entreprises intègrent progressivement la gestion de la dette technique dans leurs processus de développement. Des approches comme le Software Crafting visent à améliorer la qualité du code pour limiter l'accumulation de cette dette. L'absence d'outils adaptés pour mesurer les progrès rend la démarche encore plus complexe. En résumé, réduire la dette technique reste une mission délicate qui nécessite innovation, méthode et sensibilisation en interne. Il ne faut pas se Mocker … https://martinelli.ch/why-i-dont-use-mocking-frameworks-and-why-you-might-not-need-them-either/ https://blog.tremblay.pro/2025/08/not-using-mocking-frmk.html L'auteur préfère utiliser des fakes ou stubs faits à la main plutôt que des frameworks de mocking comme Mockito ou EasyMock. Les frameworks de mocking isolent le code, mais entraînent souvent : Un fort couplage entre les tests et les détails d'implémentation. Des tests qui valident le mock plutôt que le comportement réel. Deux principes fondamentaux guident son approche : Favoriser un design fonctionnel, avec logique métier pure (fonctions sans effets de bord). Contrôler les données de test : par exemple en utilisant des bases réelles (via Testcontainers) plutôt que de simuler. Dans sa pratique, les seuls cas où un mock externe est utilisé concernent les services HTTP externes, et encore il préfère en simuler seulement le transport plutôt que le comportement métier. Résultat : les tests deviennent plus simples, plus rapides à écrire, plus fiables, et moins fragiles aux évolutions du code. L'article conclut que si tu conçois correctement ton code, tu pourrais très bien ne pas avoir besoin de frameworks de mocking du tout. Le blog en réponse d'Henri Tremblay nuance un peu ces retours Méthodologies C'est quoi être un bon PM ? (Product Manager) Article de Chris Perry, un PM chez Google : https://thechrisperry.substack.com/p/being-a-good-pm-at-google Le rôle de PM est difficile : Un travail exigeant, où il faut être le plus impliqué de l'équipe pour assurer le succès. 1. Livrer (shipper) est tout ce qui compte : La priorité absolue. Mieux vaut livrer et itérer rapidement que de chercher la perfection en théorie. Un produit livré permet d'apprendre de la réalité. 2. Donner l'envie du grand large : La meilleure façon de faire avancer un projet est d'inspirer l'équipe avec une vision forte et désirable. Montrer le “pourquoi”. 3. Utiliser son produit tous les jours : Non négociable pour réussir. Permet de développer une intuition et de repérer les vrais problèmes que la recherche utilisateur ne montre pas toujours. 4. Être un bon ami : Créer des relations authentiques et aider les autres est un facteur clé de succès à long terme. La confiance est la base d'une exécution rapide. 5. Donner plus qu'on ne reçoit : Toujours chercher à aider et à collaborer. La stratégie optimale sur la durée est la coopération. Ne pas être possessif avec ses idées. 6. Utiliser le bon levier : Pour obtenir une décision, il faut identifier la bonne personne qui a le pouvoir de dire “oui”, et ne pas se laisser bloquer par des avis non décisionnaires. 7. N'aller que là où on apporte de la valeur : Combler les manques, faire le travail ingrat que personne ne veut faire. Savoir aussi s'écarter (réunions, projets) quand on n'est pas utile. 8. Le succès a plusieurs parents, l'échec est orphelin : Si le produit réussit, c'est un succès d'équipe. S'il échoue, c'est la faute du PM. Il faut assumer la responsabilité finale. Conclusion : Le PM est un chef d'orchestre. Il ne peut pas jouer de tous les instruments, mais son rôle est d'orchestrer avec humilité le travail de tous pour créer quelque chose d'harmonieux. Tester des applications Spring Boot prêtes pour la production : points clés https://www.wimdeblauwe.com/blog/2025/07/30/how-i-test-production-ready-spring-boot-applications/ L'auteur (Wim Deblauwe) détaille comment il structure ses tests dans une application Spring Boot destinée à la production. Le projet inclut automatiquement la dépendance spring-boot-starter-test, qui regroupe JUnit 5, AssertJ, Mockito, Awaitility, JsonAssert, XmlUnit et les outils de testing Spring. Tests unitaires : ciblent les fonctions pures (record, utilitaire), testés simplement avec JUnit et AssertJ sans démarrage du contexte Spring. Tests de cas d'usage (use case) : orchestrent la logique métier, généralement via des use cases qui utilisent un ou plusieurs dépôts de données. Tests JPA/repository : vérifient les interactions avec la base via des tests realisant des opérations CRUD (avec un contexte Spring pour la couche persistance). Tests de contrôleur : permettent de tester les endpoints web (ex. @WebMvcTest), souvent avec MockBean pour simuler les dépendances. Tests d'intégration complets : ils démarrent tout le contexte Spring (@SpringBootTest) pour tester l'application dans son ensemble. L'auteur évoque également des tests d'architecture, mais sans entrer dans le détail dans cet article. Résultat : une pyramide de tests allant des plus rapides (unitaires) aux plus complets (intégration), garantissant fiabilité, vitesse et couverture sans surcharge inutile. Sécurité Bitwarden offre un serveur MCP pour que les agents puissent accéder aux mots de passe https://nerds.xyz/2025/07/bitwarden-mcp-server-secure-ai/ Bitwarden introduit un serveur MCP (Model Context Protocol) destiné à intégrer de manière sécurisée les agents IA dans les workflows de gestion de mots de passe. Ce serveur fonctionne en architecture locale (local-first) : toutes les interactions et les données sensibles restent sur la machine de l'utilisateur, garantissant l'application du principe de chiffrement zero‑knowledge. L'intégration se fait via l'interface CLI de Bitwarden, permettant aux agents IA de générer, récupérer, modifier et verrouiller les identifiants via des commandes sécurisées. Le serveur peut être auto‑hébergé pour un contrôle maximal des données. Le protocole MCP est un standard ouvert qui permet de connecter de façon uniforme des agents IA à des sources de données et outils tiers, simplifiant les intégrations entre LLM et applications. Une démo avec Claude (agent IA d'Anthropic) montre que l'IA peut interagir avec le coffre Bitwarden : vérifier l'état, déverrouiller le vault, générer ou modifier des identifiants, le tout sans intervention humaine directe. Bitwarden affiche une approche priorisant la sécurité, mais reconnaît les risques liés à l'utilisation d'IA autonome. L'usage d'un LLM local privé est fortement recommandé pour limiter les vulnérabilités. Si tu veux, je peux aussi te résumer les enjeux principaux (interopérabilité, sécurité, cas d'usage) ou un extrait spécifique ! NVIDIA a une faille de securite critique https://www.wiz.io/blog/nvidia-ai-vulnerability-cve–2025–23266-nvidiascape Il s'agit d'une faille d'évasion de conteneur dans le NVIDIA Container Toolkit. La gravité est jugée critique avec un score CVSS de 9.0. Cette vulnérabilité permet à un conteneur malveillant d'obtenir un accès root complet sur l'hôte. L'origine du problème vient d'une mauvaise configuration des hooks OCI dans le toolkit. L'exploitation peut se faire très facilement, par exemple avec un Dockerfile de seulement trois lignes. Le risque principal concerne la compromission de l'isolation entre différents clients sur des infrastructures cloud GPU partagées. Les versions affectées incluent toutes les versions du NVIDIA Container Toolkit jusqu'à la 1.17.7 et du NVIDIA GPU Operator jusqu'à la version 25.3.1. Pour atténuer le risque, il est recommandé de mettre à jour vers les dernières versions corrigées. En attendant, il est possible de désactiver certains hooks problématiques dans la configuration pour limiter l'exposition. Cette faille met en lumière l'importance de renforcer la sécurité des environnements GPU partagés et la gestion des conteneurs AI. Fuite de données de l'application Tea : points essentiels https://knowyourmeme.com/memes/events/the-tea-app-data-leak Tea est une application lancée en 2023 qui permet aux femmes de laisser des avis anonymes sur des hommes rencontrés. En juillet 2025, une importante fuite a exposé environ 72 000 images sensibles (selfies, pièces d'identité) et plus d'1,1 million de messages privés. La fuite a été révélée après qu'un utilisateur ait partagé un lien pour télécharger la base de données compromise. Les données touchées concernaient majoritairement des utilisateurs inscrits avant février 2024, date à laquelle l'application a migré vers une infrastructure plus sécurisée. En réponse, Tea prévoit de proposer des services de protection d'identité aux utilisateurs impactés. Faille dans le paquet npm is : attaque en chaîne d'approvisionnement https://socket.dev/blog/npm-is-package-hijacked-in-expanding-supply-chain-attack Une campagne de phishing ciblant les mainteneurs npm a compromis plusieurs comptes, incluant celui du paquet is. Des versions compromises du paquet is (notamment les versions 3.3.1 et 5.0.0) contenaient un chargeur de malware JavaScript destiné aux systèmes Windows. Ce malware a offert aux attaquants un accès à distance via WebSocket, permettant potentiellement l'exécution de code arbitraire. L'attaque fait suite à d'autres compromissions de paquets populaires comme eslint-config-prettier, eslint-plugin-prettier, synckit, @pkgr/core, napi-postinstall, et got-fetch. Tous ces paquets ont été publiés sans aucun commit ou PR sur leurs dépôts GitHub respectifs, signalant un accès non autorisé aux tokens mainteneurs. Le domaine usurpé [npnjs.com](http://npnjs.com) a été utilisé pour collecter les jetons d'accès via des emails de phishing trompeurs. L'épisode met en lumière la fragilité des chaînes d'approvisionnement logicielle dans l'écosystème npm et la nécessité d'adopter des pratiques renforcées de sécurité autour des dépendances. Revues de sécurité automatisées avec Claude Code https://www.anthropic.com/news/automate-security-reviews-with-claude-code Anthropic a lancé des fonctionnalités de sécurité automatisées pour Claude Code, un assistant de codage d'IA en ligne de commande. Ces fonctionnalités ont été introduites en réponse au besoin croissant de maintenir la sécurité du code alors que les outils d'IA accélèrent considérablement le développement de logiciels. Commande /security-review : les développeurs peuvent exécuter cette commande dans leur terminal pour demander à Claude d'identifier les vulnérabilités de sécurité, notamment les risques d'injection SQL, les vulnérabilités de script intersite (XSS), les failles d'authentification et d'autorisation, ainsi que la gestion non sécurisée des données. Claude peut également suggérer et implémenter des correctifs. Intégration GitHub Actions : une nouvelle action GitHub permet à Claude Code