Podcasts about JavaScript

Go With The Flow: Automating Amazon Data Scraping with Bookmarklets and Chrome Extensions Episode Overview In this episode, Danny and Ritu delve into creative methods for automating data scraping from Amazon pages using bookmarklets and Chrome extensions. They explore different approaches to gather valuable insights while emphasizing the importance of viewing challenges from multiple perspectives. This episode explores automation and data scraping techniques, creative approaches to workflow optimization with practical insights for immediate implementation. Key Takeaways Automation of Amazon data extraction can be achieved through bookmarklets and Chrome extensions, enhancing workflow efficiency. Understanding the structure of Amazon product pages and applying creative coding techniques can result in more efficient data scraping. Chapter Markers Time Chapter Description 00:01 Introduction Danny welcomes listeners and introduces the theme of the episode, highlighting a shared experience in automation. 01:40 Understanding Amazon's Taxonomy Database Danny discusses the complexities of Amazon's taxonomy database and how content in listings impacts product types. 05:00 Automation in Data Collection Ritu and Danny explain different ways to automate mundane tasks of scraping data from Amazon product pages. 09:11 Scraping Mechanics Explained Ritu breaks down the mechanics of how scraping works, particularly focusing on the Document Object Model (DOM). 18:20 Introduction to Bookmarklets Ritu explains bookmarklets and their function as JavaScript executing buttons on browser pages. 25:21 Creating a Chrome Extension Ritu discusses the creation of a Chrome plugin to automate checking the arrival date of multiple products on Amazon. 30:05 Advanced Scraping Techniques Danny discusses the depth of information available on Amazon product pages and the importance of efficient data extraction. 49:01 Developing a Storyboard Generator Danny reveals the development of a storyboard generator that aids in creating compelling visual content. 57:12 Conclusion and Future Directions Danny and Ritu summarize the episode's insights and encourage listeners to experiment with their scraping techniques. Notable Quotes "If you can be as creative as possible and then you've got people around you that put guard rails in place, you'll be surprised at the level of skill set needed." Resources Mentioned

Hey everyone—it's Steve Edwards here, and in this episode of JavaScript Jabber, I'm joined by returning guest Feross Aboukhadijeh, founder of Socket.dev, for a deep dive into the dark and fascinating world of open source supply chain security. From phishing campaigns targeting top NPM maintainers to the now-infamous Chalk library compromise, we unpack the latest wave of JavaScript package attacks and what developers can learn from them.Feross explains how some hackers are even using AI tools like Claude and Gemini as part of their payloads—and how defenders like Socket are fighting back with AI-powered analysis of their own. We also dive into GitHub Actions vulnerabilities, the role of two-factor authentication, and the growing need for “phishing-resistant 2FA.” Whether you're an open source maintainer or just someone who runs npm install a little too often, this episode will open your eyes to how much happens behind the scenes to keep your code safe.

Most AI agent frameworks are backend-focused and written in Python, which introduces complexity when building full-stack AI applications with JavaScript or TypeScript frontends. This gap makes it harder for frontend developers to prototype, integrate, and iterate on AI-powered features. Mastra is an open-source TypeScript framework focused on building AI agents and has primitives such as The post Building AI Agents on the Frontend with Sam Bhagwat and Abhi Aiyer appeared first on Software Engineering Daily.

Celebrate the 100th episode of Search Off the Record with Martin, Lizzi, Cherry, John and Gary as they revisit memorable moments, touching on a bunch of topics. This special episode touches on Google's mobile-first indexing, the intricacies of the Caffeine indexing system, and a deep dive into JavaScript scoping – and hoisting. You'll hear again about optimizing documentation traffic and the delightful world of Google Doodles. Discover key insights that impact your SEO strategies and web development practices. Resources: Episode transcript → https://goo.gle/sotr100-transcript Chapters: 0:00 - Welcome and 100th Episode Intro 2:21 - Lizzi's favorite: SEO starter guide readings 3:01 - Gary on Mobile-First Indexing Importance 3:39 - Revamping the SEO starter guide 5:13 - Meta tags and Google's indexing system 9:11 - Cherry's use of podcasts for work 12:09 - Deep dive into caffeine indexing 13:59 - The mechanics of data conversion in caffeine 16:12 - John's favorite: The magic of Google Doodles 23:30 - JavaScript ccoping and hoisting 25:47 - Optimizing documentation traffic 29:29 - Conclusion: 100 Episodes of Search Off the Record Listen to more Search Off the Record → https://goo.gle/sotr-yt Subscribe to Google Search Channel → https://goo.gle/SearchCentral Search Off the Record is a podcast series that takes you behind the scenes of Google Search with the Search Relations team. #SOTRpodcast #SEO Speaker: Martin Splitt, John Mueller, Cherry Sireetorn Prommawin Products Mentioned: Search Console

Most AI agent frameworks are backend-focused and written in Python, which introduces complexity when building full-stack AI applications with JavaScript or TypeScript frontends. This gap makes it harder for frontend developers to prototype, integrate, and iterate on AI-powered features. Mastra is an open-source TypeScript framework focused on building AI agents and has primitives such as The post Building AI Agents on the Frontend with Sam Bhagwat and Abhi Aiyer appeared first on Software Engineering Daily.

Welcome back to The CSS Podcast! We're diving into a series of powerful scroll APIs that enable you to build custom, interactive carousels entirely with CSS, eliminating the need for JavaScript. These APIs, which also power customizable select elements, unlock even more innovative scroll-based experiences Resources: Carousels with CSS → https://goo.gle/46PES79 ::scroll-marker → https://goo.gle/4mEd3o8 CSS Carousel Gallery → https://goo.gle/46Odsyp Carousel Configurator → https://goo.gle/46KEir4  Una Kravets (co-host) Twitter | Instagram | YouTube Making the web more colorful ✨

Sandra und Daniel reden über Software-Qualität, ihren Newsletter, JavaScript und Brettspiele.

