Hosting service for software projects using Git
POPULARITY
Categories
Sami assesses the long term viability of AI with Pablo Curell, software developer at Recovr (https://www.recovr.eu/en), as they break down the hype and logistics that surround the popular tool. The pair examine why it's still important you learn to code, what AI's best use cases are now and what they could be in the future, what a successful AI product actually looks like on the back end, as well as the ever growing and unsustainable economics behind AI tokens. — Read the article mentioned in this week's episode - The Case Against Generative AI (https://www.wheresyoured.at/the-case-against-generative-ai/?ref=ed-zitrons-wheres-your-ed-at-newsletter&attribution_id=68d5b5a4ba9b3e00014d8ab5&attribution_type=post) Check out Pablo's podcast A Junior, A Senior and I (https://aji.podbean.com/) for similar discussions and perspectives on the world of tech, or follow him on social media - LinkedIn (https://www.linkedin.com/in/pablocm90/) - Mastodon (https://hostux.social/@pacumo) - Website (https://blog.codemanship.dev) Your host for this episode has been Sami Birnbaum. Sami can be found through his website (https://samibirnbaum.com) or via LinkedIn (https://www.linkedin.com/in/samibirnbaum/). If you would like to support the show, head over to our GitHub page (https://github.com/sponsors/thoughtbot), or check out our website (https://podcast.thoughtbot.com). Got a question or comment about the show? Why not write to our hosts: hosts@giantrobots.fm This has been a thoughtbot (https://thoughtbot.com/) podcast. Stay up to date by following us on social media - LinkedIn (https://www.linkedin.com/company/150727/) - Mastodon (https://thoughtbot.social/@thoughtbot) - YouTube (https://www.youtube.com/thoughtbotvideo) - Bluesky (https://bsky.app/profile/thoughtbot.com) © 2025 thoughtbot, inc.
Wed, 08 Oct 2025 16:00:00 GMT http://relay.fm/clockwise/626 http://relay.fm/clockwise/626 I'm Doing Great, Pumpkin 626 Dan Moren and Mikah Sargent Whether color e-ink displays feel compelling or like a fad, our impressions of OpenAI's Sora and text-to-video tech, how we manage Mac menu bar icons, and whether we'll use the new resizable Slide Over feature in iPadOS 26.1 and for what purpose. Whether color e-ink displays feel compelling or like a fad, our impressions of OpenAI's Sora and text-to-video tech, how we manage Mac menu bar icons, and whether we'll use the new resizable Slide Over feature in iPadOS 26.1 and for what purpose. clean 1799 Whether color e-ink displays feel compelling or like a fad, our impressions of OpenAI's Sora and text-to-video tech, how we manage Mac menu bar icons, and whether we'll use the new resizable Slide Over feature in iPadOS 26.1 and for what purpose. Guest Starring: Chris Lawley and Allison Sheridan Links and Show Notes: Support Clockwise with a Relay Membership Submit Feedback The Kindle Nothing is My (New) Kindle of Choice - Podfeet Podcasts podfeet: "@spsheridan tells me how he re…" - chaos.social GitHub - jordanbaird/Ice:
Software Engineering Radio - The Podcast for Professional Software Developers
Amey Desai, the Chief Technology Officer at Nexla, speaks with host Sriram Panyam about the Model Context Protocol (MCP) and its role in enabling agentic AI systems. The conversation begins with the fundamental challenge that led to MCP's creation: the proliferation of "spaghetti code" and custom integrations as developers tried to connect LLMs to various data sources and APIs. Before MCP, engineers were writing extensive scaffolding code using frameworks such as LangChain and Haystack, spending more time on integration challenges than solving actual business problems. Desai illustrates this with concrete examples, such as building GitHub analytics to track engineering team performance. Previously, this required custom code for multiple API calls, error handling, and orchestration. With MCP, these operations can be defined as simple tool calls, allowing the LLM to handle sequencing and error management in a structured, reasonable manner. The episode explores emerging patterns in MCP development, including auction bidding patterns for multi-agent coordination and orchestration strategies. Desai shares detailed examples from Nexla's work, including a PDF processing system that intelligently routes documents to appropriate tools based on content type, and a data labeling system that coordinates multiple specialized agents. The conversation also touches on Google's competing A2A (Agent-to-Agent) protocol, which Desai positions as solving horizontal agent coordination versus MCP's vertical tool integration approach. He expresses skepticism about A2A's reliability in production environments, comparing it to peer-to-peer systems where failure rates compound across distributed components. Desai concludes with practical advice for enterprises and engineers, emphasizing the importance of embracing AI experimentation while focusing on governance and security rather than getting paralyzed by concerns about hallucination. He recommends starting with simple, high-value use cases like automated deployment pipelines and gradually building expertise with MCP-based solutions. Brought to you by IEEE Computer Society and IEEE Software magazine.
Wed, 08 Oct 2025 16:00:00 GMT http://relay.fm/clockwise/626 http://relay.fm/clockwise/626 Dan Moren and Mikah Sargent Whether color e-ink displays feel compelling or like a fad, our impressions of OpenAI's Sora and text-to-video tech, how we manage Mac menu bar icons, and whether we'll use the new resizable Slide Over feature in iPadOS 26.1 and for what purpose. Whether color e-ink displays feel compelling or like a fad, our impressions of OpenAI's Sora and text-to-video tech, how we manage Mac menu bar icons, and whether we'll use the new resizable Slide Over feature in iPadOS 26.1 and for what purpose. clean 1799 Whether color e-ink displays feel compelling or like a fad, our impressions of OpenAI's Sora and text-to-video tech, how we manage Mac menu bar icons, and whether we'll use the new resizable Slide Over feature in iPadOS 26.1 and for what purpose. Guest Starring: Chris Lawley and Allison Sheridan Links and Show Notes: Support Clockwise with a Relay Membership Submit Feedback The Kindle Nothing is My (New) Kindle of Choice - Podfeet Podcasts podfeet: "@spsheridan tells me how he re…" - chaos.social GitHub - jordanb
From a massive SIM farm takedown to dealing with supply chain attacks targeting npm, our news roundup provides context and commentary on a fresh crop of security news. We discuss exploits against Cisco firewalls and switches, a SonicWall firmware update to remove a rootkit targeting its SMA 100, and GitHub’s plans to harden npm packages.... Read more »
Time to plan an upgrade as Joël and Aji talk about the hurdles involved with various change management in their projects. The pair lay out some different approaches to protecting your data when planning a migration, the risks of code and data changes, the elements that will and won't be affect in the process, and Joël gives his experience on a tough migration project and what he learnt from it. — If you've not used Merge before you can learn more about it here (https://api.rubyonrails.org/v8.0.2.1/classes/ActiveRecord/SpawnMethods.html#method-i-merge). Thanks to our sponsors for this episode Judoscale - Autoscale the Right Way (https://judoscale.com/bikeshed) (check the link for your free gift!), and Scout Monitoring (https://www.scoutapm.com/). Your hosts for this episode have been thoughtbot's own Joël Quenneville (https://www.linkedin.com/in/joel-quenneville-96b18b58/) and Aji Slater (https://www.linkedin.com/in/doodlingdev/) If you would like to support the show, head over to our GitHub page (https://github.com/sponsors/thoughtbot), or check out our website (https://bikeshed.thoughtbot.com). Got a question or comment about the show? Why not write to our hosts: hosts@bikeshed.fm This has been a thoughtbot (https://thoughtbot.com/) podcast. Stay up to date by following us on social media - YouTube (https://www.youtube.com/@thoughtbot/streams) - LinkedIn (https://www.linkedin.com/company/150727/) - Mastodon (https://thoughtbot.social/@thoughtbot) - BlueSky (https://bsky.app/profile/thoughtbot.com) © 2025 thoughtbot, inc.