d'analyser automatiquement chaque nouvelle demande d'extraction (pull request). L'outil examine les modifications de code pour y trouver des vulnérabilités, applique des règles personnalisables pour filtrer les faux positifs et commente directement la demande d'extraction avec les problèmes détectés et les correctifs recommandés. Ces fonctionnalités sont conçues pour créer un processus d'examen de sécurité cohérent et s'intégrer aux pipelines CI/CD existants, ce qui permet de s'assurer qu'aucun code n'atteint la production sans un examen de sécurité de base. Loi, société et organisation Google embauche les personnes clés de Windsurf https://www.blog-nouvelles-technologies.fr/333959/openai-windsurf-google-deepmind-codage-agentique/ windsurf devait être racheté par OpenAI Google ne fait pas d'offre de rachat mais débauche quelques personnes clés de Windsurf Windsurf reste donc indépendante mais sans certains cerveaux y compris son PDG. Les nouveaux dirigeants sont les ex leaders des force de vente Donc plus une boîte tech Pourquoi le deal a 3 milliard est tombé à l'eau ? On ne sait pas mais la divergence et l‘indépendance technologique est possiblement en cause. Les transfuge vont bosser chez Deepmind dans le code argentique Opinion Article: https://www.linkedin.com/pulse/dear-people-who-think-ai-low-skilled-code-monkeys-future-jan-moser-svade/ Jan Moser critique ceux qui pensent que l'IA et les développeurs peu qualifiés peuvent remplacer les ingénieurs logiciels compétents. Il cite l'exemple de l'application Tea, une plateforme de sécurité pour femmes, qui a exposé 72 000 images d'utilisateurs en raison d'une mauvaise configuration de Firebase et d'un manque de pratiques de développement sécurisées. Il souligne que l'absence de contrôles automatisés et de bonnes pratiques de sécurité a permis cette fuite de données. Moser avertit que des outils comme l'IA ne peuvent pas compenser l'absence de compétences en génie logiciel, notamment en matière de sécurité, de gestion des erreurs et de qualité du code. Il appelle à une reconnaissance de la valeur des ingénieurs logiciels qualifiés et à une approche plus rigoureuse dans le développement logiciel. YouTube déploie une technologie d'estimation d'âge pour identifier les adolescents aux États-Unis https://techcrunch.com/2025/07/29/youtube-rolls-out-age-estimatation-tech-to-identify-u-s-teens-and-apply-additional-protections/ Sujet très à la mode, surtout au UK mais pas que… YouTube commence à déployer une technologie d'estimation d'âge basée sur l'IA pour identifier les utilisateurs adolescents aux États-Unis, indépendamment de l'âge déclaré lors de l'inscription. Cette technologie analyse divers signaux comportementaux, tels que l'historique de visionnage, les catégories de vidéos consultées et l'âge du compte. Lorsqu'un utilisateur est identifié comme adolescent, YouTube applique des protections supplémentaires, notamment : Désactivation des publicités personnalisées. Activation des outils de bien-être numérique, tels que les rappels de temps d'écran et de coucher. Limitation de la visualisation répétée de contenus sensibles, comme ceux liés à l'image corporelle. Si un utilisateur est incorrectement identifié comme mineur, il peut vérifier son âge via une pièce d'identité gouvernementale, une carte de crédit ou un selfie. Ce déploiement initial concerne un petit groupe d'utilisateurs aux États-Unis et sera étendu progressivement. Cette initiative s'inscrit dans les efforts de YouTube pour renforcer la sécurité des jeunes utilisateurs en ligne. Mistral AI : contribution à un standard environnemental pour l'IA https://mistral.ai/news/our-contribution-to-a-global-environmental-standard-for-ai Mistral AI a réalisé la première analyse de cycle de vie complète d'un modèle d'IA, en collaboration avec plusieurs partenaires. L'étude quantifie l'impact environnemental du modèle Mistral Large 2 sur les émissions de gaz à effet de serre, la consommation d'eau, et l'épuisement des ressources. La phase d'entraînement a généré 20,4 kilotonnes de CO₂ équivalent, consommé 281 000 m³ d'eau, et utilisé 660 kg SB-eq (mineral consumption). Pour une réponse de 400 tokens, l'impact marginal est faible mais non négligeable : 1,14 gramme de CO₂, 45 mL d'eau, et 0,16 mg d'équivalent antimoine. Mistral propose trois indicateurs pour évaluer cet impact : l'impact absolu de l'entraînement, l'impact marginal de l'inférence, et le ratio inference/impact total sur le cycle de vie. L'entreprise souligne l'importance de choisir le modèle en fonction du cas d'usage pour limiter l'empreinte environnementale. Mistral appelle à plus de transparence et à l'adoption de standards internationaux pour permettre une comparaison claire entre modèles. L'IA promettait plus d'efficacité… elle nous fait surtout travailler plus https://afterburnout.co/p/ai-promised-to-make-us-more-efficient Les outils d'IA devaient automatiser les tâches pénibles et libérer du temps pour les activités stratégiques et créatives. En réalité, le temps gagné est souvent aussitôt réinvesti dans d'autres tâches, créant une surcharge. Les utilisateurs croient être plus productifs avec l'IA, mais les données contredisent cette impression : une étude montre que les développeurs utilisant l'IA prennent 19 % de temps en plus pour accomplir leurs tâches. Le rapport DORA 2024 observe une baisse de performance globale des équipes lorsque l'usage de l'IA augmente : –1,5 % de throughput et –7,2 % de stabilité de livraison pour +25 % d'adoption de l'IA. L'IA ne réduit pas la charge mentale, elle la déplace : rédaction de prompts, vérification de résultats douteux, ajustements constants… Cela épuise et limite le temps de concentration réelle. Cette surcharge cognitive entraîne une forme de dette mentale : on ne gagne pas vraiment du temps, on le paie autrement. Le vrai problème vient de notre culture de la productivité, qui pousse à toujours vouloir optimiser, quitte à alimenter l'épuisement professionnel. Trois pistes concrètes : Repenser la productivité non en temps gagné, mais en énergie préservée. Être sélectif dans l'usage des outils IA, en fonction de son ressenti et non du battage médiatique. Accepter la courbe en J : l'IA peut être utile, mais nécessite des ajustements profonds pour produire des gains réels. Le vrai hack de productivité ? Parfois, ralentir pour rester lucide et durable. Conférences MCP Submit Europe https://mcpdevsummit.ai/ Retour de JavaOne en 2026 https://inside.java/2025/08/04/javaone-returns–2026/ JavaOne, la conférence dédiée à la communauté Java, fait son grand retour dans la Bay Area du 17 au 19 mars 2026. Après le succès de l'édition 2025, ce retour s'inscrit dans la continuité de la mission initiale de la conférence : rassembler la communauté pour apprendre, collaborer et innover. La liste des conférences provenant de Developers Conferences Agenda/List par Aurélie Vache et contributeurs : 25–27 août 2025 : SHAKA Biarritz - Biarritz (France) 5 septembre 2025 : JUG Summer Camp 2025 - La Rochelle (France) 12 septembre 2025 : Agile Pays Basque 2025 - Bidart (France) 15 septembre 2025 : Agile Tour Montpellier - Montpellier (France) 18–19 septembre 2025 : API Platform Conference - Lille (France) & Online 22–24 septembre 2025 : Kernel Recipes - Paris (France) 22–27 septembre 2025 : La Mélée Numérique - Toulouse (France) 23 septembre 2025 : OWASP AppSec France 2025 - Paris (France) 23–24 septembre 2025 : AI Engineer Paris - Paris (France) 25 septembre 2025 : Agile Game Toulouse - Toulouse (France) 25–26 septembre 2025 : Paris Web 2025 - Paris (France) 30 septembre 2025–1 octobre 2025 : PyData Paris 2025 - Paris (France) 2 octobre 2025 : Nantes Craft - Nantes (France) 2–3 octobre 2025 : Volcamp - Clermont-Ferrand (France) 3 octobre 2025 : DevFest Perros-Guirec 2025 - Perros-Guirec (France) 6–7 octobre 2025 : Swift Connection 2025 - Paris (France) 6–10 octobre 2025 : Devoxx Belgium - Antwerp (Belgium) 7 octobre 2025 : BSides Mulhouse - Mulhouse (France) 7–8 octobre 2025 : Agile en Seine - Issy-les-Moulineaux (France) 8–10 octobre 2025 : SIG 2025 - Paris (France) & Online 9 octobre 2025 : DevCon #25 : informatique quantique - Paris (France) 9–10 octobre 2025 : Forum PHP 2025 - Marne-la-Vallée (France) 9–10 octobre 2025 : EuroRust 2025 - Paris (France) 16 octobre 2025 : PlatformCon25 Live Day Paris - Paris (France) 16 octobre 2025 : Power 365 - 2025 - Lille (France) 16–17 octobre 2025 : DevFest Nantes - Nantes (France) 17 octobre 2025 : Sylius Con 2025 - Lyon (France) 17 octobre 2025 : ScalaIO 2025 - Paris (France) 17–19 octobre 2025 : OpenInfra Summit Europe - Paris (France) 20 octobre 2025 : Codeurs en Seine - Rouen (France) 23 octobre 2025 : Cloud Nord - Lille (France) 30–31 octobre 2025 : Agile Tour Bordeaux 2025 - Bordeaux (France) 30–31 octobre 2025 : Agile Tour Nantais 2025 - Nantes (France) 30 octobre 2025–2 novembre 2025 : PyConFR 2025 - Lyon (France) 4–7 novembre 2025 : NewCrafts 2025 - Paris (France) 5–6 novembre 2025 : Tech Show Paris - Paris (France) 6 novembre 2025 : dotAI 2025 - Paris (France) 6 novembre 2025 : Agile Tour Aix-Marseille 2025 - Gardanne (France) 7 novembre 2025 : BDX I/O - Bordeaux (France) 12–14 novembre 2025 : Devoxx Morocco - Marrakech (Morocco) 13 novembre 2025 : DevFest Toulouse - Toulouse (France) 15–16 novembre 2025 : Capitole du Libre - Toulouse (France) 19 novembre 2025 : SREday Paris 2025 Q4 - Paris (France) 19–21 novembre 2025 : Agile Grenoble - Grenoble (France) 20 novembre 2025 : OVHcloud Summit - Paris (France) 21 novembre 2025 : DevFest Paris 2025 - Paris (France) 27 novembre 2025 : DevFest Strasbourg 2025 - Strasbourg (France) 28 novembre 2025 : DevFest Lyon - Lyon (France) 1–2 décembre 2025 : Tech Rocks Summit 2025 - Paris (France) 4–5 décembre 2025 : Agile Tour Rennes - Rennes (France) 5 décembre 2025 : DevFest Dijon 2025 - Dijon (France) 9–11 décembre 2025 : APIdays Paris - Paris (France) 9–11 décembre 2025 : Green IO Paris - Paris (France) 10–11 décembre 2025 : Devops REX - Paris (France) 10–11 décembre 2025 : Open Source Experience - Paris (France) 11 décembre 2025 : Normandie.ai 2025 - Rouen (France) 28–31 janvier 2026 : SnowCamp 2026 - Grenoble (France) 2–6 février 2026 : Web Days Convention - Aix-en-Provence (France) 3 février 2026 : Cloud Native Days France 2026 - Paris (France) 12–13 février 2026 : Touraine Tech #26 - Tours (France) 22–24 avril 2026 : Devoxx France 2026 - Paris (France) 23–25 avril 2026 : Devoxx Greece - Athens (Greece) 17 juin 2026 : Devoxx Poland - Krakow (Poland) Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via X/twitter https://twitter.com/lescastcodeurs ou Bluesky https://bsky.app/profile/lescastcodeurs.com Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/