Robert and Chris hop on the show to talk about choices we've had to make around Babel. Probably the best way to use Babel is to just use the @babel/preset-env plugin so you get modern JavaScript features processed down to a level of browser support you find comfortable. But Babel supports all sorts of plugins, and in our Classic Editor, all you do is select "Babel" from a dropdown menu and that's it. You don't see the config nor can you change it, and that config we use does not use preset env. So we're in an interesting position with the 2.0 editor. We want to give new Pens, which do support editable configs, a good modern config, and we want all converted Classic Pens a config that doesn't break anything. There is some ultra-old cruft in that old config, and supporting all of it felt kinda silly. We could support a "legacy" Babel block that does support all of it, but so far, we've decided to just provide a config that handles the vast majority of old stuff, while using the same Babel block that everyone will get on day one. We're still in the midst of working on our conversion code an verifying the output of loads of Classic Pens, so we'll see how it goes! Time Jumps

Maintaining consistency across a sprawling codebase is one of the hardest challenges in software engineering. Denis Rechkunov, a Principal Software Engineer at Elastic, joins Robby to share how his team turned consistency into a cultural practice rather than a technical checklist. From managing open source projects with hundreds of contributors to experimenting safely with new patterns, Denis believes maintainability begins with shared ownership, not just clean code.He explains how Elastic introduced automation and linters to improve cohesion without discouraging creativity. Instead of enforcing perfection across the entire system, Denis' team scopes their changes to manageable areas and rewards steady progress over sweeping rewrites. Their annual “On Week” tradition gives engineers space to fix what frustrates them most, showing how small, focused bursts of work can produce big leaps in stability and morale.The conversation also explores the human side of maintainability. Denis recalls early lessons about unclear expectations, the importance of documenting decisions in public pull requests, and how open feedback loops build trust across remote teams. Whether it's stabilizing a flaky CI pipeline or mentoring new engineers, Denis argues that technical excellence thrives when consistency becomes a habit shared by everyone.Episode Highlights[00:01:02] Defining Well-Maintained SoftwareDenis identifies consistency, documentation, testability, and agility as the key ingredients of maintainable systems.[00:02:22] Balancing Standards and AutonomyHow automation and linters help preserve code cohesion while minimizing interpersonal friction.[00:04:08] Experimenting SafelyElastic scopes new patterns to low-risk modules before broader adoption, avoiding mass rewrites.[00:07:19] Incremental CleanupLinters only apply to changed files, helping the team fix issues gradually without overwhelming contributors.[00:08:02] Maintainability as a People ProblemDenis highlights that sustainable systems depend more on culture and mentorship than on architecture.[00:10:13] Lessons from MiscommunicationAn early experience showed the cost of undocumented conventions and unclear onboarding.[00:17:09] Making Space for Technical DebtElastic's engineers dedicate part of each sprint and an annual “On Week” to tackle maintenance work.[00:23:05] Restoring CI ReliabilityDenis shares how the team revived a pipeline with only a 10% success rate by categorizing failures and focusing on data.[00:32:00] Practicing Software ArchaeologyHe stresses the value of documenting discussions in pull requests to avoid historical guesswork later.[00:36:09] Feedback and TrustOpen communication, humility, and mutual feedback loops form the backbone of a maintainable culture.[00:51:00] Embracing Chaos in Open SourceDenis encourages teams to accept a degree of entropy and focus their efforts on user-facing stability.[01:00:00] Security and PrivacyWhy maintainability, trust, and privacy are inseparable pillars of long-term sustainability.[01:01:06] Where to StartInstead of rewriting code, start by cultivating maintainability as a shared value across the team.Resources MentionedElasticgolangci-lintAppSignalThe Caves of Steel by Isaac Asimov — Denis' recommendation inspired Robby to finally pick up a copy and start reading it himself.Denis's Blog – rdner.deDenis on GitHubDenis on MastodonDenis on LinkedInThanks to Our Sponsor!Turn hours of debugging into just minutes! AppSignal is a performance monitoring and error-tracking tool designed for Ruby, Elixir, Python, Node.js, Javascript, and other frameworks.It offers six powerful features with one simple interface, providing developers with real-time insights into the performance and health of web applications.Keep your coding cool and error-free, one line at a time! Use the code maintainable to get a 10% discount for your first year. Check them out! Subscribe to Maintainable on:Apple PodcastsSpotifyOr search "Maintainable" wherever you stream your podcasts.Keep up to date with the Maintainable Podcast by joining the newsletter.

In today's episode, host Jim Love discusses the discovery of the 'Glass Worm,' a self-spreading malware hidden in Visual Studio Code extensions downloaded over 35,000 times. The worm, hiding its malicious JavaScript in invisible unicode characters, steals developer credentials and drains crypto wallets. He also covers the security flaws in AI-powered IDEs like Cursor and Windsurf, leaving 1.8 million developers vulnerable. Lastly, a new survey from ISACA reveals that AI-driven attacks are now the top cybersecurity concern for 2026, overtaking ransomware and insider threats. Love advises how developers and security teams can mitigate these threats. 00:00 Introduction and Shoutout 01:10 Cybersecurity Headlines 01:46 Glass Worm Malware in Visual Studio Code 04:06 AI-Powered IDEs with Security Flaws 06:00 AI-Driven Cybersecurity Threats 07:50 Conclusion and Contact Information

This interview was recorded at GOTO Copenhagen 2024.https://gotocph.comEvan Czaplicki - Creator and developer of ElmKris Jenkins - Developer Advocate, Software Developer, Podcast Host, Conference Speaker & GeekRESOURCESEvanhttps://twitter.com/evanczhttps://github.com/evanczKrishttps://twitter.com/krisajenkinshttps://www.linkedin.com/in/krisjenkinshttps://github.com/krisajenkinshttp://blog.jenkster.comRead the full abstract here:https://gotocph.com/2024/sessions/3528RECOMMENDED BOOKSRichard Feldman • Elm in Action • https://amzn.to/387kujIJeremy Fairbank • Programming Elm • https://amzn.to/2WhZCE8Wolfgang Loder • Web Applications with Elm • https://amzn.to/3jblQ3qCristian Salcescu • Functional Programming in JavaScript • https://amzn.to/3y75jBSInspiring Tech Leaders - The Technology PodcastInterviews with Tech Leaders and insights on the latest emerging technology trends.Listen on: Apple Podcasts SpotifyBlueskyTwitterInstagramLinkedInFacebookCHANNEL MEMBERSHIP BONUSJoin this channel to get early access to videos & other perks:https://www.youtube.com/channel/UCs_tLP3AiwYKwdUHpltJPuA/joinLooking for a unique learning experience?Attend the next GOTO conference near you! Get your ticket: gotopia.techSUBSCRIBE TO OUR YOUTUBE CHANNEL - new videos posted daily!