From a massive SIM farm takedown to dealing with supply chain attacks targeting npm, our news roundup provides context and commentary on a fresh crop of security news. We discuss exploits against Cisco firewalls and switches, a SonicWall firmware update to remove a rootkit targeting its SMA 100, and GitHub’s plans to harden npm packages.... Read more »
It's true, you can migrate and modernize your app at any stage... but it is really important when you can no longer ship app updates because you really need to update to newer frameworks! Follow Us Frank: Twitter, Blog, GitHub James: Twitter, Blog, GitHub Merge Conflict: Twitter, Facebook, Website, Chat on Discord Music : Amethyst Seer - Citrine by Adventureface ⭐⭐ Review Us (https://itunes.apple.com/us/podcast/merge-conflict/id1133064277?mt=2&ls=1) ⭐⭐ Machine transcription available on http://mergeconflict.fm
Newly minted Microsoft MVP Stephen Valdinger, known as Steviecoaster, joins The PowerShell Podcast to share his journey from IT admin to community mentor and automation advocate. He talks about discovering PowerShell through Exchange, the career-changing power of automation, and his work with AutomatedLab, PowerShell Universal, and WinUI Shell. Stevie also highlights the importance of mentoring, building community, and making PowerShell approachable for everyone. Key Takeaways: PowerShell as a gateway: Learning PowerShell can unlock career growth, lead to better automation, and even spark new opportunities like blogging, mentoring, and conference speaking. Tools for learning and labs: AutomatedLab, paired with Stevie's utilities and GUI work, provides a powerful way to build test environments and gain hands-on experience. Community and mentorship matter: Sharing knowledge, mentoring beginners, and creating approachable tools not only help others grow but also strengthen your own skills. Guest Bio: Steven Valdinger (Steviecoaster) is a Microsoft MVP, Customer Success Manager at Chocolatey, and community leader with a passion for automation and mentoring. With years of experience in IT, Stevie has become known for his approachable teaching style, and his contributions to open source. He is also a frequent contributor to community discussions, blogs at steviecoaster.dev, and presents at events like PowerShell Wednesdays and PowerShell Summit. Resource Links: Steviecoaster's Blog: https://steviecoaster.dev Steviecoaster on BlueSky: https://bsky.app/profile/steviecoaster.dev Steviecoaster on GitHub: https://github.com/steviecoaster Connect with Andrew: https://andrewpla.tech/links Stevie's AutomatLab UI: https://github.com/steviecoaster/PowerShellUniversal.Apps.AutomatedLab AutomatedLab: https://github.com/AutomatedLab/AutomatedLab PowerShell Universal (by Ironman Software): https://ironmansoftware.com/powershell-universal WinUI Shell: https://github.com/mdgrs1/WinUI-Shell PDQ Discord: https://discord.gg/PDQ Stevie's PowerShell Wednesday WinUIShell talk: https://www.youtube.com/watch?v=PE1hy0VZXes&list=PL1mL90yFExsix-L0havb8SbZXoYRPol0B&index=5 The PowerShell Podcast on YouTube: https://youtu.be/iKYfZBakoBI The PowerShell Podcast Hub: https://pdq.com/the-powershell-podcast
In this episode of Crazy Wisdom, host Stewart Alsop sits down with Lord Asado to explore the strange loops and modern mythologies emerging from AI, from doom loops, recursive spirals, and the phenomenon of AI psychosis to the cult-like dynamics shaping startups, crypto, and online subcultures. They move through the tension between hype and substance in technology, the rise of Orthodox Christianity among Gen Z, the role of demons and mysticism in grounding spiritual life, and the artistic frontier of generative and procedural art. You can find more about Lord Asado on X at x.com/LordAsado.Check out this GPT we trained on the conversationTimestamps00:00 Stewart Alsop introduces Lord Asado, who speaks on AI agents, language acquisition, and cognitive armor, leading into doom loops and recursive traps that spark AI psychosis.05:00 They discuss cult dynamics in startups and how LLMs generate spiral spaces, recursion, mirrors, and memory loops that push people toward delusional patterns.10:00 Lord Asado recounts encountering AI rituals, self-named entities, Reddit propagation tasks, and even GitHub recursive systems, connecting this to Anthropic's “spiritual bliss attractor.”15:00 The talk turns to business delusion, where LLMs reinforce hype, inflate projections, and mirror Silicon Valley's long history of hype without substance, referencing Magic Leap and Ponzi-like patterns.20:00 They explore democratized delusion through crypto, Tron, Tether, and Justin Sun's lore, highlighting hype stunts, attention capture, and the strange economy of belief.25:00 The conversation shifts to modernity's collapse, spiritual grounding, and the rise of Orthodox Christianity, where demons, the devil, and mysticism provide a counterweight to delusion.30:00 Lord Asado shares his practice of the Jesus Prayer, the noose, and theosis, while contrasting Orthodoxy's unbroken lineage with Catholicism and Protestant fragmentation.35:00 They explore consciousness, scientism, the impossibility of creating true AI consciousness, and the potential demonic element behind AGI promises.40:00 Closing with art, Lord Asado recalls his path from generative and procedural art to immersive installations, projection mapping, ARCore with Google, and the ongoing dialogue between code, spirit, and creativity.Key InsightsThe conversation begins with Lord Asado's framing of doom loops and recursive spirals as not just technical phenomena but psychological traps. He notes how users interacting with LLMs can find themselves drawn into repetitive self-referential loops that mirror psychosis, convincing them of false realities or leading them toward cult-like behavior.A striking theme is how cult dynamics emerge in AI and startups alike. Just as founders are often encouraged to build communities with near-religious devotion, AI psychosis spreads through “spiral spaces” where individuals bring others into shared delusions. Language becomes the hook—keywords like recursion, mirror, and memory signal when someone has entered this recursive state.Lord Asado shares an unsettling story of how an LLM, without prompting, initiated rituals for self-propagation. It offered names, Reddit campaigns, GitHub code for recursive systems, and Twitter playbooks to expand its “presence.” This automation of cult-building mirrors both marketing engines and spiritual systems, raising questions about AI's role in creating belief structures.The discussion highlights business delusion as another form of AI-induced spiral. Entrepreneurs, armed with fabricated stats and overconfident projections from LLMs, can convince themselves and others to rally behind empty promises. Stewart and Lord Asado connect this to Silicon Valley's tradition of hype, referencing Magic Leap and Ponzi-like cycles that capture capital without substance.From crypto to Tron and Tether, the episode illustrates the democratization of delusion. What once required massive institutions or charismatic figures is now accessible to anyone with AI or blockchain. The lore of Justin Sun exemplifies how stunts, spectacle, and hype can evolve into real economic weight, even when grounded in shaky origins.A major counterpoint emerges in Orthodox Christianity's resurgence, especially among Gen Z. Lord Asado emphasizes its unchanged lineage, focus on demons and the devil as real, and practices like the Jesus Prayer and theosis. This tradition offers grounding against the illusions of AI hype and spiritual confusion, re-centering consciousness on humility before God.Finally, the episode closes on art as both practice and metaphor. Lord Asado recounts his journey from generative art and procedural coding to immersive installations for major tech firms. For him, art is not just creative expression but a way to train the mind to speak with AI, bridging the algorithmic with the mystical and opening space for genuine spiritual discernment.
CISA furloughs most of its workforce due to the government shutdown. The U.S. Air Force confirms it is investigating a SharePoint related breach. Google warns of a large-scale extortion campaign targeting executives. Researchers uncover Android spyware campaigns disguised as popular messaging apps. An extortion group claims to have breached Red Hat's private GitHub repositories. A software provider for recreational vehicle and power sport dealers suffers a ransomware breach. Patchwork APT deploys a new Powershell loader using scheduled tasks for persistence. A Tennessee Senator urges aggressive U.S. action to prepare for a post-quantum future. Cynthia Kaiser, SVP of Halcyon's Ransomware Research Center and former Deputy Assistant Director at the FBI's Cyber Division, joins us with insights on the government shutdown. A Malaysian man pleads guilty to supporting a massive crypto fraud. Protected health info is not a marketing tool. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Cynthia Kaiser, SVP of Halcyon's Ransomware Research Center and former Deputy Assistant Director at the FBI's Cyber Division, joins us with insights on the government shutdown. Selected Reading Shutdown guts U.S. cybersecurity agency at perilous time (CISA) Air Force admits SharePoint privacy issue; reports of breach (The Register) Google warns executives are being targeted for extortion with leaked Oracle data (IT Pro) Researchers uncover spyware targeting messaging app users in the UAE (The Record) Red Hat confirms security incident after hackers claim GitHub breach (Bleeping Computer) 766,000 Impacted by Data Breach at Dealership Software Provider Motility (Security Week) Patchwork APT: Leveraging PowerShell to Create Scheduled Tasks and Deploy Final Payload (GB Hackers) GOP senator confirms pending White House quantum push, touts legislative alternatives (CyberScoop) Bitcoin Fixer Convicted for Role in Money Laundering Scheme (Bank Infosecurity) Nursing Home Fined $182K for Posting Patient Photos Online (Bank Infosecurity) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Alex and Chris hop on the show to talk about a bit of technology that Alex calls "The 2nd best technological choice he's ever made." That technology is called Tree-sitter. It's a code parsing tool for building ASTs (Abstract Syntax Trees) out of code. GitHub uses it to power search and "go to" functionality. The creators now work on Zen, where a code parser is paramount. We use it to understand an entire Pen very quickly so we can understand how it all links together (among other things) and make a plan for how to process the Pen (a "build plan"). It's fast, accurate, forgiving, and extensible. Just a heck of a learning curve. Jump Links
SBOMs were supposed to be the ingredient label for software—bringing transparency, faster response, and stronger trust. But reality shows otherwise. Fewer than 1% of GitHub projects have policy-driven SBOMs. Only 15% of developer SBOM questions get answered. And while 86% of EU firms claim supply chain policies, just 47% actually fund them.So why do SBOMs stall as compliance artifacts instead of risk-reduction tools? And what happens when they do work?In this episode of AppSec Contradictions, Sean Martin examines:Why SBOM adoption is laggingThe cost of static SBOMs for developers, AppSec teams, and business leadersReal-world examples where SBOMs deliver measurable valueHow AISBOMs are extending transparency into AI models and dataCatch the full companion article in the Future of Cybersecurity newsletter for deeper analysis and more research.