In Episode 185 of The Citrix Session, Andy Whiteside, Bill Sutton, and Todd Smith explore how Citrix NetScaler is evolving into a true Swiss Army knife for security—delivering protection not just for Citrix workloads, but for all applications. The conversation dives into the looming challenge of quantum computing and the “harvest now, decrypt later” threat, where bad actors collect encrypted data today to exploit when quantum capabilities emerge.Todd and Bill unpack how NetScaler is leading the way with post-quantum cryptography (PQC) readiness, new encryption standards aligned with NIST guidelines, and GA support for quantum-resistant algorithms. They also cover key advancements like HTTP/3 over QUIC, enhanced DNS security, reCAPTCHA v3 integration, and the Netscaler Console for fleet-wide visibility, compliance, and automation.Whether you're concerned about securing sensitive data, meeting future compliance requirements, or leveraging cutting-edge application firewall capabilities, this episode will help you understand why now—not later—is the time to prepare for the quantum era.

Take a Network Break! We start with follow-up on post-quantum support in firewalls and DPDK, then highlight a command injection vulnerability in Ruckus SmartZone software. In tech news, Broadcom rolls out the Jericho4 ASIC to help scale AI across multiple data centers, InfoBlox beefs up DNS protection to spot malicious domains faster, and HPE announces... Read more »