 Zuzana didn't grow up coding at age 10, she came to development later in life, looking for flexible work she could do around raising three kids. A chance encounter with an online bootcamp that happened to use PHP (not JavaScript like most today) set her on a path she never expected. WordPress meetups and […] The post PHP Alive And Kicking 8 – Zuzana Kuchnova appeared first on PHP Architect.

Google DeepMind's Cell2Sentence-Scale 27B model has marked a significant milestone in biomedical research by predicting and validating a novel cancer immunotherapy. By analyzing over 4,000 compounds, the AI pinpointed silmitasertib as a “conditional amplifier” that boosts immune response in the presence of interferon. Lab tests verified a 50% increase in antigen presentation, enabling the immune system to detect previously undetectable tumors. This discovery, absent from prior scientific literature, highlights AI's ability to uncover hidden biological mechanisms.Microsoft is integrating its Copilot AI into Windows 11, transforming the operating system into an interactive digital assistant. With “Hey, Copilot” voice activation and a Vision feature that allows the AI to “see” the user's screen, Copilot can guide users through tasks in real time. The new Actions feature enables Copilot to perform operations like editing folders or managing background processes. This move reflects Microsoft's broader vision to embed AI seamlessly into everyday workflows, redefining the PC experience by making the operating system a proactive partner rather than a passive platform.Signal has achieved a cryptographic breakthrough by implementing quantum-resistant end-to-end encryption. Its new Triple Ratchet protocol incorporates the CRYSTALS-Kyber algorithm, blending classical and post-quantum security. Engineers overcame the challenge of large quantum-safe keys by fragmenting them into smaller, message-sized pieces, ensuring smooth performance. This upgrade is celebrated as the first user-friendly, large-scale post-quantum encryption deployment, setting a new standard for secure communication in an era where quantum computing could threaten traditional encryption.Using just $750 in consumer-grade hardware, researchers intercepted unencrypted data from 39 geostationary satellites, capturing sensitive information ranging from in-flight Wi-Fi and retail inventory to military and telecom communications. Companies like T-Mobile and Walmart acknowledged misconfigurations after the findings were disclosed. The study exposes the vulnerability of critical infrastructure still relying on unencrypted satellite links, demonstrating that low-cost eavesdropping can breach systems banking on “security through obscurity,” which A foreign actor exploited vulnerabilities in Microsoft SharePoint to infiltrate the Kansas City National Security Campus, a key U.S. nuclear weapons contractor. While the attack targeted IT systems, it raised concerns about potential access to operational technology. Suspected actors include Chinese or Russian groups, likely pursuing strategic espionage. The breach underscores how enterprise software flaws can compromise national defense and highlights the slow pace of securing critical operational infrastructure.Google's Threat Intelligence team uncovered UNC5342, a North Korean hacking group using EtherHiding to embed malware in public blockchains like Ethereum. By storing malicious JavaScript in immutable smart contracts, the technique ensures persistence and low-cost updates. Delivered via fake job interviews targeting developers, this approach marks a new era of cyber threats, leveraging decentralized technology as a permanent malware host.Kohler's Dekoda toilet camera ($599 + subscription) monitors gut health and hydration by scanning waste, using fingerprint ID and encrypted data for privacy. While Kohler claims the camera only views the bowl, privacy advocates question the implications of such intimate surveillance, even with “end-to-end encryption.”In a daring eight-minute heist, thieves used a crane to steal royal jewels from the Louvre, exposing significant security gaps. An audit revealed outdated defenses, delayed modernization, and blind spots, serving as a stark reminder that even the most prestigious institutions are vulnerable to breaches when security measures lag.

Mat 'Wilto' Marquis joins Igalia Chats to get weird and talk about JavaScript, boxing, charity and platform permanence. Mentioned Links JavaScript for Everyone course Mat's Website Mat on Mastodon Mat on Bluesky XKCD Workflow XKCD The Meetup

Ransomware attacks typically don't care about memory safety and dependency scanning, they often target old, unpatched vulns and too often they succeed. Rob Allen shares some of the biggest cases he's seen, what they have in common, and what appsec teams could do better to help them. Too much software still requires custom configuration to make it more secure. And too few software makers are embracing secure by default, let alone secure by design. In the news, passively monitoring geosynchronous satellite communications on the cheap, successful LLM poisoning of any size model with a single size dose, security engineering lessons from Signal's post-quantum crypto work, improving security for JavaScript in the browser, and more! This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-353