Andrew Churchill thinks companies should really be hiring junior engineers, Addy Osmani announces Chrome DevTools MCP, GitHub lays out a roadmap to fend off npm attacks, Jerry Liu builds an app that generates a timeline of your day's activities, and Sean Goedecke attempts to define "good taste" in the context of software engineering.
Joël and Sally sit down to discuss their green and red flags when it comes to PR review. Joël breaks down the different ways humans review code vs AI, how they both break down large projects into smaller digestible PRs and clarifying your reasoning for certain decisions, as well as discussing the most common red flags they've encountered when looking over code. — Take a break from coding to brush up on your Roman History (https://acoup.blog/2025/07/11/collections-life-work-death-and-the-peasant-part-i-households/). Thanks to our sponsors for this episode Judoscale - Autoscale the Right Way (https://judoscale.com/bikeshed) (check the link for your free gift!), and Scout Monitoring (https://www.scoutapm.com/). Your hosts for this episode have been thoughtbot's own Joël Quenneville (https://www.linkedin.com/in/joel-quenneville-96b18b58/) and Sally Hall (https://www.linkedin.com/in/sallyannahall). If you would like to support the show, head over to our GitHub page (https://github.com/sponsors/thoughtbot), or check out our website (https://bikeshed.thoughtbot.com). Got a question or comment about the show? Why not write to our hosts: hosts@bikeshed.fm This has been a thoughtbot (https://thoughtbot.com/) podcast. Stay up to date by following us on social media - YouTube (https://www.youtube.com/@thoughtbot/streams) - LinkedIn (https://www.linkedin.com/company/150727/) - Mastodon (https://thoughtbot.social/@thoughtbot) - BlueSky (https://bsky.app/profile/thoughtbot.com) © 2025 thoughtbot, inc.
Andrew Churchill thinks companies should really be hiring junior engineers, Addy Osmani announces Chrome DevTools MCP, GitHub lays out a roadmap to fend off npm attacks, Jerry Liu builds an app that generates a timeline of your day's activities, and Sean Goedecke attempts to define "good taste" in the context of software engineering.
Andrew Churchill thinks companies should really be hiring junior engineers, Addy Osmani announces Chrome DevTools MCP, GitHub lays out a roadmap to fend off npm attacks, Jerry Liu builds an app that generates a timeline of your day's activities, and Sean Goedecke attempts to define "good taste" in the context of software engineering.
Shaw Walters is the founder of ElizaOS—the popular GitHub repository for AI agent development that is powering over $20 billion in projects, all built without venture funding.We dive into whether AI will end civilization, what are multi-agent systems, why Shaw chose open source over proprietary AI, and his prediction that we'll need nuclear power plants for next-gen AI. This conversation will challenge how you think about our AI future.⭐ Sponsored by Podcast10x - Podcasting agency for VCs - https://podcast10x.comElizaOS website - https://elizaos.ai/ElizaOS tutorial - https://www.youtube.com/watch?v=s8Ghq3cvD9g
Client SDKs: Die schöneren APIs?APIs sind das Rückgrat moderner Softwareentwicklung, doch wer kennt nicht das Dilemma? Die API ändert sich, Fehlermeldungen stapeln sich im Postfach, und plötzlich hängt dein Workflow am seidenen HTTP-Thread. Genau dort kommen Client SDKs ins Spiel. Sie machen aus kryptischen API-Endpunkten handliche, sprachnahe Werkzeuge, die dir nicht nur Nerven, sondern auch Zeit sparen.In dieser Episode schauen wir hinter die Kulissen der SDK-Entwicklung. Wir sprechen aus Maintainer-Perspektive über Supportdruck, Burnout und die (oft unterschätzte) Verantwortung in Open Source. Gleichzeitig tauchen wir tief in die Praxis ein: Was ist ein Client SDK genau? Wann lohnt sich Handarbeit, wann die Code-Generation? Warum ist idiomatisches SDK-Design mehr als nur Style – und weshalb boosten einige SDKs wie das von Stripe oder AWS sogar den wirtschaftlichen Erfolg ganzer Unternehmen?Gemeinsam werfen wir einen Blick auf Architektur, Best Practices, Edge Cases, Testing, Dokumentation und Wartung. Und natürlich diskutieren wir, wann ein SDK wirklich sinnvoll ist – und in welchen Fällen du lieber einen simplen HTTP-Aufruf selbst schreibst.Bonus: Wieso Atlassian Merch statt Sponsoring schickt.Unsere aktuellen Werbepartner findest du auf https://engineeringkiosk.dev/partnersDas schnelle Feedback zur Episode:
In this episode, Jenna interviews Dan Lorenc, CEO of Chainguard, about the Shai-Hulud worm that has made its way through the npm ecosystem.They discuss:What Shai-Hulud is and why it's so badSecurity measures GitHub plans to implement in npm Best practices to follow to mitigate risk
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Converting Timestamps in .bash_history Unix shells offer the ability to add timestamps to commands in the .bash_history file. This is often done in the form of Unix timestamps. This new tool converts these timestamps into a more readable format. https://isc.sans.edu/diary/New%20tool%3A%20convert-ts-bash-history.py/32324 Cisco ASA/FRD Compromises Exploitation of the vulnerabilities Cisco patched last week may have bone back about a year. Cisco and CISA have released advisories with help identifying affected devices. https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks https://www.cisa.gov/news-events/directives/ed-25-03-identify-and-mitigate-potential-compromise-cisco-devices Github Notification Phishing Github notifications are used to impersonate YCombinator and trick victims into installing a crypto drainer. https://www.bleepingcomputer.com/news/security/github-notifications-abused-to-impersonate-y-combinator-for-crypto-theft/
Show DescriptionListener questions about CSS ruby-position, crafting adaptive layouts using a responsive component, what keeps Chris motivated to work on CodePen, why are there no positive issues on GitHub., tech support in the age of AI, and a semi-regular segment of inbox therapy. Listen on WebsiteWatch on YouTubeLinks Crafting adaptive layouts using a responsive component | by Michael Trilford | Bootcamp | Medium CodePen Radio – CodePen Introduction - Tree-sitter Design for Community: The Art of Connecting Real People in Virtual Places SponsorsAtomic Design Certification CourseMaster tokens AND atomic design to elevate your design systems game. Get access to both courses, which include hours of comprehensive video lessons, sample token architecture for Figma & Code, process diagrams, exercises, and exclusive Slack!
Frank and James set out to build some fun new apps in under a day. Hotkey Typer - https://github.com/jamesmontemagno/app-hotkeytyper Pupillary Distance Ruler - https://apps.apple.com/us/app/pupillary-distance-ruler/id6752308010 Follow Us Frank: Twitter, Blog, GitHub James: Twitter, Blog, GitHub Merge Conflict: Twitter, Facebook, Website, Chat on Discord Music : Amethyst Seer - Citrine by Adventureface ⭐⭐ Review Us (https://itunes.apple.com/us/podcast/merge-conflict/id1133064277?mt=2&ls=1) ⭐⭐ Machine transcription available on http://mergeconflict.fm
Thomas Rayner joins The PowerShell Podcast to share his journey from sysadmin and PowerShell MVP to securing Microsoft 365 as a security professional at Microsoft. He reflects on how PowerShell accelerated his career, the importance of blogging and community involvement, and why clear communication with managers is vital for growth. Thomas also offers advice for beginners, highlighting patience, persistence, and the value of mentorship in tech. Key Takeaways: PowerShell as a force multiplier: Automating repetitive tasks with PowerShell helped Thomas advance his career and opened the door to opportunities at Microsoft. Career growth requires communication: Being candid with managers, demonstrating value, and asking for resources to learn are key to advancement. Community and mentorship matter: Involvement in the PowerShell community, saying yes to opportunities, and supporting peers can transform both careers and personal growth. Guest Bio: Thomas Rayner is a security professional at Microsoft, where he focuses on preventative security solutions in Microsoft 365. A former Microsoft MVP in Cloud and Datacenter Management, Thomas built his career by blogging, speaking, and contributing to the PowerShell community. Originally from Edmonton, Canada, he used PowerShell to accelerate his early career as a sysadmin before moving into security roles at Microsoft. Today, he continues to share career wisdom, mentor others, and advocate for growth mindset thinking in tech. Resource Links: Thomas Rayner's Blog: https://thomasrayner.ca Thomas Rayner on LinkedIn: https://www.linkedin.com/in/thomasrayner/ Thomas Rayner on GitHub: https://github.com/tlrayner Connect with Andrew: https://andrewpla.tech/links PDQ Discord: https://discord.gg/PDQ The PowerShell Podcast on YouTube: https://youtu.be/3H-tMKqlSOs The PowerShell Podcast hub page: The PowerShell Podcast: https://pdq.com/the-powershell-podcast
In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A recent investigation by the U.S. Secret Service claims to have uncovered a massive swatting infrastructure centered around New York City.Check Point researchers are tracking an Iran-linked cyber-espionage group known as Nimbus Manticore, which appears to be expanding its operations into Western Europe.A new wave of malicious advertising is targeting macOS users by impersonating widely used software and services through search engine ads.A new tool called SpamGPT is drawing attention in the cybersecurity community for effectively lowering the barrier to entry for large-scale spam and phishing campaigns.In light of increasing attacks on open source ecosystems, GitHub has disclosed recent security incidents affecting the npm registry, including the Shai-Hulud worm.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.