Take a Network Break! We start with follow-up on post-quantum support in firewalls and DPDK, then highlight a command injection vulnerability in Ruckus SmartZone software. In tech news, Broadcom rolls out the Jericho4 ASIC to help scale AI across multiple data centers, InfoBlox beefs up DNS protection to spot malicious domains faster, and HPE announces... Read more »

Take a Network Break! We start with follow-up on post-quantum support in firewalls and DPDK, then highlight a command injection vulnerability in Ruckus SmartZone software. In tech news, Broadcom rolls out the Jericho4 ASIC to help scale AI across multiple data centers, InfoBlox beefs up DNS protection to spot malicious domains faster, and HPE announces... Read more »

In this high-energy episode, returning guests Gilbert Sanchez and Jake Hildreth join Andrew for a deep dive into: Module templating with PSStucco Building for accessibility in PowerShell Creating open source GitHub orgs like PSInclusive How PowerShell can lead to learning modern dev workflows like GitHub Actions and CI/CD What begins with a conversation about a live demo gone hilariously sideways turns into an insightful exploration of how PowerShell acts as a launchpad into bigger ecosystems like GitHub, YAML, JSON, and continuous integration pipelines.Bios &   Bios: Gilbert Sanchez is a Staff Software Development Engineer at Tesla, specifically working on PowerShell. Formerly known as "Señor Systems Engineer" at Meta. A loud advocate for DEI, DevEx, DevOps, and TDD.   Jake Hildreth is a Principal Security Consultant at Semperis, Microsoft MVP, and longtime builder of tools that make identity security suck a little less. With nearly 25 years in IT (and the battle scars to prove it), he specializes in helping orgs secure Active Directory and survive the baroque disaster that is Active Directory Certificate Services. He's the creator of Locksmith, BlueTuxedo, and PowerPUG!, open-source tools built to make life easier for overworked identity admins. When he's not untangling Kerberos or wrangling DNS, he's usually hanging out with his favorite people and most grounding reality check: his wife and daughter.   Links https://gilbertsanchez.com/posts/stucco-create-powershell-module/ https://jakehildreth.github.io/blog/2025/07/02/PowerShell-Module-Scaffolding-with-PSStucco.html https://github.com/PSInclusive https://jakehildreth.com/ https://andrewpla.tech/links https://discord.gg/pdq https://pdq.com/podcast https://youtu.be/w-z2-0ii96Y  