Ever wondered how source maps actually work? In this episode, Nicolo Ribaudo, Babel maintainer and TC39 delegate, breaks down how source maps connect your JavaScript, TypeScript, and CSS back to the original code — making debugging, stack traces, and observability smoother in Chrome dev tools. We dive into how source maps help in both development and production with minified code, explore tools like Webpack, Rollup, Next.js, and Svelte, and share when you should turn off source maps to avoid confusion. Links Website: https://nicr.dev LinkedIn: https://www.linkedin.com/in/nicol%C3%B2-ribaudo-bb94b4187 BlueSky: https://bsky.app/profile/nicr.dev Github: https://github.com/nicolo-ribaudo Resources Squiggleconf talk: https://squiggleconf.com/2025/sessions#source-maps-how-does-the-magic-work Slide deck: https://docs.google.com/presentation/d/1lyor5xgv821I4kUWJIwrrmXBjzC_qiqIqcZxve1ybw0 We want to hear from you! How did you find us? Did you see us on Twitter? In a newsletter? Or maybe we were recommended by a friend? Fill out our listener survey (https://t.co/oKVAEXipxu)! https://t.co/oKVAEXipxu Let us know by sending an email to our producer, Elizabeth, at elizabet.becz@logrocket.com (mailto:elizabeth.becz@logrocket.com), or tweet at us at PodRocketPod (https://twitter.com/PodRocketpod). Check out our newsletter (https://blog.logrocket.com/the-replay-newsletter/)! https://blog.logrocket.com/the-replay-newsletter/ Follow us. Get free stickers. Follow us on Apple Podcasts, fill out this form (https://podrocket.logrocket.com/get-podrocket-stickers), and we'll send you free PodRocket stickers! What does LogRocket do? LogRocket provides AI-first session replay and analytics that surfaces the UX and technical issues impacting user experiences. Start understanding where your users are struggling by trying it for free at LogRocket.com. Try LogRocket for free today. (https://logrocket.com/signup/?pdr) Chapters 00:00 Intro – Welcome to PodRocket + Introducing Nicolo Ribaudo 00:45 What Are Source Maps and Why They Matter for Debugging 01:20 From Babel to TC39 – Nicolo's Path to Source Maps 02:00 Source Maps Beyond JavaScript: CSS, C, and WebAssembly 03:00 The Core Idea – Mapping Compiled Code Back to Source 04:00 How Source Maps Work Under the Hood (Encoded JSON) 05:10 File Size and Performance – Why It Doesn't Matter in Production 06:00 Why Source Maps Are Useful Even Without Minification 07:00 Sentry and Error Monitoring – How Source Maps Are Used in Production 08:10 Two Worlds: Local Debugging vs. Remote Error Analysis 09:00 You're Probably Using Source Maps Without Realizing It 10:00 Why Standardization Was Needed After 15+ Years of Chaos 11:00 TC39 and the Creation of the Official Source Maps Standard 12:00 Coordinating Browsers, Tools, and Vendors Under One Spec 13:00 How Chrome, Firefox, and WebKit Implement Source Maps Differently 14:00 Why the Source Maps Working Group Moves Faster Than Other Standards 15:00 A Small, Focused Group of DevTools Engineers 16:00 How Build Tools and Bundlers Feed Into the Ecosystem 17:00 Making It Easier for Tool Authors to Generate Source Maps 18:00 How Frameworks Like Next.js and Vite Handle Source Maps for You 19:00 Common Pitfalls When Chaining Build Tools 20:00 Debugging Wrong or Broken Source Maps in Browsers 21:00 Upcoming Feature: Scopes for Variables and Functions 22:00 How Scopes Improve the Live Debugging Experience 23:00 Experimental Implementations and How to Try Them 24:00 Where to Find the TC39 Source Maps Group + Get Involved 25:00 Nicolo's Links – GitHub, BlueSky, and Talks Online 25:30 Closing Thoughts

Ransomware attacks typically don't care about memory safety and dependency scanning, they often target old, unpatched vulns and too often they succeed. Rob Allen shares some of the biggest cases he's seen, what they have in common, and what appsec teams could do better to help them. Too much software still requires custom configuration to make it more secure. And too few software makers are embracing secure by default, let alone secure by design. In the news, passively monitoring geosynchronous satellite communications on the cheap, successful LLM poisoning of any size model with a single size dose, security engineering lessons from Signal's post-quantum crypto work, improving security for JavaScript in the browser, and more! This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more! Show Notes: https://securityweekly.com/asw-353

Ransomware attacks typically don't care about memory safety and dependency scanning, they often target old, unpatched vulns and too often they succeed. Rob Allen shares some of the biggest cases he's seen, what they have in common, and what appsec teams could do better to help them. Too much software still requires custom configuration to make it more secure. And too few software makers are embracing secure by default, let alone secure by design. In the news, passively monitoring geosynchronous satellite communications on the cheap, successful LLM poisoning of any size model with a single size dose, security engineering lessons from Signal's post-quantum crypto work, improving security for JavaScript in the browser, and more! This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-353

 The Bored Sysadmin Who Chose PHP Over .NET a young Linux sysadmin whose job involves kicking the mail server once a week and spending the rest of the time playing Call of Duty. Steve watched the dev team actually creating things and decided to join them. JavaScript looked “kind of cool,” PHP “made sense,” […] The post PHP Alive And Kicking: Episode 7 – Steve McDougall appeared first on PHP Architect.

Ransomware attacks typically don't care about memory safety and dependency scanning, they often target old, unpatched vulns and too often they succeed. Rob Allen shares some of the biggest cases he's seen, what they have in common, and what appsec teams could do better to help them. Too much software still requires custom configuration to make it more secure. And too few software makers are embracing secure by default, let alone secure by design. In the news, passively monitoring geosynchronous satellite communications on the cheap, successful LLM poisoning of any size model with a single size dose, security engineering lessons from Signal's post-quantum crypto work, improving security for JavaScript in the browser, and more! This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more! Show Notes: https://securityweekly.com/asw-353

This week we have Oliver Medhurst, the creator of Porffor. Porffor is a JavaScript ahead of time compiler that compiles JavaScript to WebAssembly. We talk about the technical details of how it works, and the future of JavaScript engines.https://x.com/canadahonkhttps://porffor.dev/https://github.com/CanadaHonk/porfforhttps://goose.icu/

Back in May, the Remix cofounders revealed they were reimagining Remix v3 from the ground up, and this past week at Remix Jam, they gave a sneak peek of it. It's fair to say this new framework shouldn't be called Remix at all because it's departed so far from its origins: devs manually update state, it uses signals, routes are defined in a TS doc, and it will ship with a component library, for starters. Will it catch on, who knows?Not to be outdone by React v19.2 last week, Next.js 16 beta debuted (with support for React 19.2 included). In addition to the latest version of React, Next.js 16 has also declared Turbopack, RSC support, and React Compiler all stable, and improved its caching system as well.And Bun is back in the news with the release of Bun 1.3, and it's a doozy of a minor version release. Bun wants to be a full-stack JavaScript runtime as it now includes a full-stack dev server, built in support for MySQL and Redis DBs, routing, and the ability to package an entire project into one executable for cross-platform support. Well done, Bun team!Chapter Markers:01:14 - Remix v310:38 - Next.js 16 beta17:35 - Bun 1.324:42 - Firefox 144 released w/view transition support25:19 - HBO changes TV channel names28:00 - W3C has a new logo31:25 - What's making us happyNews:Paige - Bun 1.3Jack - Remix v3TJ - Next.js 16 betaLightning News:Firefox 144 released w/view transition supportW3C has a new logo and the Gavin Belson signature from Silicon Valley HBO changes TV channel namesWhat Makes Us Happy this Week:Paige - The Gilded Age TV seriesJack - KPop Demon HuntersTJ - Madison, WIThanks as always to our sponsor, the Blue Collar Coder channel on YouTube. You can join us in our Discord channel, explore our website and reach us via email, or talk to us on X, Bluesky, or YouTube.Front-end Fire websiteBlue Collar Coder on YouTubeBlue Collar Coder on DiscordReach out via emailTweet at us on X @front_end_fireFollow us on Bluesky @front-end-fire.com