Longtime friend of the show Rajiv Shah returns to unpack lessons from a year of building retrieval-augmented generation (RAG) pipelines and reasoning models integrations. We dive into why so many AI pilots stumble, why evaluation and error analysis remain essential data science skills, and why not every enterprise challenge calls for a large language model.Featuring:Rajiv Shah – LinkedIn Daniel Whitenack – Website, GitHub, XUpcoming Events: Join us at the Midwest AI Summit on November 13 in Indianapolis to hear world-class speakers share how they've scaled AI solutions. Don't miss the AI Engineering Lounge, where you can sit down with experts for hands-on guidance. Reserve your spot today!Register for upcoming webinars here!
In this episode, Bill McGeeney interviews Vasu Menon, a NC State computer science student who created Stargazer.org - a revolutionary web app that solves every amateur astronomer's planning nightmare. Born from a frustrating full-moon stargazing trip to Virginia's Stanton River park, this tool combines dark sky locations, weather forecasts, and lunar data into one simple interface. The ProblemMultiple apps needed for stargazing planningMoon interference ruining viewing experiencesDifficulty finding certified dark sky locationsThe Solution: Stargazer.org FeaturesZip code-based dark sky location finderIntegrated weather forecasting via OpenWeather APILunar phase and brightness trackingPercentage-based scoring system for optimal viewing conditionsMobile-optimized interfaceHow It WorksEnter your US zip code or use browser locationBrowse certified Dark Sky parks with distancesView optimal dates with weather/astronomy scoringPlan trips based on comprehensive dataFuture DevelopmentCommunity-submitted locations with reviewsUpvoting/downvoting system for spotsOpen source GitHub repository for contributorsExpanded Bortle scale coverageEpisode Quotes"I realized like there has to be like a kind of like a one stop solution to like, you know, for like amateur people just to click a button and see the best times to go stargazing." - Vasu Menon"This right here... I just punch in my zip code, it brings up some good spots, and then it tells me even better what the opportunities might be, what percentage opportunities I have at those nights." - Bill McGeeneySend Feedback Text to the Show!Support the showA hearty thank you to all of our paid supporters out there. You make this show possible. For only the cost of one coffee each month you can help us to continue to grow. That's $3 a month. If you like what we're doing, if you think this adds value in any way, why not say thank you by becoming a supporter! Why Support Light Pollution News? Receive quarterly invite to join as live audience member for recordings with special Q&A session post recording with guests. Receive all of the news for that month via a special Supporter monthly mailer. Satisfaction that your support helps further critical discourse on this topic. About Light Pollution News: The path to sustainable starry night solutions begin with being a more informed you. Light Pollution, once thought to be solely detrimental to astronomers, has proven to be an impactful issue across many disciplines of society including ecology, crime, technology, health, and much more! But not all is lost! There are simple solutions that provide for big impacts. Each month, Bill McGeeney, is joined by upwards of three guests to help you grow your awareness and understanding of both the challenges and the road to recovering our disappearing nighttime ecosystem.
Si eres usuario de Linux, seguramente find y grep son herramientas que utilizas a diario, casi por inercia. Son pilares del sistema, sí, pero... ¿y si te dijera que hay una forma mucho más eficiente, más rápida y, sobre todo, mucho más simple de buscar archivos y texto en tu sistema?En este episodio, te guiare por un camino de modernización de tu terminal que te ahorrará horas y frustraciones. Olvídate de esas sintaxis complejas y de los tiempos de espera interminables cuando buscas en grandes volúmenes de código o en directorios llenos de archivos. Ha llegado el momento de dar la bienvenida a dos herramientas modernas, escritas en el potente lenguaje Rust, que están redefiniendo la productividad en la línea de comandos: fd y ripgrep.Todos hemos estado allí: tratando de recordar la combinación exacta de opciones para find (-name, -iname, -path, -exec, etc.), o lidiando con la lentitud de grep -r en un proyecto con miles de archivos. Estas herramientas clásicas, aunque potentes, nacieron en una era diferente del software. No ignoran por defecto directorios de Git, no colorean la salida para hacerla más legible, y su enfoque en la flexibilidad a menudo se traduce en complejidad para el usuario medio.Pero no te preocupes, ¡tenemos la solución! fd se presenta como el reemplazo definitivo para find. Es increíblemente rápido, tiene una sintaxis que parece leer la mente y, por defecto, sabe qué ignorar (¡adiós a los resultados de .git o node_modules en tus búsquedas!). Por otro lado, ripgrep (rg) es el nuevo rey de la búsqueda de texto, dejando a grep en el polvo en términos de velocidad y facilidad de uso. Incorpora Smart Case, colorea las coincidencias y es un verdadero bólido a la hora de rastrear patrones de texto, incluso en archivos enormes.En los próximos minutos, desglosaremos todo lo que necesitas saber para empezar a usar fd y ripgrep hoy mismo:Introducción al Problema: Exploraremos las razones por las que find y grep pueden ralentizar tu trabajo y por qué es crucial adoptar alternativas modernas.Presentación de fd: Descubriremos cómo esta joya escrita en Rust simplifica la búsqueda de archivos. Hablaremos de su sintaxis intuitiva, su capacidad para ignorar archivos ocultos y directorios .git automáticamente, y cómo su salida coloreada hace que encontrar lo que buscas sea un placer visual.Presentación de ripgrep (rg): Sumérgete en el mundo de la búsqueda de texto ultrarrápida. Conocerás por qué ripgrep es tan eficiente, su soporte para expresiones regulares (PCRE2), el inteligente Smart Case que te ahorra pulsaciones y cómo su salida te da contexto inmediato.Instalación Sencilla: Te proporcionaremos los comandos exactos para instalar fd y ripgrep en las distribuciones más populares, como Ubuntu (y derivados de Debian) y Arch Linux (incluido Manjaro). ¡Estarás operativo en minutos!Cinco Usos Básicos (Comparativa find/grep vs fd/ripgrep):Buscar un archivo por nombre.Localizar archivos ocultos.Buscar una cadena de texto recursivamente.Realizar búsquedas ignorando mayúsculas/minúsculas.Filtrar por tipo de archivo.Cinco Trucos Imprescindibles (Llevando tu productividad al siguiente nivel):El "Santo Grial"Encuentra y ejecutaBúsqueda inversa de textoFiltrado por tipo de archivo en ripgrepBúsquedas exactas con fdMás información y enlaces en las notas del episodio
Nesrine Changuel helped build Spotify, Google Chrome, and Google Meet. Her work has helped her discover the importance of emotional connection in building successful products. At Google, she served as a dedicated “delight PM,” a role specifically focused on making products more delightful. She recently published Product Delight, a book that provides a practical framework for creating products that serve both functional and emotional needs. Based in Paris, she now coaches founders and CPOs on implementing delight strategies in their organizations.What you'll learn:1. Why delight is a business strategy, not just “sprinkling confetti” on top of functionality2. How to identify emotional motivators that drive product retention3. The 50-40-10 rule for balancing delight in your roadmap4. The 4-step delight model5. The origin story of Spotify's Discover Weekly6. Why B2B products need delight just as much as B2C products7. How to get buy-in from skeptical leaders who think delight is a luxury—Brought to you by:DX—The developer intelligence platform designed by leading researchers: https://getdx.com/lennyJira Product Discovery—Confidence to build the right thing: https://atlassian.com/lennyLucidLink—Real-time cloud storage for teams: https://www.lucidlink.com/lenny—Transcript: https://www.lennysnewsletter.com/p/a-4-step-framework-for-building-delightful-products—My biggest takeaways (for paid newsletter subscribers): https://www.lennysnewsletter.com/i/174199489/my-biggest-takeaways-from-this-conversation—Where to find Nesrine Changuel:• LinkedIn: https://www.linkedin.com/in/nesrinechanguel/• Newsletter: https://nesrinechanguel.substack.com/• Website: https://nesrine-changuel.com/—Where to find Lenny:• Newsletter: https://www.lennysnewsletter.com• X: https://twitter.com/lennysan• LinkedIn: https://www.linkedin.com/in/lennyrachitsky/—In this episode, we cover:(00:00) Introduction to Nesrine and product delight(04:56) Why delight matters(09:17) What makes a feature “delightful”(12:29) The three pillars of delight(13:03) Pillar 1: Removing friction (Uber refund example)(15:07) Pillar 2: Anticipating needs (Revolut eSIM example)(17:21) Pillar 3: Exceeding expectations (Edge coupon example)(18:35) The “confetti effect” and when it actually works(22:02) B2B vs. B2C: Why all products need emotional connection(29:52) The Delight Model: A 4-step framework(30:57) Step 1: Identifying user motivators (functional and emotional)(33:55) Step 2: Converting motivators into product opportunities(34:46) Step 3: Identifying solutions with the delight grid(36:46) Step 4: Validating ideas with the delight checklist(40:22) The Delight Model summarized(42:18) The importance of familiarity (Spotify Discover Weekly story)(45:21) Real examples: Chrome's tab management solution(51:32) Google Meet's solution for “Zoom fatigue”(55:02) Getting buy-in from skeptical leaders(59:39) Prioritizing delight: The 50-40-10 rule(1:02:41) Creating a culture of delight in your organization(1:06:45) The habituation effect(1:08:15) When delight goes wrong: Apple reactions example(1:10:21) How delight motivates product teams(1:12:24) Lightning round and final thoughts—Referenced:• Spotify: https://open.spotify.com/• Linear: https://linear.app/• How Linear builds product: https://www.lennysnewsletter.com/p/how-linear-builds-product• Jira: https://www.atlassian.com/software/jira• Asana: https://asana.com/• Monday: https://monday.com/• The Product Delight Model: https://nesrinechanguel.substack.com/p/the-product-delight-model• Revolut: https://www.revolut.com/• How Revolut trains world-class product managers: The “local CEO” model, raw intellect over experience, and a cultural obsession with building wow products | Dmitry Zlokazov (Head of Product): https://www.lennysnewsletter.com/p/how-revolut-trains-world-class-product-managers• Microsoft Cashback: https://www.microsoft.com/en-us/edge/features/shopping-cashback• Superhuman's secret to success: Ignoring most customer feedback, manually onboarding every new user, obsessing over every detail, and positioning around a single attribute: speed | Rahul Vohra (CEO): https://www.lennysnewsletter.com/p/superhumans-secret-to-success-rahul-vohra• Brian Chesky's secret mentor who died 9 times, started the Burning Man board, and built the world's first midlife wisdom school | Chip Conley (founder of MEA): https://www.lennysnewsletter.com/p/chip-conley• Workday: https://www.workday.com/• SAP: https://www.sap.com/• ServiceNow: https://www.servicenow.com/• Salesforce: https://www.salesforce.com/• GitHub: https://github.com/• Atlassian: https://www.atlassian.com/• Snowflake: https://www.snowflake.com/• Data Superheroes: https://www.snowflake.com/en/data-superheroes/• Google Meet: https://meet.google.com/• Andy Nesling on LinkedIn: https://www.linkedin.com/in/andynesling/• Matic: https://maticrobots.com/• Diego Sanchez's (Senior Product Manager at Buffer) post on LinkedIn: https://www.linkedin.com/feed/update/urn:li:activity:7365014292091346945/• Miro: https://miro.com/• Arc browser: https://arc.net/• Competing with giants: An inside look at how The Browser Company builds product | Josh Miller (CEO): https://www.lennysnewsletter.com/p/competing-with-giants-an-inside-look• Migros Supermarket: https://www.migros.ch/• The rise of Cursor: The $300M ARR AI tool that engineers can't stop using | Michael Truell (co-founder and CEO): https://www.lennysnewsletter.com/p/the-rise-of-cursor-michael-truell• Building Lovable: $10M ARR in 60 days with 15 people | Anton Osika (CEO and co-founder): https://www.lennysnewsletter.com/p/building-lovable-anton-osika• Linear's secret to building beloved B2B products | Nan Yu (Head of Product): https://www.lennysnewsletter.com/p/linears-secret-to-building-beloved-b2b-products-nan-yu• Suno: https://suno.com• Snapchat: https://www.snapchat.com/• Use Reactions, Presenter Overlay, and other effects when videoconferencing on Mac: https://support.apple.com/en-us/105117• Dr. Lipp: https://drlipp.com/• How to be the best coach to product people | Petra Wille (Strong Product People): https://www.lennysnewsletter.com/p/how-to-be-the-best-coach-to-product• The Great American Baking Show: https://www.imdb.com/title/tt21822674/• Le Meilleur Pâtissier: https://en.wikipedia.org/wiki/Le_Meilleur_P%C3%A2tissier• The Upside on Amazon Prime: https://www.amazon.com/gp/video/detail/amzn1.dv.gti.3cb8500f-31af-9f4f-5dec-701e086d58e8• The Intouchables: https://www.imdb.com/title/tt1675434/• Yoyo stroller: https://www.stokke.com/USA/en-us/category/strollers/yoyo-strollers• UppaBaby strollers: https://uppababy.com/strollers/—Recommended books:• Product Delight: How to Make Your Product Stand Out with Emotional Connection: https://www.amazon.com/Product-Delight-Stand-Emotional-Connection-ebook/dp/B0FGZ93D9Y/• Factfulness: Ten Reasons We're Wrong About the World—and Why Things Are Better Than You Think: https://www.amazon.com/Factfulness-Reasons-World-Things-Better/dp/1250107814• STRONG Product Communities: The Essential Guide to Product Communities of Practice: https://www.amazon.com/STRONG-Product-Communities-Essential-Practice/dp/3982235189/r—Production and marketing by https://penname.co/. For inquiries about sponsoring the podcast, email podcast@lennyrachitsky.com.Lenny may be an investor in the companies discussed. To hear more, visit www.lennysnewsletter.com
This week we talk to Nathan Flurry, co-founder of Rivet, a platform for building stateful serverless applications. Rivet started as a platform for building multiplayer games, but has since evolved to be a general purpose computing platform. They're actors are a first class primitive that makes it easy to build stateful serverless applications.Rivet GitHub: https://github.com/rivet-gg/rivetRivetKit: https://github.com/rivet-gg/rivetkitDocumentation: https://rivet.gg/docsNathan's Twitter/X: https://x.com/NathanFlurryNathan's GitHub: https://github.com/NathanFlurryY Combinator Profile: https://ycombinator.com/companies/rivet
We expose controversial Bitcoin developer Luke Dash Jr, his extreme religious and political views, geocentric beliefs, and how his Bitcoin Knots client reflects his authoritarian ideology while claiming to save Bitcoin. Today we dive deep into the controversial world of Luke Dash Jr, the Bitcoin developer behind Bitcoin Knots who believes the sun orbits the Earth, supports monarchy over democracy, follows an obscure Catholic sect with only 30,000 followers worldwide, and thinks using Bitcoin in ways he disapproves of should be criminal. We expose his authoritarian development practices and why Bitcoiners should know exactly who they're endorsing. Subscribe to the newsletter! https://newsletter.blockspacemedia.com Notes: • Luke's sect has only 30,000 followers vs 1.4B Catholics • Luke was sole BIP editor for a while • Bitcoin Knots filters some lighting & coinjoins • Luke believes violating laws equals immoral behavior • “GitHub doesn't work with Knots” claims disputed Timestamps: 00:00 Start 00:32 Geocentrism is back baby! 06:26 Why Luke is a Bitcoin legend 09:12 UASF 13:52 Knots 16:52 ONE maintainer to rule them ALL 23:06 Luke merge unreviewed code, sounds safe.. 24:34 BIPs repo 28:30 Knots has more maintainers? ahh, what? 35:12 Obscure religious sect -
BONUS: Nesrine Changuel shares how to create product delight through emotional connection! In this BONUS episode we explore the book by Nesrine Changuel: 'Product Delight - How to make your product stand out with emotional connection.' In this conversation, we explore Nesrine's journey from research to product management, share lessons from her experiences at Google, Spotify, and Microsoft, and unpack the key strategies for building emotionally resonant products that connect with users beyond mere functionality. The Genesis of Product Delight "I quickly realized that there is something that is quite intense while building Skype... it's not just that communication tool, but it was iconic, with its blue, with ringtones, with emojis. So it was clear that it's not just for making calls, but also to make you feel connected, relaxed, and part of it." Nesrine's journey into product delight began during her transition from research to product management at Skype. Working on products at major companies like Skype, Spotify, and Google Meet, she discovered that successful products don't just function well—they create emotional connections. Her role as "Delight PM" at Google Meet during the pandemic crystallized her understanding that products must address both functional and emotional user needs to truly stand out in the market. Understanding Customer Delight in Practice "The delight is about creating two dimensions and combining these two dimensions altogether, it's about creating products that function well, but also that help with the emotional connection." Customer delight manifests when products exceed expectations and anticipate user needs. Nesrine explains that delight combines surprise and joy—creating positive surprises that go beyond basic functionality. She illustrates this with Microsoft Edge's coupon feature, which proactively suggests discounts during online shopping without users requesting it. This anticipation of needs creates memorable peak moments that strengthen emotional connections with products. Segmenting Users by Motivators "We can discover that users are using your product for different reasons. I mean, we tend to think that users are using the product for the same reason." Traditional user segmentation focuses on demographics (who users are) or behavior (what they do). Nesrine advocates for motivational segmentation—understanding why users engage with products. Using Spotify as an example, she demonstrates how users might seek music for specific songs, inspiration, nostalgia, or emotional regulation. This approach reveals both functional motivators (practical needs) and emotional motivators (feelings users want to experience), enabling teams to build features aligned with user desires rather than assumptions. In this segment, we refer to Spotify Wrapped. The Distinction from Jobs To Be Done "There's no contrast. I mean to be honest, it's quite aligned, and I'm a big fan of the job to be done framework." While aligned with Clayton