How Do I Know If My Website Is Penalized by Google? Website Health & Technical SEO Masterclass with SEO Expert, ⁠Favour Obasi-ike, MBA, MS⁠⁠⁠ | Get exclusive SEO newsletters in your inbox.This extensive SEO audio provides an in-depth discussion on technical SEO and how businesses can identify and address Google penalties impacting their websites. Favour uses analogies like a car's engine or a leaking roof to explain complex concepts, emphasizing that a penalty often signals a need for correction and improvement, not failure. Key areas covered include website structure, content quality (thin vs. thick content), proper use of tags and categories, image optimization, video embedding, and leveraging Google Search Console for diagnostics. The conversation also touches on the distinction between manual and algorithmic penalties and offers practical advice, such as using search operators, to check website visibility and performance.Frequently Asked Questions1. How can I tell if Google has penalized my website, and what does it mean?Google penalizes websites when they violate webmaster guidelines, often due to issues with content quality, relevance, or technical structure. A penalty means your site's search ranking is negatively affected, leading to reduced visibility and traffic. While a penalty might seem negative, it's actually an opportunity for correction and improvement, indicating that your site is at least visible enough for Google to notice. You might receive email notifications from Google, or you can check your Google Search Console for specific error messages and performance insights.2. What are the two main types of Google penalties, and how do they differ?There are two primary types of Google penalties:Manual Penalty: This occurs when a human reviewer from Google's web spam team flags your website for violating guidelines, often due to manipulative practices like spammy or hidden links ("black hat SEO"). These are rare but indicate a severe violation.Algorithmic Penalty: This is far more common and happens automatically due to issues detected by Google's algorithms. Reasons can include outdated or "thin" content, low quality or irrelevant information, generic AI-generated content, unnatural links, or regurgitated content. These penalties lead to automatic demotion or removal from search results.3. How does "thin content" contribute to Google penalties, and what makes content "thick"?"Thin content" refers to web pages that lack depth, context, or comprehensive information on a given topic. It's often characterized by a low word count, insufficient detail, and a lack of supporting elements. Google measures articles by reading time, word count, and character count. If your content is significantly shorter than the industry average for a similar topic (e.g., 300 words vs. 3,000 words), it's considered thin and unlikely to outrank competitors."Thick content," conversely, is rich in information and provides a thorough exploration of a topic. To create thick content, you should:Expand on topics: Go beyond basic definitions, offering more context and depth.Include various elements: Incorporate images (optimized for size), embedded videos (not uploaded), audio clips, statistics, examples, comparison charts, quotes, listicles, proper formatting (headings, links), and frequently asked questions (FAQs).Answer user intent: Ensure your content directly addresses the questions and needs of your target audience.4. Why is connecting my website to Google Search Console crucial for identifying and resolving penalties?Google Search Console (GSC) is the primary tool Google provides for website owners to monitor their site's performance in search results and identify issues. Connecting your website to GSC is the first essential step because it allows Google to communicate error messages and indexing problems directly to you. Within GSC, you can view performance insights, check the "Pages" section under "Indexing" to see which pages are known, submitted, or unsubmitted, and understand why certain pages might not be indexed. This diagnostic information is vital for understanding the root causes of any penalties and guiding your corrective actions.5. What are common technical SEO issues that can lead to Google penalties, beyond content quality?Technical SEO issues relate to the structural and operational aspects of your website that affect how search engines crawl and index it. Common problems include:Website size and image optimization: Large file sizes, especially for images and uploaded videos, can slow down your website, leading to a poor user experience and penalties. Use compression tools (e.g., compressor.io) for images and embed videos instead of uploading them.Broken or inaccessible links: Ensure all links within your sitemap and across your site are functional and lead to valid destinations.Incorrect robots.txt or "no index" tags: The robots.txt file and "no index" meta tags tell search engine robots which pages to crawl or not to crawl. Accidentally blocking important pages (a common default issue with platforms like Wix for blog tags) can prevent Google from indexing your content.Outdated website structure: An inefficient or poorly organized website structure can hinder crawlability and overall performance.Slow loading times: Directly linked to website size and optimization, slow loading speeds can negatively impact user experience and search rankings.6. What's the recommended first step for a business owner who suspects their website is penalized by Google?The immediate first step is to connect your website to Google Search Console (GSC) if you haven't already.Go to google.com and search for "Google Search Console."Click on the official Google Search Console Tools link.Click "Start Now."If your site isn't connected, GSC will provide a unique verification code (often a TXT record).Go to your domain name server (DNS) settings within your website hosting provider's control panel.Add the provided TXT record to your DNS settings.Return to GSC and click "Verify."A green bar indicates successful connection. Once connected, GSC will begin providing insights into your site's performance, indexing status, and any specific error messages or penalty notifications, allowing you to diagnose and address issues effectively.Digital Marketing SEO Resources:>> ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Join our exclusive SEO Marketing community⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠>> ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠SEO Optimization Blogs⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠>> ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Book Complimentary SEO Discovery Call⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠>> ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Subscribe to We Don't PLAY Podcast⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Brands We Love and Support⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Loving Me Beauty | Buy Vegan-based Luxury Products⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Unlock your future in real estate—get certified in Ghana today!⁠See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

What's the Fastest Way to Get Webpages Indexed (Technical SEO) by Search Engines? with SEO Expert, ⁠Favour Obasi-ike, MBA, MS⁠⁠⁠ | Get exclusive SEO newsletters in your inbox.This episode focuses on search engine optimization (SEO) and the fastest ways to get indexed by search engines, extending beyond just Google to include other platforms and AI-powered large language models (LLMs) like ChatGPT emphasizing that building trust with search engine algorithms is paramount, achieved through consistent content creation, linking strategies (backlinks), and connecting websites via tools like Google Search Console. Favour highlights the importance of updating existing content and addressing user queries to improve visibility across various search and AI platforms, ultimately advocating for a strategic and patient approach to online presence rather than solely focusing on a single ranking metric.AD BREAK: Get 20% off your first booking & be the first to know about our new arrivals, spa deals, and events with Somatic MassageFrequently Asked Questions about Search Engine Indexing and Online PresenceWhat is the fastest way to get indexed by search engines?The fastest way to get indexed by search engines is by building trust and establishing connections. This means having conversations around the questions people are asking and providing answers in the form of website links. These links should then be shared on other reputable websites to create backlinks, which signal to search engines that your website has authority. It's not just about creating a lot of content, but about creating relevant, high-quality content that answers user queries and is linked to by trusted sources.Why isn't my website ranking on search engines?There are several reasons why your website might not be ranking. Common issues include not having your website manually indexed or automatically discovered by search engines, or not being connected to Google Search Console. Additionally, your content might not be seen if it's not frequently updated, as AI servers and search engines prioritize recently modified content. A lack of engagement and underutilization of your website compared to time spent on social media can also hinder its visibility. Essentially, if search engines aren't "seeing" your content, they can't recommend it.How long does it take for SEO efforts to show results?Ranking SEO web pages on Google and other search engines takes time and consistency. While immediate indexing can occur within hours or days for consistent posters, significant milestones, such as receiving your first 10 clicks, can take around six months, even with hundreds of articles. The key is consistent effort, building trust with algorithms, and maintaining an active online presence. The compound effect of consistent content creation can lead to substantial impressions over time.How does trust factor into search engine ranking?Trust is paramount for search engine ranking. Just as in human relationships, search engines, particularly Google, rely on trust to refer content. This trust is established when other third-party websites, which Google already trusts, link to your website, thereby vouching for your site's authority. These "off-page SEO referring domains" (like links on Reddit, Trustpilot, LinkedIn, Pinterest) may have varying impact, but they contribute to your credibility and signal to search engines that your content is valuable and reliable.Is traditional SEO still relevant with the rise of AI and Large Language Models (LLMs) like ChatGPT?Yes, traditional SEO is still very relevant and, in fact, synergistic with AI and LLMs. While AI provides generative answers, it often sources its information from traditional search engines like Google. Therefore, optimizing your content for Google through good SEO practices (like answering frequently asked questions, using appropriate keywords, and having a well-structured site map) directly contributes to your brand being cited and mentioned in AI-generated responses. AI and SEO are not competing but are interdependent, with AI leveraging the foundation built by strong SEO.How can I optimize my content for AI search engines?To optimize for AI search engines, focus on providing succinct, evidence-based answers to specific, question-based headings, similar to "People Also Ask" sections on Google. Ensure your content is frequently updated ("last modified" date is recent) as AI prioritizes fresh information. AI servers are looking for up-to-date, relevant context. By consistently creating and updating content that answers user queries and by connecting your website to search engines via tools like Google Search Console, you increase the likelihood of being sourced and mentioned by AI.What is the significance of a "sitemap" and "DNS" in getting indexed?A sitemap acts as a map of your website, providing search engines with a structured list of all your pages, products, and blogs. Submitting an updated sitemap is crucial for search engines to crawl and understand your site's content. DNS (Domain Name Server) is like your unique digital DNA for your website, confirming your ownership of the domain. Connecting your DNS record with a unique identification number (like a TXT record from Google Search Console) gives search engines access to your site's architecture, allowing them to effectively read and index your content.What is the difference between manual and auto-indexing, and how do they impact visibility?Manual indexing involves actively submitting your website or specific pages to search engines (e.g., through Google Search Console) to ensure they are discovered. Auto-indexing refers to the automatic discovery and crawling of your site by search engines over time due to consistent activity and established trust. While manual indexing provides an initial push, consistent content creation and updates increase your "crawl budget," leading to higher priority and more frequent auto-indexing. Both are important; consistent manual effort eventually leads to more efficient auto-indexing and better long-term visibility.Digital Marketing Resources:>> ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Join our exclusive SEO Marketing community⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠>> ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠SEO Optimization Blogs⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠>> ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Book Complimentary SEO Discovery Call⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠>> ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Subscribe to We Don't PLAY Podcast⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Brands We Love and Support⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Loving Me Beauty | Buy Vegan-based Luxury Products⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Unlock your future in real estate—get certified in Ghana today!⁠See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