Go 1.25.3 and 1.24.9 released

About Sachin Jain:Sachin Jain is the Co-founder and CEO of Requestly, the browser-based API mocking and testing platform used by over 300,000 developers worldwide. After transforming a weekend Chrome extension project into a Y Combinator-backed company (one of 414 accepted from 17,000 applications), Sachin led Requestly through a successful acquisition by BrowserStack earlier this year. His journey from Google intern and Adobe engineer to successful founder showcases the power of solving your own problems first.About Requestly:Requestly is a developer-first platform that simplifies API mocking, testing, and network request interception directly in the browser. Born from a frustrated developer's need to debug minified JavaScript in production, Requestly eliminates the need for bulky proxy tools by offering a simple Chrome extension that lets developers modify headers, redirect scripts, and mock API responses. The platform has become essential for frontend teams building against incomplete backends.Show Notes:00:00 From Developer to Founder00:32 The P0 Bug That Sparked a Business Idea02:52 Building an MVP in 30 Minutes03:04 Identifying a Problem: The Birth of Requestly05:05 From JavaScript Redirector to API Platform Evolution05:52 The Evolution of Requestly08:21 Organic Growth Without Landing Pages or Marketing08:55 Open Source vs. Monetization10:20 The Open Core Model12:10 Navigating Y Combinator: Tips for Success13:11 What Made Sachin's YC Application Stand Out14:50 Building a Developer Community16:39 Company Culture as Product Differentiation17:57 Acquisition Insights: Choosing the Right Buyer19:45 Customer Support as Competitive Advantage21:01 Post-Acquisition Journey23:53 Lessons Learned: Growth and Adaptation as a Founder24:38 Why Optimize for Right Buyer, Not Price27:57 Personal Growth: From Engineer to CEO

In this episode, Mazen Chami sits down with Mustafa Ali (Director of Engineering and Head of Mobile at Shopify) and Thiago Magalhães (Staff Software Developer at Shopify) to dive deep into Shopify's transition to the new React Native architecture. Show NotesShopify Blog: Migrating to React Native's New Architecture by Thiago MagalhaesRNR 319: Shopify goes full throttle throttle on React Native with Mustafa Ali Connect With Us!Mazen Chami: @mazenchamiMustafa Ali: @mustafa01aliThiago Magalhães: LinkedInReact Native Radio: @reactnativerdio This episode is brought to you by Infinite Red!Infinite Red is an expert React Native consultancy located in the USA. With nearly a decade of React Native experience and deep roots in the React Native community (hosts of Chain React and the React Native Newsletter, core React Native contributors, creators of Ignite and Reactotron, and much, much more), Infinite Red is the best choice for helping you build and deploy your next React Native app.

 Matt takes us back to the mid-90s, learning HTML and PHP alongside his older brother – back when there was no CSS or JavaScript, and getting a header and footer to include across multiple pages felt like magic. Fast forward to today, and that early foundation still influences how he codes and thinks about […] The post PHP Alive And Kicking: Episode 6 – Matt Stauffer appeared first on PHP Architect.

Una and Bramus dive into the latest advancements in CSS with state-based container queries. Learn how to create responsive and dynamic user experiences by querying the scroll state of UI elements, including 'stuck,' 'snapped,' and 'scrollable' states. Discover practical examples and techniques to replace complex JavaScript with declarative CSS, making your web development more efficient and powerful. Resources: Scroll state queries → https://goo.gle/4mQDQ0M Scroll-state-container →  https://goo.gle/487y4nI Anchor queries → https://goo.gle/3IBDVaw Episode 59 → https://goo.gle/3KB7M3z  Una Kravets (co-host) Bluesky | Twitter | YouTube | WebsiteMaking the web more colorful @googlechrome  Bramus Van Damme (co-host) Bluesky | Mastodon | YouTube | Website@GoogleChrome CSS DevRel; @CSSWG; Scuba Diver

Ian and Aaron are joined this week by Jeffrey Way, creator of Laracasts, to talk about everything from their opinions about JavaScript to the evolution of Laracasts to modeling behavior for your kids and so much more.Sponsored by Bento, Flare, and Laravel Forge.Interested in sponsoring Mostly Technical?  Head to https://mostlytechnical.com/sponsor to learn more.(00:00) - Optimizing Everything (07:41) - Social Media, Kids, & Modeling Behavior (21:42) - Vision Quest Deep Dive (34:46) - Switch to Subscription? (39:48) - The Evolution of Laracasts (50:03) - Opinions About JavaScript (57:00) - Deciding What To Teach (01:02:59) - Chess (01:07:47) - YouTube & AI's Impact Links:AmaranTanStackRemix3 Ninjas (1992)Suno

Dynamic languages like Ruby, Python, and JavaScript determine the types of variables at runtime rather than at compile time. This flexibility allows for rapid development and concise code, but it also makes it harder to catch certain classes of bugs before execution. Type checkers for dynamic languages add structure and safety without compromising their expressive The post Static Analysis for Ruby with Jake Zimmerman appeared first on Software Engineering Daily.