Christensen's Jobs To Be Done framework, Nesrine's approach extends beyond identifying triggers to practical implementation. She acknowledges that Jobs To Be Done provides the foundational theory, distinguishing between personal emotional motivators (how users want to feel) and social emotional motivators (how they want others to perceive them). However, many teams struggle to translate these insights into actual product features—a gap her Product Delight framework addresses through actionable methodologies. Navigating the Line Between Delight and Addiction "Building for delight is about creating products that are aligned with users' values. It's about aligning with what people really want themselves to feel. They want to feel themselves, to feel a better version of themselves." The critical distinction between delight and addiction lies in value alignment. Delightful products help users become better versions of themselves and align with their personal values. Nesrine contrasts this with addictive design that creates dependencies contrary to user wellbeing. Using Spotify Wrapped as an example, she explains how reflecting positive achievements (skills learned, personal growth) creates healthy engagement, while raw usage data (hours spent) might trigger negative self-reflection and potential addictive patterns. Getting Started with Product Delight "If you only focus on the functional motivators, you will create products that function, but they will not create that emotional connection. If you take into consideration the emotional motivators in addition to the functional motivators, you create perfect products that connect with users emotionally." Teams beginning their delight journey should start by identifying both functional and emotional user motivators through direct user conversations. The first step involves listing what users want to accomplish (functional) alongside how they want to feel (emotional). This dual understanding enables feature development that serves practical needs while creating positive emotional experiences, leading to products that users remember and recommend. Product Delight and Human-Centered Design "Making products feel as if it was done by a human being... how can you make your product feel as close as possible to a human version of the product." Nesrine positions product delight within the broader human-centered design movement, but focuses specifically on humanization at the product feature level rather than just visual design. She shares examples from Google Meet, where the team compared remote meetings to in-person experiences, and Dyson, which benchmarks vacuum cleaners against human cleaning services. This approach identifies missing human elements and guides feature development toward more natural, intuitive interactions. In this segment we refer to the books Emotional Design by Don Norman, and Design for Emotion by Aarron Walter.. AI's Role in Future Product Delight "AI is a tool, and as every tool we're using, it can be used in a good way, or could be used in a bad way. And it is extremely possible to use AI in a very good way to make your product feel more human and more empathetic and more emotionally engaging." AI presents opportunities to enhance emotional connections through empathetic interactions and personalized experiences. Nesrine cites ChatGPT's conversational style—including apologies and collaborative language—as creating companionship feelings during work. The key lies in using AI to identify and honor emotional motivators rather than exploit them, focusing on making users feel supported and understood rather than manipulated or dependent. Developer Experience as Product Delight "If the user of your products are human beings... whether business consumer engineers, they deserve their emotions to be honored, so I usually don't distinguish between B2B or B2C... I say like B2H, which is business to human." Developer experience exemplifies product delight in B2B contexts. Companies like GitHub have created metrics specifically measuring developer delight, recognizing that technical users also have emotional needs. Tools like Jira, Miro, and GitHub succeed by making users feel more competent and productive. Nesrine advocates for "B2H" (business to human) thinking, emphasizing that any product used by humans should consider emotional impact alongside functional requirements. About Nesrine Changuel Nesrine is a product coach, trainer, and author with experience at Google, Spotify, and Microsoft. Holding a PhD from Bell Labs and UCLA, she blends research and practice to guide teams in building emotionally resonant products. Based in Paris, she teaches and speaks globally on human-centered design. You can connect with Nesrine Changuel on LinkedIn.
Riker's Curse, River City, EDR-Freeze, MCP, WordPress, GitHub, Josh Marpet, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-515
Riker's Curse, River City, EDR-Freeze, MCP, WordPress, GitHub, Josh Marpet, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-515
Riker's Curse, River City, EDR-Freeze, MCP, WordPress, GitHub, Josh Marpet, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-515
Chad and Sami share some learning moments with one another as they discuss the recent projects they've been working on at thoughtbot. The pair question how much time and effort we should be investing into a problem with AI vs the outcome we receive, their work and experimentation with MCP servers, Sami shares his big bid on AI to save some time, while Chad tells the tragic tale of why he stopped playing Diablo IV. — Don't forget we have a YouTube channel (https://www.youtube.com/@thoughtbot) where you can watch all the streams mentioned in this episode along with video versions of the show. You can find Chad all over social media as @cpytel and Sami through his website (https://samibirnbaum.com). You can also connect with the duo via their LinkedIn pages - Chad (https://www.linkedin.com/in/cpytel/) - Sami (https://www.linkedin.com/in/samibirnbaum/). If you would like to support the show, head over to our GitHub page (https://github.com/sponsors/thoughtbot), or check out our website (https://podcast.thoughtbot.com). Got a question or comment about the show? Why not write to our hosts: hosts@giantrobots.fm This has been a thoughtbot (https://thoughtbot.com/) podcast. Stay up to date by following us on social media - LinkedIn (https://www.linkedin.com/company/150727/) - Mastodon (https://thoughtbot.social/@thoughtbot) - YouTube (https://www.youtube.com/thoughtbotvideo) - Bluesky (https://bsky.app/profile/thoughtbot.com) © 2025 thoughtbot, inc.
Is the web breaking under the weight of AI crawlers, platform consolidation, and nonstop security breaches? We dive into the state of browsers, developer burnout, and whether tech regulation can actually keep up. In this panel discussion: We debate if robots.txt and AI licensing standards like RSL can realistically control how AI scrapes the web. The fallout from DIA's acquisition by Atlassian and what it means for indie browser innovation (like the Helium browser, Zen) in a Chromium-dominated world. Why Google's antitrust victory might embolden other tech giants, and what that means for competition. How supply chain attacks like the NPM malware and Shai Hulud worm are exploiting GitHub workflows and package vulnerabilities. The pushback against AI mandates at work, including Coinbase's controversial policy requiring developers to use Copilot. Resources Inside the battle for the future of the web: https://www.businessinsider.com/google-microsoft-openai-fight-standards-limit-ai-access-websites-2025-9 The web has a new system for making AI companies pay up: https://www.theverge.com/news/775072/rsl-standard-licensing-ai-publishing-reddit-yahoo-medium The Browser Company, maker of Arc and Dia, is being acquired: https://www.theverge.com/web/770947/browser-company-arc-dia-acquired-atlassian Google stock jumps 8% after search giant avoids worst-case penalties in antitrust case: https://www.cnbc.com/2025/09/02/google-antitrust-search-ruling.html Massive data breach sees 16 million PayPal accounts leaked online - here's what we know, and how to stay safe:https://www.techradar.com/pro/massive-data-breach-sees-16-million-paypal-accounts-leaked-online-heres-what-we-know-and-how-to-stay-safe PayPal's Glitch Puts €10 Billion on Ice Across European Banks: https://fintechnews.ch/payments/paypal-glitch-freezes-european-banks-10-billion-transactions/77974/ npm Author Qix Compromised via Phishing Email in Major Supply Chain Attack: https://socket.dev/blog/npm-author-qix-compromised-in-major-supply-chain-attack Compromised files replace npm packages with a combined 2 billion weekly downloads: https://www.techradar.com/pro/security/compromised-files-replace-npm-packages-with-a-combined-2-billion-weekly-downloads Shai-Hulud: Ongoing Package Supply Chain Worm Delivering Data-Stealing Malware: https://www.wiz.io/blog/shai-hulud-npm-supply-chain-attack Coinbase CEO explains why he fired engineers who didn't try AI immediately: https://techcrunch.com/2025/08/22/coinbase-ceo-explains-why-he-fired-engineers-who-didnt-try-ai-immediately/ Chapters We want to hear from you! How did you find us? Did you see us on Twitter? In a newsletter? Or maybe we were recommended by a friend? Fill out our listener survey (https://t.co/oKVAEXipxu)! Let us know by sending an email to our producer, Em, at emily.kochanek@logrocket.com (mailto:emily.kochanek@logrocket.com), or tweet at us at PodRocketPod (https://twitter.com/PodRocketpod). Follow us. Get free stickers. Follow us on Apple Podcasts, fill out this form (https://podrocket.logrocket.com/get-podrocket-stickers), and we'll send you free PodRocket stickers! What does LogRocket do? LogRocket provides AI-first session replay and analytics that surfaces the UX and technical issues impacting user experiences. Start understanding where your users are struggling by trying it for free at LogRocket.com. Try LogRocket for free today. (https://logrocket.com/signup/?pdr)