In this episode of Reimagining Cyber, host Rob Aragao sits down with cybersecurity executive and domain security expert Ihab Shraim to spotlight one of the most overlooked yet critical areas of cyber risk—fraudulent domain registrations and DNS hijacking. As the digital attack surface expands, bad actors are exploiting unmonitored domain portfolios and exposed DNS infrastructure to launch phishing campaigns, malware distribution, and business email compromise—all while flying under the radar of traditional security tools.Ihab explains why domain risk is a foundational weakness in many organizations' security postures and argues that without domain security, cybersecurity is incomplete. From shadow IT and orphaned domains to poor DNS hygiene and lack of domain portfolio governance, Ihab outlines the blind spots that make companies vulnerable—and provides actionable strategies CISOs and security leaders must adopt to regain control.Whether you're managing brand reputation, protecting customer trust, or looking to tighten your security fundamentals, this episode delivers an eye-opening exploration into why domain risk needs to be a board-level conversation.Key Takeaways:Why domain name portfolios are a high ROI target for cybercriminalsThe dangers of DNS exposure and subdomain hijackingHow social media abuse and unauthorized resellers magnify brand riskWhy domain monitoring, locking, and defensive registrations are essentialThe case for making CISOs accountable for domain strategy and protectionFollow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.

Ever wondered why your meticulously crafted B2B emails sometimes vanish into the digital ether instead of landing in your prospect's inbox? In this episode, we speak with Benny Rubin, founder and CEO of Senders, a platform that has mastered the science (and art) of email deliverability and cold outreach. Benny's journey, which improbably began in the world of music, took a sharp turn into B2B sales and tech entrepreneurship, with his teams generating hundreds of millions in pipeline for big-name brands like Starbucks, Visa, and Coca-Cola. But why is something as basic as getting an email delivered such a huge challenge for marketers, especially when 61% cite it as a top hurdle? Benny breaks down the secret sauce behind high-performing cold emails, from technical game-changers like DNS records to innovative strategies that move leads down the funnel without the hard sell. If you think email marketing is just about catchy subject lines and clever copy, get ready for a reality check. Benny reveals the hidden gaps no one's talking about, and what separates successful email campaigns from the rest. Whether you're at a startup searching for product-market fit or at a scale-up hungry for predictable growth, this episode will change the way you think about your inbox. Some areas we explore in this episode include: Benny Rubin's Journey – Transitioning from a music background to founding Senders and working in email deliverability and B2B sales.Unit Economics – The importance of understanding core business economics, especially in smaller businesses.Email Deliverability Fundamentals – Core technical essentials: domains, IP addresses, and DNS records.Common Email Pitfalls – Misconceptions, basic technical errors, and the problem with chasing random tactics.Technical vs. Messaging Strategy – The need to balance infrastructure fixes with crafting resonant messaging.Cold Email as a Growth Channel – Real-world examples and how cold email is used for pipeline and revenue generation.Lead Generation Tactics – Using cold email to nurture leads by inviting them to communities, roundtables, or events.Role of Content & Education – Why educating teams and prospects around email is critical for results.Iterative Messaging – The value of flexibility and testing in cold email campaigns.Industry Noise & Misinformation – The abundance of poor or narrowly-informed cold email advice online.And much, much more...