Episode NotesThe discussion moves into how standards evolve beyond tools, the trade-offs of monocultures vs. consensus-driven teams, and why ownership matters when the original authors move on. Nathan also unpacks the cost of neglect, describing defects as anything that slows developers down—not just issues that impact end users.Later in the conversation, Nathan recounts a migration from a React SPA to Turbo and Stimulus that removed barriers between designers and developers. He highlights how keeping all problems on the radar together prevents teams from falling into local optima. The episode closes with reflections on TestBench, blind spots in testing, continuous improvement in remote teams, and advice for developers who feel stuck raising maintenance concerns.Episode Highlights[00:01:07] Defining Well-Maintained Software: Nathan shares his three key markers—up-to-date dependencies, adherence to team standards, and fixing defects immediately.[00:02:53] From Tools to Tacit Knowledge: Why norms start with tool-enforced rules like RuboCop but evolve into cultural agreements within teams.[00:04:49] Speed vs. Durability: Teams built on monoculture move quickly early on, but diverse, consensus-driven cultures go farther.[00:11:11] Owning the Architecture: When original developers leave, new teams must take responsibility for architecture rather than defer decisions.[00:13:37] The Cost of Neglect: Dependencies, drifting standards, and defects interact in compounding ways. Nathan reframes defects as “anything that impedes developer effectiveness.”[00:17:46] React → Turbo + Stimulus Migration: A costly SPA and siloed design team gave way to a simpler approach that reduced rework and empowered designers to contribute directly.[00:22:44] Avoiding Local Optima: Tackling problems in isolation creates dead ends—addressing them holistically opens real paths forward.[00:24:32] Who We Seek Validation From: Developer identities often align with whose approval they value—shaping front-end vs. back-end divides.[00:27:34] Comfort vs. Maintenance Burden: Silos built for comfort create tomorrow's maintenance problems.[00:33:45] Relentless Improvement in Remote Teams: Start as an ensemble, evolve into autonomous work cells, and use work logs to sustain consensus.[00:38:33] What's Missing from Remote Work: Nathan reflects on lost “hallway conversations” and the challenge of building social glue remotely.[00:40:50] The Story Behind TestBench: Dissatisfaction with existing frameworks and a desire for simplicity led to TestBench's creation.[00:47:38] Testing Blind Spots: The biggest blind spot is equating testing with automation—interactive testing and intelligible output remain essential.[00:50:35] Advice for Stuck Engineers: Nathan encourages developers to study quality traditions, connect with peers, and embrace continuous improvement.[00:53:16] Book Recommendations: Deming's Out of the Crisis and The New Economics, Toyota's product development work, and Rawls' A Theory of Justice.Tools & Resources MentionedBrightworks Digital – Nathan's current company, where he serves as Principal.Nathan Ladd on LinkedIn – Connect with Nathan and follow his work.TestBench – A Ruby testing framework co-created by Nathan.Turbo – Hotwire framework for building modern, fast applications without heavy JavaScript.Stimulus – A modest JavaScript framework for enhancing HTML with small, reusable controllers.RSpec – A popular Ruby testing tool for behavior-driven development.Minitest – A simple and fast Ruby testing framework.RuboCop – A Ruby static code analyzer and formatter.Lessons Learned in Software Testing – Classic book on testing by Cem Kaner, James Bach, and Bret Pettichord.Out of the Crisis – W. Edwards Deming's influential work on quality and systems thinking.The New Economics – Deming's follow-up book on continuous improvement.A Theory of Justice – John Rawls' seminal work on moral and political philosophy.The Toyota Product Development System – Insights into Toyota's continuous improvement and development practices.Thanks to Our Sponsor!Turn hours of debugging into just minutes! AppSignal is a performance monitoring and error-tracking tool designed for Ruby, Elixir, Python, Node.js, Javascript, and other frameworks.It offers six powerful features with one simple interface, providing developers with real-time insights into the performance and health of web applications.Keep your coding cool and error-free, one line at a time! Use the code maintainable to get a 10% discount for your first year. Check them out! Subscribe to Maintainable on:Apple PodcastsSpotifyOr search "Maintainable" wherever you stream your podcasts.Keep up to date with the Maintainable Podcast by joining the newsletter.

Dynamic languages like Ruby, Python, and JavaScript determine the types of variables at runtime rather than at compile time. This flexibility allows for rapid development and concise code, but it also makes it harder to catch certain classes of bugs before execution. Type checkers for dynamic languages add structure and safety without compromising their expressive The post Static Analysis for Ruby with Jake Zimmerman appeared first on Software Engineering Daily.

Scans for ESAFENET CDG V5 We do see some increase in scans for the Chinese secure document management system, ESAFENET. https://isc.sans.edu/diary/Heads%20Up%3A%20Scans%20for%20ESAFENET%20CDG%20V5%20/32364 Investigating targeted payroll pirate attacks affecting US universities Microsoft wrote about how payroll pirates redirect employee paychecks via phishing. https://www.microsoft.com/en-us/security/blog/2025/10/09/investigating-targeted-payroll-pirate-attacks-affecting-us-universities/ Attacks against Edge via IE Mode Microsoft Edge offers an IE legacy mode to support websites created for Internet Explorer. The old JavaScript engine, which is part of this mode, has been abused in recent attacks, and Microsoft will make it more difficult to enable IE Mode to counter these attacks. https://microsoftedge.github.io/edgevr/posts/Changes-to-Internet-Explorer-Mode-in-Microsoft-Edge/

Jonathan Tower is known to friends and colleagues simply as “J.” J. is a Microsoft MVP, Telerik Developer Expert, and the founder of Trailhead Technology Partners, a global custom software consultancy. With nearly 25 years of experience in the industry, J. has held roles ranging from senior architect to director of development, and now leads a team building high-quality, large-scale applications across a wide range of technologies.   J.'s technical expertise spans C#, .NET, ASP.NET MVC, and modern JavaScript frameworks, along with mobile app development. But what truly sets him apart is his passion for building community. He's the driving force behind Beer City Code, Michigan's largest software conference, and serves on the board of SoftwareGR, a nonprofit dedicated to growing the software industry in West Michigan.   He's also a frequent speaker at conferences and meetups around the world, a LinkedIn Learning course author, and a mentor to many through his work with robotics teams and local tech groups.   Outside of tech, J. is an adventurer at heart. He and his family recently completed a year-long road trip across the U.S., visiting 58 of the 63 national parks. He's also a fan of photography, hiking, reading, and catching every Best Picture nominee before the Oscars.   Topics of Discussion: [3:30] Fun fact! J. has been to 58 of the 63 national parks, with his current favorite being Glacier National Park. [4:46] J. explains his early interest in creating things and his discovery of software development in middle school. [7:33] J.'s journey into leadership and consulting. [11:04] J. talks about his Blue Blazes podcast and the inspiration behind the name. [14:27] The “shiny object syndrome” and the misuse of microservices architecture. [15:06] Understanding the true needs of a project before implementing complex solutions. [21:20] AI should be viewed as a collaborative tool, not a replacement for team members. [22:51] The insight that J. got at a Ford Factory about how AI can help us shape and create jobs instead of just replacing them. [27:50] J. mentions he recently released courses on Dome Train about migrating legacy applications. [29:05] Choosing the framework that is the most similar model. [31:29] The type of traits that J. would look for in a lead engineer or a team leader.   Mentioned in this Episode: Clear Measure Way Architect Forum Software Engineer Forum Jonathan “J.” Tower LinkedIn JTower Website Trailhead Technology Jonathan “J.” Tower MVP Blue Blazes Podcast .NET Foundation Dome Train — Jonathan Tower     Want to Learn More? Visit AzureDevOps.Show for show notes and additional episodes.