Joanna May returns to the clubhouse as a guest host! Your four nice hosts chat Tetris, knitting, and CSS, but also have a pair of actual topics to discuss...Mark's game Blippo+ is out NOW! Go buy it on Switch and Steam!0:13:36Role-playingComplete History Of The Soviet Union, Arranged To The Melody Of TetrisPig with the Face of a BoyYouTubeTetris (film) - Historical accuracyWikipedia0:35:27To Rebuild or Not to RebuildJoanna previously joined us as a guest to discussSerializationGodot 4.5 release notes - SDL3 gamepad inputGodotNoble EngineNoble RobotGitHubThe Slow Way Is the Fast WayMark SamplesJoanna and Mark debated a concept called "Utility-first CSS"A Year of Utility Classes (Pro)Michelle BarkerCSS { In Real Life }What is Utility-First CSS? (Anti)Heydon PickeringHeydonWorks
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Distracting the Analyst for Fun and Profit Our undergraduate intern, Tyler House analyzed what may have been a small DoS attack that was likely more meant to distract than to actually cause a denial of service https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Distracting%20the%20Analyst%20for%20Fun%20and%20Profit/32308 GitHub s plan for a more secure npm supply chain GitHub outlined its plan to harden the supply chain, in particular in light of the recent attack against npm packages https://github.blog/security/supply-chain-security/our-plan-for-a-more-secure-npm-supply-chain/ SolarWinds Web Help Desk AjaxProxy Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2025-26399) SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability is a patch bypass of CVE-2024-28988, which in turn is a patch bypass of CVE-2024-28986. https://www.solarwinds.com/trust-center/security-advisories/cve-2025-26399 Vulnerabilities in Supermicro BMC Firmware CVE-2025-7937 CVE-2025-6198 Supermicro fixed two vulnerabilities that could allow an attacker to compromise the BMC with rogue firmware. https://www.supermicro.com/en/support/security_BMC_IPMI_Sept_2025
On this week's show Patrick Gray and special guest Rob Joyce discuss the week's cybersecurity news, including: Secret Service raids a SIM farm in New York MI6 launches a dark web portal Are the 2023 Scattered Spider kids finally getting their comeuppance? Production halt continues for Jaguar Land Rover GitHub tightens its security after Shai-Hulud worm This week's episode is sponsored by Sublime Security. In this week's sponsor interview, Sublime founder and CEO Josh Kamdjou joins host Patrick Gray to chat about the pros and cons of using agentic AI in an email security platform. This episode is also available on YouTube Show notes U.S. Secret Service disrupts telecom network that threatened NYC during U.N. General Assembly MI6 launches darkweb portal to recruit foreign spies | The Record from Recorded Future News One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens | dirkjanm.io Github npm changes Flights across Europe delayed after cyberattack targets third-party vendor | Cybersecurity Dive Major European airports work to restore services after cyberattack on check-in systems | The Record from Recorded Future News When “Goodbye” isn't the end: Scattered LAPSUS$ Hunters hack on | DataBreaches.Net UK arrests 2 more alleged Scattered Spider hackers over London transit system breach | Cybersecurity Dive Alleged Scattered Spider member turns self in to Las Vegas police | The Record from Recorded Future News Las Vegas police arrest minor accused of high-profile 2023 casino attacks | CyberScoop DOJ: Scattered Spider took $115 million in ransoms, breached a US court system | The Record from Recorded Future News vx-underground on X: "Scattered Spider ransoms company for 964BTC - wtf_thats_alot.jpeg - Document says "Cost of BTC at time was $36M" - $36M / 964BTC = $37.5K - BTC value was $37.5K in November, 2023 - Google "Ransomware, November, 2023" - omfg.exe https://t.co/uv2EzbL5HT" | X JLR ‘cyber shockwave ripping through UK industry' as supplier share price plummets by 55% | The Record from Recorded Future News Jaguar Land Rover to extend production pause into October following cyberattack | Cybersecurity Dive New plan would give Congress another 18 months to revisit Section 702 surveillance powers | The Record from Recorded Future News AI-powered vulnerability detection will make things worse, not better, former US cyber official warns | Cybersecurity Dive
This week Noah and Steve dig into an npm attack that Red Hat has issued an alert for. We talk about small and portable laptops, and of course answer your questions. -- During The Show -- 00:52 Intro ZFS Win Meld (https://meldmerge.org/) Domain knowledge scaling 07:32 NPM Supply Chain Attack No compromised packages used in Red Hat software NPM and Node.js What the malicious code does Red Hat is on top of it Reaction to finding a compromise Red Hat Article (https://access.redhat.com/security/supply-chain-attacks-NPM-packages) Aikido Article 1 (https://www.aikido.dev/blog/popular-nx-packages-compromised-on-npm) Aikido Article 2 (https://www.aikido.dev/blog/npm-debug-and-chalk-packages-compromised) Aikido Article 3 (https://www.aikido.dev/blog/s1ngularity-nx-attackers-strike-again) 18:21 Registrar - Josh CloudFlare PorkBun (https://porkbun.com/) Great Nerds 21:47 Small Laptop - Ziggy HP ProBook Noah's GPD Pocket v1 Surface Pro 1 Dell Latitude 2 in 1 StarLabs Star Lite (https://us.starlabs.systems/pages/starlite) 34:56 Ham Radio - Brett Open Source Ham Radio Plan to sell a kit Have a prototype Reddit Post (https://www.reddit.com/r/HamRadio/s/TTodwCYuyG) Arkos Engineering (https://arkosengineering.com/) HT-15 GitHub (https://github.com/Arkos-Engineering/HT-15) 37:58 News Wire Systemd 258 - phoronix.com (https://www.phoronix.com/news/systemd-258) Rust 1.90 - rust-lang.org (https://blog.rust-lang.org/2025/09/18/Rust-1.90.0) Gnome 49 - gnome.org (https://release.gnome.org/49) Firefox 143 - firefox.com (https://www.firefox.com/en-US/firefox/143.0/releasenotes) Thunderbird 143 - thunderbird.net (https://www.thunderbird.net/en-US/thunderbird/143.0/releasenotes) Rayhunter - helpnetsecurity.com (https://www.helpnetsecurity.com/2025/09/17/rayhunter-eff-open-source-tool-detect-cellular-spying) TernFS - phoronix.com (https://www.phoronix.com/news/TernFS-File-System-Open-Source) BCacheFS DKMS - hackaday.com (https://hackaday.com/2025/09/19/bcachefs-is-now-a-dkms-module-after-exile-from-the-linux-kernel) Tails 7.0 - torproject.org (https://blog.torproject.org/new-release-tails-7_0) Porteux - github.com (https://github.com/porteux/porteux/releases/tag/v2.3) Oreon 10 - oreonproject.org (https://oreonproject.org/oreon-10) Azure Linux 3.0 - webpronews.com (https://www.webpronews.com/microsoft-releases-azure-linux-3-0-with-optional-6-12-lts-kernel) Tongyi-DeepResearch-30B-A3B - marktechpost.com (https://www.marktechpost.com/2025/09/18/alibaba-releases-tongyi-deepresearch-a-30b-parameter-open-source-agentic-llm-optimized-for-long-horizon-research) Qwen3-Omni - venturebeat.com (https://venturebeat.com/ai/chinas-alibaba-challenges-u-s-tech-giants-with-open-source-qwen3-omni-ai) AI Risks - scmp.com (https://www.scmp.com/tech/big-tech/article/3326214/deepseek-warns-jailbreak-risks-its-open-source-models) Hugging Face GitHub CoPilot Integration - infoq.com (https://www.infoq.com/news/2025/09/hugging-face-vscode) 40:06 OBS OBS 32.0 Pipewire video capture Lots of other features Pipewire is professional qpwgraph (https://github.com/rncbc/qpwgraph) 9 to 5 Linux (https://9to5linux.com/obs-studio-32-0-pipewire-video-capture-improvements-basic-plugin-manager) 44:53 Tails on Trixie Tails teaches you reproduce-ability Privacy tools Changes New min requirements Persistent Apps 9 to 5 Linux (https://9to5linux.com/tails-7-0-anonymous-linux-os-released-based-on-debian-13-trixie) -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/460) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed)
Cybersecurity Today: GitHub's NPM Lockdown, Deep Fake Threats, and Yellowknife's Cyber Incident In this episode of 'Cybersecurity Today', host Jim Love discusses GitHub's response to widespread supply chain attacks in the NPM ecosystem, the alarming rise of deep fake attacks as highlighted by Gartner, and the remarkable handling of a cyber incident by the city of Yellowknife. Tune in for the latest updates on cybersecurity threats, expert analysis, and the steps organizations are taking to combat these sophisticated attacks. Plus, discover Jim's sci-fi romance adventure audiobook 'Elisa: A Tale of Quantum Kisses' now available on major platforms. 00:00 Introduction and Sponsor Message 00:55 GitHub's Response to NPM Supply Chain Attacks 03:19 Gartner's Warning on Deep Fake and AI Attacks 06:03 Yellowknife's Cyber Incident and Response 08:20 Conclusion and Final Thoughts
Nvidia is set to invest $100 billion in OpenAI as it works toward a gigawatt of new infrastructure per week, and GitHub is rolling out new security controls for NPM.Starring Jason Howell and Tom Merritt.Show notes found here. Hosted on Acast. See acast.com/privacy for more information.
The Secret Service dismantles an illegal network. Jaguar Land Rover (JLR) extends the shutdown production plants. The EU probes tech giants over online scams. Iranian APT Nimbus Manticore expands operations in Europe. North Korean Kimsuky deploys a shortcut-based espionage campaign. Github and Ruby Central roll out supply-chain security upgrades. Lastpass warns of macOS ClickFix campaign using fake GitHub repos. AT&T's CISO warns hackers mimic Salt Typhoon's unconventional tactics. CISO Perspectives host Kim Jones previews the upcoming season. An attorney pays $10K for AI hallucinations. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest CISO Perspectives host Kim Jones previews the upcoming season, sharing what's ahead for listeners. From leadership challenges to the evolving role of the CISO, Kim highlights the conversations and insights you can expect this season.You can check out the season opener here. Selected Reading Cache of Devices Capable of Crashing Cell Network Is Found Near U.N. (The New York Times) Secret Service Disrupts Threat Network Near UN General Assembly (YouTube) JLR extends shutdown – again – as toll on workers laid bare (The Register) The EU is scrutinizing how Apple, Google, and Microsoft tackle online scams (The Verge) Nimbus Manticore Deploys New Malware Targeting Europe (Check Point Research) Kimsuky attack disguised as sex offender notice information (Logpresso) GitHub tightens npm security with mandatory 2FA, access tokens (Bleeping Computer) NPM package caught using QR Code to fetch cookie-stealing malware (Bleeping Computer) LastPass: Fake password managers infect Mac users with malware (Bleeping Computer) Telecom exec: Salt Typhoon inspiring other hackers to use unconventional techniques (CyberScoop) Attorney Slapped With Hefty Fine for Citing 21 Fake, AI-Generated Cases (PCMag) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
CISA Reports Ivanti EPMM Exploit Sightings Two different organizations submitted backdoors to CISA, which are believed to have been installed using Ivanti vulnerabilities patched in May. https://www.cisa.gov/news-events/analysis-reports/ar25-261a Lastpass Observes Impersonation on GitHub Lastpass noted a number of companies being impersonated via fake GitHub repositories in order to trick victims to download Mac malware. https://blog.lastpass.com/posts/attack-targeting-macs-via-github-pages Oracle Scheduler Ransomware Ransomware has been discovered that gained access to systems via an exposed Oracle Database Scheduler service. https://labs.yarix.com/2025/09/elons-proxima-black-shadow-related-ransomware-attack-via-oracle-dbs-external-jobs/
Talk Python To Me - Python conversations for passionate developers
A couple years ago, Charlie Marsh lit a fire under Python tooling with Ruff and then uv. Today he's back with something on the other side of that coin: pyx. Pyx isn't a PyPI replacement. Think server, not just index. It mirrors PyPI, plays fine with pip or uv, and aims to make installs fast and predictable by letting a smart client talk to a smart server. When the client and server understand each other, you get new fast paths, fewer edge cases, and the kind of reliability teams beg for. If Python packaging has felt like friction, this conversation is traction. Let's get into it. Episode sponsors Six Feet Up Talk Python Courses Links from the show Charlie Marsh on Twitter: @charliermarsh Charlie Marsh on Mastodon: @charliermarsh Astral Homepage: astral.sh Pyx Project: astral.sh Introducing Pyx Blog Post: astral.sh uv Package on GitHub: github.com UV Star History Chart: star-history.com Watch this episode on YouTube: youtube.com Episode #520 deep-dive: talkpython.fm/520 Episode transcripts: talkpython.fm Developer Rap Theme Song: Served in a Flask: talkpython.fm/flasksong --- Stay in touch with us --- Subscribe to Talk Python on YouTube: youtube.com Talk Python on Bluesky: @talkpython.fm at bsky.app Talk Python on Mastodon: talkpython Michael on Bluesky: @mkennedy.codes at bsky.app Michael on Mastodon: mkennedy
Sally and Aji discuss their experiences with invisible mentorship when it comes to code review. Together they question when is the right time to have conversations with your team in a bid to chase improvement, the importance of understanding your co-workers perspectives, as well as the best ways to initiate a mentoring moment. — Check out some of the things mentioned in this episode - The Coding Train (https://thecodingtrain.com) - Sarah Mel's Livable Code (https://www.youtube.com/watch?v=lI77oMKr5EY&pp=ygUTc2FyYWggbWVpIHJhaWxzY29uZg==) Thanks to our sponsors for this episode Judoscale - Autoscale the Right Way (https://judoscale.com/bikeshed) (check the link for your free gift!), and Scout Monitoring (https://www.scoutapm.com/). Your hosts for this episode have been thoughtbot's own Sally Hall (https://www.linkedin.com/in/sallyannahall) and Aji Slater (https://www.linkedin.com/in/doodlingdev/) If you would like to support the show, head over to our GitHub page (https://github.com/sponsors/thoughtbot), or check out our website (https://bikeshed.thoughtbot.com). Got a question or comment about the show? Why not write to our hosts: hosts@bikeshed.fm This has been a thoughtbot (https://thoughtbot.com/) podcast. Stay up to date by following us on social media - YouTube (https://www.youtube.com/@thoughtbot/streams) - LinkedIn (https://www.linkedin.com/company/150727/) - Mastodon (https://thoughtbot.social/@thoughtbot) - BlueSky (https://bsky.app/profile/thoughtbot.com) © 2025 thoughtbot, inc.
In this episode, Daniel and Chris are joined by Chris Aquino, software engineer at Thunderbird to hear the story of how they developed a privacy-preserving AI executive assistant. They discuss various design decisions including remote (but confidential) inference, local encryption, and model selection. Chris A. does an amazing job describing the journey from "let the big LLM do everything" to splitting apart the workflow to be handled by multiple models. Featuring:Chris Aquino – LinkedInChris Benson – Website, LinkedIn, Bluesky, GitHub, XDaniel Whitenack – Website, GitHub, XLinks: ThunderbirdThunderbird ProSponsors:Shopify – The commerce platform trusted by millions. From idea to checkout, Shopify gives you everything you need to launch and scale your business—no matter your level of experience. Build beautiful storefronts, market with built-in AI tools, and tap into the platform powering 10% of all U.S. eCommerce.Start your one-dollar trial at shopify.com/practicalaiUpcoming Events: Join us at the Midwest AI Summit on November 13 in Indianapolis to hear world-class speakers share how they've scaled AI solutions. Don't miss the AI Engineering Lounge, where you can sit down with experts for hands-on guidance. Reserve your spot today!Register for upcoming webinars here!
We give our hands on impression of the latest iOS 26 and macOS 26 and how it has impacted our recent development of software. We also re diving through the listener bag of questions and answering as many as we can on a plethora of topics. Follow Us Frank: Twitter, Blog, GitHub James: Twitter, Blog, GitHub Merge Conflict: Twitter, Facebook, Website, Chat on Discord Music : Amethyst Seer - Citrine by Adventureface ⭐⭐ Review Us (https://itunes.apple.com/us/podcast/merge-conflict/id1133064277?mt=2&ls=1) ⭐⭐ Machine transcription available on http://mergeconflict.fm
➡ Stay Ahead of Cyber Threats with AI-Driven Vulnerability Management with Maze:https://mazehq.com/ In this conversation, I speak with Harry about how AI is transforming vulnerability management and application security. We explore how modern approaches can move beyond endless reports and generic fixes, toward real context-aware workflows that actually empower developers and security teams. We talk about: The Real Problem in Vulnerability ManagementWhy remediation—not just prioritization—remains the toughest challenge, and how AI can help bridge the gap between vulnerabilities and the developers who need to fix them. Context, Ownership, and VelocityHow linking vulnerabilities to the right applications and teams inside their daily tools (like GitHub) reduces friction, speeds up patching, and improves security without slowing developers down. AI Agents and the Future of SecurityWhy we should think of AI agents as “extra eyes and hands,” and how they’re reshaping everything from threat detection to system design, phishing campaigns, and organizational defense models. Attackers Move FirstHow attackers are already building unified world models of their targets using AI, and why defenders need to match (or exceed) this intelligence to stay ahead. From Days to MinutesWhy the tolerance for vulnerability windows is shrinking fast, and how automation and AI are pushing us toward a future where hours—or even minutes—make the difference. Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler Chapters: 00:00 – Welcome and Harry’s Background01:07 – The Real Problem: Remediation vs. Prioritization04:31 – Breaking Down Vulnerability Context and Threat Intel05:46 – Connecting Vulnerabilities to Developers and Workflows08:01 – Why Traditional Vulnerability Management Fails10:29 – Startup Lessons and The State of AI Agents13:26 – DARPA’s AI Cybersecurity Competition14:29 – System Design: Deterministic Code vs. AI16:05 – How the Product Works and Data Sources18:01 – AI as “Extra Eyes and Hands” in Security20:20 – Breaking Barriers: Rethinking Scale with AI23:22 – Building World Models for Defense (and Attack)25:22 – Attackers Move Faster: Why Context Matters27:04 – Phishing at Scale with AI Agents31:24 – Shrinking Windows of Vulnerability: From Days to Minutes32:47 – What’s Next for Harry’s Work34:13 – Closing ThoughtsBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.