Welcome back to our weekend Cabral HouseCall shows! This is where we answer our community's wellness, weight loss, and anti-aging questions to help people get back on track! Check out today's questions:    Trish: Hi Dr. Cabral - I'm a 55-year-old female working on lowering overall inflammation in my body. My CRP levels are (4.1), ApoB (118 nmol/L and Lipoprotein (A) (281 nmol/L) as you can see are high. Total Cholesterol 221 and Triglycerides are 70. I have a lot of stiffness with joint discomfort. I started taking 2 Proteolytic Enzymes upon waking. Then your DNS, D3/k2, Cell Boost, Inflamma Soothe, Collagen with GLP Tone System and some of your other products (eye and hair). I follow your Med diet. My pain and stiffness have improved ALOT in a matter of days. I'm going to retest my CRP and chol levels in 4 months. My question is how long can I take Proteolytic Enzymes and in your opinion am I taking the proper protocol for these issues? I'm retesting in 4 mos. Thank you in advance          Sheena: Hi Dr Cabral! Hope you and all of your health family are well. I'm a surgical Processor and on my feet all day. I've tried all kinds of compression socks but by the end of the day, after taking it off, my leg are soo itchy! I scratch it sometimes so bad it starts to bleed. I'm only wearing the average 15-20 mmHG so its not too tight. I'm curious if you have a recommendation for compression socks that wont causes itching but is effective? Thanks in advance for answering!      Christina: Stephen, I have listened on one of your podcasts about Rheumatoid Arthritis and detoxing. My mother is in her early 70s and her fingers are twisting. I am 48 and recently the base of my thumbs have started bothering me. My question is, what detox protocol should my mother start with to prevent further twisting of her fingers and what detox protocol should I do to prevent this from happening to me? I would love to do the heavy metals and organic acid tests, but unfortunately I live in NY. Would my functional medicine doctor be able to order them for me? I have had HELLP, HUS, DIC, Guillian Barre, and Pulminary Edema in my pregnancy at 21. My son was delivered with no issues! At this time, we learned that I have ITTP. I have had IBS issues. Thank you, Christina                      Ryan: Hi dr cabral, Im a 29 year old male who has addisons disease, chronic post nasal drip, food intolerance's and teeth grinding a stool test confirmed klebsiella pneumonie overgrowth and blastocystis hominis as well as some yeast and fungus with no Bifidobacteria and Lactobacillus detected, I recently started the cbo protocol with citricidal drops im 7 days in untill i came across one of your videos where you mentioned you should go for the parasite first should i stop the cbo protocol and start the para support protocol and then continue the cbo after or just continue the cbo protocol Thank you for your time wishing you all the best ryan.                                                                                                                                     Kay: Hi Dr. Cabral, I I love your podcasts and look forward to them every week. Anyway, I was wondering if you could please explain how a traumatic event could spur the onset of a "dis-ease" such as asthma. My daughter's asthma began shortly after her father and I were separated and he moved out of state. According to her pediatrician at the time, she was "more prone to having asthma because she also had eczema." This was 2 decades ago, and now she's 31 and we know more about autoimmune issues. Although she continues to carry an inhaler with her, she hardly needs to use it anymore. What would you recommend for a more root cause approach to someone with her condition? Thank you.                                  Thank you for tuning into today's Cabral HouseCall and be sure to check back tomorrow where we answer more of our community's questions!    - - - Show Notes and Resources: StephenCabral.com/3466 - - - Get a FREE Copy of Dr. Cabral's Book: The Rain Barrel Effect - - - Join the Community & Get Your Questions Answered: CabralSupportGroup.com - - - Dr. Cabral's Most Popular At-Home Lab Tests: > Complete Minerals & Metals Test (Test for mineral imbalances & heavy metal toxicity) - - - > Complete Candida, Metabolic & Vitamins Test (Test for 75 biomarkers including yeast & bacterial gut overgrowth, as well as vitamin levels) - - - > Complete Stress, Mood & Metabolism Test (Discover your complete thyroid, adrenal, hormone, vitamin D & insulin levels) - - - > Complete Food Sensitivity Test (Find out your hidden food sensitivities) - - - > Complete Omega-3 & Inflammation Test (Discover your levels of inflammation related to your omega-6 to omega-3 levels) - - - Get Your Question Answered On An Upcoming HouseCall: StephenCabral.com/askcabral - - - Would You Take 30 Seconds To Rate & Review The Cabral Concept? The best way to help me spread our mission of true natural health is to pass on the good word, and I read and appreciate every review!  

Welcome Back! The Boulder Boys Show Ep. 52 WE ARE LIVE! We hosted our first group run and live pod with the help of Intrepid Camp Gear. We chat about Moi's major life change, DNS vs. DNF, and field some listener questions.  Thanks for listening!  This Episode is brought to you by Intrepid Camp Gear.  https://intrepidcampgear.com/discount/BoulderBoys Code: BoulderBoys for 10% off Boulderboys.show Year Of The Boy: https://youtu.be/KsClhdWc5-8 Moi's training app: https://vert.run Matt's substack: https://substack.com/@mattdaniels480?utm_source=substack-feed-item 

We’re continuing our IPv6 Basics series discussing on this episode deployment.  We’ll help you sort out why you should deploy IPv6, things to consider before starting a deployment, and what approach you should take such as “inside out” vs. “outside in” and when you should deploy IPv6. Lastly we explain why you should seek out... Read more »

DNS 275 Dave Crosland & Scott McNally 0:00 teaser clip 0:20 Intro and advertisers 2:00 Suck it England! 3:40 Masters Cycles 11:50 Raw Powder Supply Chain Update 18:45 Compounds for the 3D look? 21:50 Will GLP meds take away the achievement of condition? 31:45 Lifetime Natty First Cycle? 34:00 Multiple Pathways on Cycle 37:40 GH Releasing Peptides 40:20 Does T3 Burn Muscle? 43:16 Correcting Constipation 46:05 Cycle Proposal 47:15 Adding Exogenous Estrogen to Cycles? 51:15 BP Meds? 53:00 Gear that is most damaging to male fertility 54:30 Cycle Proposal for Off Season with 1g test 56:25 SS31 Update 59:00 Correcting Low SHBG 1:00:45 Correcting Joint Pain 1:07:45 Infection or Allergic Reaction? 1:11:15 Best Fish and Chips by Dave 1:13:00 Strom SupportMax

Thank you for joining us for our 2nd Cabral HouseCall of the weekend! I'm looking forward to sharing with you some of our community's questions that have come in over the past few weeks…   John: I wanted to know if you have any info on bpc 157 thats all over the internet thanks                                                  Jessica: Hi Dr. Cabral, First, thank you for sharing your knowledge and for all that you do! I was skeptical of naturopathy, but you have made a believer out of me. With a few podcasts and diet changes, my life has been changing for the better. Question about a new supplement that I recently heard about called Stasis. I was diagnosed with ADD/ADHD in the first grade. I am now 32yrs old and have been on medication since then. Recently, I heard about a supplement. Have you heard of this? If so, what are your thoughts?                                                                                                                Charlene: Hi thank you for all your help. I was wondering if you had any info about caffeine and mood. I stopped all caffeine for a time but every now and then I have a regular coffee and my mood seems better on those days. Is there anything I can do to help not need caffeine to be in a good mood?                                                                                                      Lilian: Hello Dr. Cabral, thank you for all you do! I have been struggling with the DNS flavor, it is incredibly sweet. I have seen many posts on the support group of people having the same problem and struggling with it. Many have tried the spices and all the other recommendation. My question is: do you think at some point there will be an unflavored, unsweet DNS powder available? I know Michelle has said that the flavor of the vitamins would be prevalent, but I really would rather have that than the sweetness in it. Besides, if we would add greens and blueberries/fruit that would not be an issue. Are there any chances that there will be one made? Please!                                                                                                                                    Shawn: My sister-in-law was recently diagnosed with small vessel polyigitis. She's in her late 50's, and overall she is very healthy... works out, stays active and eats healthy. What course of treatment/recommendations would you suggest for her? Thank you! I appreciate your input and guidance.             Thank you for tuning into this weekend's Cabral HouseCalls and be sure to check back tomorrow for our Mindset & Motivation Monday show to get your week started off right! - - - Show Notes and Resources: StephenCabral.com/3460 - - - Get a FREE Copy of Dr. Cabral's Book: The Rain Barrel Effect - - - Join the Community & Get Your Questions Answered: CabralSupportGroup.com - - - Dr. Cabral's Most Popular At-Home Lab Tests: > Complete Minerals & Metals Test (Test for mineral imbalances & heavy metal toxicity) - - - > Complete Candida, Metabolic & Vitamins Test (Test for 75 biomarkers including yeast & bacterial gut overgrowth, as well as vitamin levels) - - - > Complete Stress, Mood & Metabolism Test (Discover your complete thyroid, adrenal, hormone, vitamin D & insulin levels) - - - > Complete Food Sensitivity Test (Find out your hidden food sensitivities) - - - > Complete Omega-3 & Inflammation Test (Discover your levels of inflammation related to your omega-6 to omega-3 levels) - - - Get Your Question Answered On An Upcoming HouseCall: StephenCabral.com/askcabral - - - Would You Take 30 Seconds To Rate & Review The Cabral Concept? The best way to help me spread our mission of true natural health is to pass on the good word, and I read and appreciate every review!  