The popular MERN stack tutorials and the larger JavaScript ecosystem in general has failed to prepare junior developers for professional jobs. This is a rant about that...---------------------------------------------------

Or just "Embeds" as we more frequently refer to them as. Stephen and Chris talk about the fairly meaty project which was re-writing our Embeds for a CodePen 2.0 world. No longer can we assume Pens are just one HTML, CSS, and JavaScript "file", so they needed a bit of a redesign, but doing as little as possible so that existing Embed Themes still work. This was plenty tricky as it was a re-write from Rails to Next.js, with everything needing to be Server-Side Rendered and as lightweight as possible (thank urql!). Time Jumps

Google's new demand for developer registration could spell the end for open-source app stores, while Europe's controversial chat control vote threatens privacy for everyone—Steve and Leo break down what's at stake for devs and users alike. Qantas says no one can releak their stolen data. Brave's usage is up. But is it really 3 times faster. Next Tuesday the EU votes on "Chat Control". Microsoft formally launches a "Security Store". Outlook moves to block JavaScript in SVG's. A new release of Chrome. Gmail will no longer pull external email via POP. Googe Drive starts blocking ransomware encryptions. The UK issues another order to Apple. Researchers create a "Battering RAM" attack device. HackerOne's significant bug bounty payouts. The Imgur service goes dark across the UK. Guess why. The Netherlands plans to say NO to "Chat Control." Discord was breached and government IDs leaked. Salesforce says it's not another new breach. Signal introduces a new post-quantum ratchet. Your motherboard MIGHT support TPM 2.0. Google to force Android app devs to register and pay Show Notes - https://www.grc.com/sn/SN-1046-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT hoxhunt.com/securitynow bitwarden.com/twit veeam.com

Google's new demand for developer registration could spell the end for open-source app stores, while Europe's controversial chat control vote threatens privacy for everyone—Steve and Leo break down what's at stake for devs and users alike. Qantas says no one can releak their stolen data. Brave's usage is up. But is it really 3 times faster. Next Tuesday the EU votes on "Chat Control". Microsoft formally launches a "Security Store". Outlook moves to block JavaScript in SVG's. A new release of Chrome. Gmail will no longer pull external email via POP. Googe Drive starts blocking ransomware encryptions. The UK issues another order to Apple. Researchers create a "Battering RAM" attack device. HackerOne's significant bug bounty payouts. The Imgur service goes dark across the UK. Guess why. The Netherlands plans to say NO to "Chat Control." Discord was breached and government IDs leaked. Salesforce says it's not another new breach. Signal introduces a new post-quantum ratchet. Your motherboard MIGHT support TPM 2.0. Google to force Android app devs to register and pay Show Notes - https://www.grc.com/sn/SN-1046-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT hoxhunt.com/securitynow bitwarden.com/twit veeam.com

Google's new demand for developer registration could spell the end for open-source app stores, while Europe's controversial chat control vote threatens privacy for everyone—Steve and Leo break down what's at stake for devs and users alike. Qantas says no one can releak their stolen data. Brave's usage is up. But is it really 3 times faster. Next Tuesday the EU votes on "Chat Control". Microsoft formally launches a "Security Store". Outlook moves to block JavaScript in SVG's. A new release of Chrome. Gmail will no longer pull external email via POP. Googe Drive starts blocking ransomware encryptions. The UK issues another order to Apple. Researchers create a "Battering RAM" attack device. HackerOne's significant bug bounty payouts. The Imgur service goes dark across the UK. Guess why. The Netherlands plans to say NO to "Chat Control." Discord was breached and government IDs leaked. Salesforce says it's not another new breach. Signal introduces a new post-quantum ratchet. Your motherboard MIGHT support TPM 2.0. Google to force Android app devs to register and pay Show Notes - https://www.grc.com/sn/SN-1046-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT hoxhunt.com/securitynow bitwarden.com/twit veeam.com

Google's new demand for developer registration could spell the end for open-source app stores, while Europe's controversial chat control vote threatens privacy for everyone—Steve and Leo break down what's at stake for devs and users alike. Qantas says no one can releak their stolen data. Brave's usage is up. But is it really 3 times faster. Next Tuesday the EU votes on "Chat Control". Microsoft formally launches a "Security Store". Outlook moves to block JavaScript in SVG's. A new release of Chrome. Gmail will no longer pull external email via POP. Googe Drive starts blocking ransomware encryptions. The UK issues another order to Apple. Researchers create a "Battering RAM" attack device. HackerOne's significant bug bounty payouts. The Imgur service goes dark across the UK. Guess why. The Netherlands plans to say NO to "Chat Control." Discord was breached and government IDs leaked. Salesforce says it's not another new breach. Signal introduces a new post-quantum ratchet. Your motherboard MIGHT support TPM 2.0. Google to force Android app devs to register and pay Show Notes - https://www.grc.com/sn/SN-1046-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT hoxhunt.com/securitynow bitwarden.com/twit veeam.com

Google's new demand for developer registration could spell the end for open-source app stores, while Europe's controversial chat control vote threatens privacy for everyone—Steve and Leo break down what's at stake for devs and users alike. Qantas says no one can releak their stolen data. Brave's usage is up. But is it really 3 times faster. Next Tuesday the EU votes on "Chat Control". Microsoft formally launches a "Security Store". Outlook moves to block JavaScript in SVG's. A new release of Chrome. Gmail will no longer pull external email via POP. Googe Drive starts blocking ransomware encryptions. The UK issues another order to Apple. Researchers create a "Battering RAM" attack device. HackerOne's significant bug bounty payouts. The Imgur service goes dark across the UK. Guess why. The Netherlands plans to say NO to "Chat Control." Discord was breached and government IDs leaked. Salesforce says it's not another new breach. Signal introduces a new post-quantum ratchet. Your motherboard MIGHT support TPM 2.0. Google to force Android app devs to register and pay Show Notes - https://www.grc.com/sn/SN-1046-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT hoxhunt.com/securitynow bitwarden.com/twit veeam.com

Andreas Rossberg unpacks WASM 3.0, covering new capabilities like garbage collection, exception handling, tail calls, and support for 64-bit addressing with multiple memories. The discussion explores deterministic profiles following relaxed sim, WebAssembly's capability-based security model, and advances in sandboxing and module design. Andreas connects these features to practical use cases in JavaScript engines and applications like Google Sheets, then looks ahead to experimental work on threading, stack switching, and async programming models shaping the next phase of the WebAssembly ecosystem. Links Website: https://people.mpi-sws.org/~rossberg GitHub: https://github.com/rossberg Resources WASM 3.0 Completed: https://webassembly.org/news/2025-09-17-wasm-3.0 Chapters 00:00 Intro – Andreas Rossberg and the WebAssembly 3.0 Update 01:05 The State of WebAssembly Today 02:15 Why WebAssembly Exists Beyond the Web 03:20 From WebAssembly 2.0 to 3.0 – What's Actually New 04:30 Garbage Collection: A Game-Changer for Managed Languages 06:00 The Vision of WebAssembly as a Universal Compilation Target 07:40 How GC Support Unlocks Java, Kotlin, and Dart on WASM 09:10 Expanding to 64-bit Memory – Performance and Limits 10:40 WebAssembly for Databases, AI, and LLMs 12:00 Sandboxing and Security by Design 13:10 How Capabilities and Static Analysis Keep WASM Safe 14:30 Multi-Memory Support and Real-World Use Cases 16:00 Developer Ergonomics vs. Specification Purity 17:20 Tail Calls and Functional Programming Benefits 18:40 Function Tables and Secure Indirection 20:00 Exception Handling Finally Arrives 21:10 Determinism, Efficiency, and Why It Matters for Blockchain 22:30 SIMD and Hardware Divergence Across Platforms 24:00 Balancing Portability with Performance 25:20 The Design Philosophy Behind WebAssembly 26:30 Why WASM Rejects Language-Specific Features 27:40 Proposal Process: Who Decides What Gets In 29:00 Browser Vendors and Implementation Challenges 30:10 Early Deployments: GC, Tooling, and Adoption Stories 31:30 Threads, Stack Switching, and the Future of Concurrency 33:00 Async/Await and Coroutines on WebAssembly 34:30 What's Coming Next for WASM Developers 35:40 How to Get Involved – Working Groups and Proposals 37:00 Closing Thoughts and Thanks We want to hear from you! How did you find us? Did you see us on Twitter? In a newsletter? Or maybe we were recommended by a friend? Fill out our listener survey (https://t.co/oKVAEXipxu)! https://t.co/oKVAEXipxu Let us know by sending an email to our producer, Elizabeth, at elizabet.becz@logrocket.com (mailto:elizabeth.becz@logrocket.com), or tweet at us at PodRocketPod (https://twitter.com/PodRocketpod). Follow us. Get free stickers. Follow us on Apple Podcasts, fill out this form (https://podrocket.logrocket.com/get-podrocket-stickers), and we'll send you free PodRocket stickers! What does LogRocket do? LogRocket provides AI-first session replay and analytics that surfaces the UX and technical issues impacting user experiences. Start understanding where your users are struggling by trying it for free at LogRocket.com. Try LogRocket for free today. (https://logrocket.com/signup/?pdr)

Google's new demand for developer registration could spell the end for open-source app stores, while Europe's controversial chat control vote threatens privacy for everyone—Steve and Leo break down what's at stake for devs and users alike. Qantas says no one can releak their stolen data. Brave's usage is up. But is it really 3 times faster. Next Tuesday the EU votes on "Chat Control". Microsoft formally launches a "Security Store". Outlook moves to block JavaScript in SVG's. A new release of Chrome. Gmail will no longer pull external email via POP. Googe Drive starts blocking ransomware encryptions. The UK issues another order to Apple. Researchers create a "Battering RAM" attack device. HackerOne's significant bug bounty payouts. The Imgur service goes dark across the UK. Guess why. The Netherlands plans to say NO to "Chat Control." Discord was breached and government IDs leaked. Salesforce says it's not another new breach. Signal introduces a new post-quantum ratchet. Your motherboard MIGHT support TPM 2.0. Google to force Android app devs to register and pay Show Notes - https://www.grc.com/sn/SN-1046-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT hoxhunt.com/securitynow bitwarden.com/twit veeam.com

Google's new demand for developer registration could spell the end for open-source app stores, while Europe's controversial chat control vote threatens privacy for everyone—Steve and Leo break down what's at stake for devs and users alike. Qantas says no one can releak their stolen data. Brave's usage is up. But is it really 3 times faster. Next Tuesday the EU votes on "Chat Control". Microsoft formally launches a "Security Store". Outlook moves to block JavaScript in SVG's. A new release of Chrome. Gmail will no longer pull external email via POP. Googe Drive starts blocking ransomware encryptions. The UK issues another order to Apple. Researchers create a "Battering RAM" attack device. HackerOne's significant bug bounty payouts. The Imgur service goes dark across the UK. Guess why. The Netherlands plans to say NO to "Chat Control." Discord was breached and government IDs leaked. Salesforce says it's not another new breach. Signal introduces a new post-quantum ratchet. Your motherboard MIGHT support TPM 2.0. Google to force Android app devs to register and pay Show Notes - https://www.grc.com/sn/SN-1046-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT hoxhunt.com/securitynow bitwarden.com/twit veeam.com