Welcome back to our weekend Cabral HouseCall shows! This is where we answer our community's wellness, weight loss, and anti-aging questions to help people get back on track! Check out today's questions:    Ann: Hi Dr. Cabral- everyone out here SO appreciates all you do :) You have mentioned that there is a difference between an IGG reaction to a food and a digestive issue that would cause bloating and gas etc. Could you explain how you can tell if you are having an IGG reaction? I used to think that the bloat was the reaction. The 3 foods I am moderately sensitive to based on my Food Sensitivity test have never given me OVERT symptoms , so I'm wondering how to tell if these or any food combos are giving me inflammation without telltale rash, swelling etc. Im 61 and don't have any pressing health issues so healthspan is my focus right now and I don't want to be eating anything that may be causing me hidden inflammation. Thank you again :)                                                                                                                                                       Kavita: Hello Dr. Cabral, Thank you for your incredible work! I have successfully reversed many of my health issues thanks to your guidance and support. I recently received my test results, and I am pleased to report that they look fantastic overall. However, my cholesterol levels are on the higher side. What recommendations do you have for addressing this? I  walk frequently and work out three to four times a week, including strength training. I am currently focused on my weight, aiming to reach 170 pounds; I weigh 191 pounds at the moment. Additionally, I have been struggling with migraines for most of my life, and I recently started seeing a chiropractor in hopes that this will help alleviate my symptoms. I would greatly appreciate any advice.                                                                                                           David: Hi Dr.Cabral, Really appreciate everything you do and I can't stress enough how much of a positive impact you have had on my life and many of those around me as a result of being the health coach in my home. I've been revisiting my personal protocol to optimize for my genes even more than I do and boy is it a confusing area. Specifically, I am trying to balance MTHFR and COMT. After speaking with a methylation focused nutritionist, she recommended that I switch my DNS to beef liver and beef organ supplements (about 4-5 caps of each) I have taken Equi Life's organ complex and generally tolerated it well, but was wondering if there is a time and place (such as having my genotype) where using a whole food based multi makes sense and is better than synthetic multi-vitamins?                                                                                John: Hey dr I asked you a question on 3410 but you misread the question I wanted to know if I should stop all my supplements when I'm on the heavy metal detox not the regular detox . Just want to make sure the heavy metal doesn't cancel out everything thanks                                                                                                                                                                Tammy: As a healthcare worker, I am seeing an increase in patients with lymphedema, where the calf and ankle areas are very swollen and many times gets blistering sores and veins issues What are your recommendations for lymphedema and venous problems?       Thank you for tuning into today's Cabral HouseCall and be sure to check back tomorrow where we answer more of our community's questions!    - - - Show Notes and Resources: StephenCabral.com/3459 - - - Get a FREE Copy of Dr. Cabral's Book: The Rain Barrel Effect - - - Join the Community & Get Your Questions Answered: CabralSupportGroup.com - - - Dr. Cabral's Most Popular At-Home Lab Tests: > Complete Minerals & Metals Test (Test for mineral imbalances & heavy metal toxicity) - - - > Complete Candida, Metabolic & Vitamins Test (Test for 75 biomarkers including yeast & bacterial gut overgrowth, as well as vitamin levels) - - - > Complete Stress, Mood & Metabolism Test (Discover your complete thyroid, adrenal, hormone, vitamin D & insulin levels) - - - > Complete Food Sensitivity Test (Find out your hidden food sensitivities) - - - > Complete Omega-3 & Inflammation Test (Discover your levels of inflammation related to your omega-6 to omega-3 levels) - - - Get Your Question Answered On An Upcoming HouseCall: StephenCabral.com/askcabral - - - Would You Take 30 Seconds To Rate & Review The Cabral Concept? The best way to help me spread our mission of true natural health is to pass on the good word, and I read and appreciate every review!  

Google and Microsoft issue critical updates. CISA warns of active exploitation of a critical flaw in Wing FTP Server. Cloudflare restores their DNS Resolver service following a brief outage. A critical vulnerability in a PHP documentation tool allows attackers to execute code on affected servers. NSA and FBI officials say they've disrupted Chinese cyber campaigns targeting U.S. critical infrastructure. A UK data breach puts Afghan soldiers and their families at risk. Researchers find malware hiding in DNS records. A former U.S. Army soldier pleads guilty to charges of hacking and extortion. Ben Yelin joins us with insights on the Senate Armed Services Committee's response to rising threats to critical infrastructure.The large print giveth and the small print taketh away.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Ben Yelin, co host of our Caveat podcast and Program Director for Public Policy & External Affairs at the University of Maryland Center for Cyber Health and Hazard Strategies, discussing the Senate Armed Services Committee's and Trump administration nominees' recent conversation about rising threats to critical infrastructure. You can find the article Ben discusses here. Selected Reading Google fixes actively exploited sandbox escape zero day in Chrome (Bleeping Computer) Windows KB5064489 emergency update fixes Azure VM launch issues (Bleeping Computer) Exploited Wing file transfer bug risks ‘total server compromise,' CISA warns (The Record) Cloudflare 1.1.1.1 incident on July 14, 2025 (Cloudflare) Critical template Injection flaw in LaRecipe Documentation Package enables remote code execution (Beyond Machines) NSA: Volt Typhoon was ‘not successful' at persisting in critical infrastructure (The Record) Defence secretary 'unable to say' if anyone killed after Afghan data breach  (BBC News) Hackers exploit a blind spot by hiding malware inside DNS records (Ars Technica) 21-year-old former US soldier pleads guilty to hacking, extorting telecoms  (The Record) WeTransfer says files not used to train AI after backlash (BBC News) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices