Podcasts about NPM

This week's technical segment is all about the T-Lora Pager from Lilygo, and really cool Meshtastic device that can also be used for some hacking tasks! In the security news: Your safe is not safe Cisco ASA devices are under attack VMScape HybridPetya and UEFI attacks in the wild Eveything is a Linux terminal Hackers turns 30 Hosting websites on disposable vapes NPM worms and token stealing Attackers make mistakes too AI podcasts Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-892

In this episode of The Bitcoin Brief, Max and Q delve into the latest happenings in the world of Bitcoin and privacy. In this shorter Bitcoin Brief catch‑up, we dive straight into the latest on Passport Prime: Foundation has completed a third‑party security audit for KeyOS, is squashing final bugs, and is testing a bulletproof firmware‑update flow before giving the factory the green light. While early‑access units have slipped from initial estimates, the team stresses security parity with Passport Core, continued transparency, and a no‑questions‑asked refund policy for those who prefer not to wait. We then unpack last week's NPM supply‑chain scare that briefly impacted Ethereum‑focused flows; despite the rapid containment (netting attackers mere cents), it's a timely reminder to use hardware wallets for significant funds and to verify amounts, fees, change, and destination addresses on every send.On policy, we examine the resurfacing “mixer rule” push in the US that would effectively criminalise mainstream privacy behaviours on public blockchains—potentially sweeping up CoinJoin/PayJoin, address freshness, swaps, and simple transaction splitting—highlighting why principled privacy and robust, neutral protocols matter. We field a listener question on making Lightning more accessible, weighing today's trade‑offs between self‑hosting and managed hubs (e.g., Alby), and the convenience of Phoenix/Zeus, with an eye toward emerging designs like Ark/Spark. Rounding out with releases: Cake Wallet's Pay Anything (seamless cross‑asset paying), native Tor on iOS, and Cupcake for air‑gapped signing; Craig Raw's Frigate Electrum server experiment for efficient Silent Payments scanning; and Braiins Deck, a tidy desk display for price, mempool, and mining stats. Boosts, meets, and a reminder: stay vigilant, stay private, and keep building.IMPORTANT LINKS https://freesamourai.comhttps://p2prights.org/donate.htmlhttps://ungovernablemisfits.comVALUE FOR VALUEThanks for listening you Ungovernable Misfits, we appreciate your continued support and hope you enjoy the shows.You can support this episode using your time, talent or treasure.TIME:- create fountain clips for the show- create a meetup- help boost the signal on social mediaTALENT:- create ungovernable misfit inspired art, animation or music- design or implement some software that can make the podcast better- use whatever talents you have to make a contribution to the show!TREASURE:- BOOST IT OR STREAM SATS on the Podcasting 2.0 apps @ https://podcastapps.com- DONATE via Monero @ https://xmrchat.com/ugmf- BUY SOME STICKERS @ https://www.ungovernablemisfits.com/shop/FOUNDATIONhttps://foundation.xyz/ungovernableFoundation builds Bitcoin-centric tools that empower you to reclaim your digital sovereignty.As a sovereign computing company, Foundation is the antithesis of today's tech conglomerates. Returning to cypherpunk principles, they build open source technology that “can't be evil”.Thank you Foundation Devices for sponsoring the show!Use code: Ungovernable for $10 off of your purchaseCAKE WALLEThttps://cakewallet.comCake Wallet is an open-source, non-custodial wallet available on Android, iOS, macOS, and Linux.Features:- Built-in Exchange: Swap easily between Bitcoin and Monero.- User-Friendly: Simple interface for all users.Monero Users:- Batch Transactions: Send multiple payments at once.- Faster Syncing: Optimized syncing via specified restore heights- Proxy Support: Enhance privacy with proxy node options.Bitcoin Users:- Coin Control: Manage your transactions effectively.- Silent Payments: Static bitcoin addresses- Batch Transactions: Streamline your payment process.Thank you Cake Wallet for sponsoring the show!MYNYMBOXhttps://mynymbox.netYour go-to for anonymous server hosting solutions, featuring: virtual private & dedicated servers, domain registration and DNS parking. We don't require any of your personal information, and you can purchase using Bitcoin, Lightning, Monero and many other cryptos.Explore benefits such as No KYC, complete privacy & security, and human support.

This week's technical segment is all about the T-Lora Pager from Lilygo, and really cool Meshtastic device that can also be used for some hacking tasks! In the security news: Your safe is not safe Cisco ASA devices are under attack VMScape HybridPetya and UEFI attacks in the wild Eveything is a Linux terminal Hackers turns 30 Hosting websites on disposable vapes NPM worms and token stealing Attackers make mistakes too AI podcasts Show Notes: https://securityweekly.com/psw-892

Why You Need Phishing-Resistant Authentication NOW. The recent compromise of a number of high-profile npmjs.com accounts has yet again shown how dangerous a simple phishing email can be. https://isc.sans.edu/diary/Why%20You%20Need%20Phishing%20Resistant%20Authentication%20NOW./32290 S1ngularity/nx Attackers Strike Again A second wave of attacks has hit over a hundred npm-related GitHub repositories. The updated payload implements a worm that propagates itself to other repositories. https://www.aikido.dev/blog/s1ngularity-nx-attackers-strike-again ChatGPT s Calendar Integration Can Be Exploited to Steal Emails ChatGPT s new MCP integration can be used, via prompt injection, to affect software connected to ChatGPT via MCP. https://www.linkedin.com/posts/eito-miyamura-157305121_we-got-chatgpt-to-leak-your-private-email-activity-7372306174253256704-xoX1/

Cybersecurity Worms, Steganography Attacks, Municipal Cyber Incidents and More... In this episode of Cybersecurity Today, host Jim Love delves into multiple cybersecurity threats affecting the tech landscape. He discusses the 'Shai Hulud' worm, which has infiltrated over 187 JavaScript libraries on NPM, exploiting developer tokens for spread, including those maintained by CrowdStrike. Love explains practical but challenging measures to mitigate such threats. He also explores steganography's role in hiding malicious scripts within seemingly benign image files, urging vigilance against embedding hidden commands. Additionally, the episode covers a cyber incident in Yellowknife, causing severe disruptions to municipal services and emphasizing the importance of cyber hygiene and support from higher government levels. Lastly, Jim examines how a Windows 11 patch has created a new vulnerability, stressing the need for enhanced monitoring and quick updates. 00:00 Introduction and Overview 00:21 The Shy Ude Worm: A New Threat 02:19 Steganography: Hiding in Plain Sight 05:30 Cybersecurity Incident in Yellowknife 07:24 Microsoft's Patch Problems 08:27 Conclusion and Contact Information

This is a recap of the top 10 posts on Hacker News on September 16, 2025. This podcast was generated by wondercraft.ai (00:30): Man jailed for parole violations after refusing to decrypt his Tor nodeOriginal post: https://news.ycombinator.com/item?id=45261163&utm_source=wondercraft_ai(01:51): Shai-Hulud malware attack: Tinycolor and over 40 NPM packages compromisedOriginal post: https://news.ycombinator.com/item?id=45260741&utm_source=wondercraft_ai(03:12): Top UN legal investigators conclude Israel is guilty of genocide in GazaOriginal post: https://news.ycombinator.com/item?id=45259553&utm_source=wondercraft_ai(04:33): Things you can do with a Software Defined Radio (2024)Original post: https://news.ycombinator.com/item?id=45262835&utm_source=wondercraft_ai(05:55): Linux phones are more important now than everOriginal post: https://news.ycombinator.com/item?id=45256651&utm_source=wondercraft_ai(07:16): Denmark close to wiping out cancer-causing HPV strains after vaccine roll-outOriginal post: https://news.ycombinator.com/item?id=45265745&utm_source=wondercraft_ai(08:37): Waymo has received our pilot permit allowing for commercial operations at SFOOriginal post: https://news.ycombinator.com/item?id=45264562&utm_source=wondercraft_ai(09:59): I feel Apple has lost its alignment with me and other long-time customersOriginal post: https://news.ycombinator.com/item?id=45256577&utm_source=wondercraft_ai(11:20): "Your" vs. "My" in user interfacesOriginal post: https://news.ycombinator.com/item?id=45257627&utm_source=wondercraft_ai(12:41): Robert Redford has diedOriginal post: https://news.ycombinator.com/item?id=45261159&utm_source=wondercraft_aiThis is a third-party project, independent from HN and YC. Text and audio generated using AI, by wondercraft.ai. Create your own studio quality podcast with text as the only input in seconds at app.wondercraft.ai. Issues or feedback? We'd love to hear from you: team@wondercraft.ai

This week on Reimagining Cyber, we unpack one of the biggest supply chain attacks of the year: the NPM hack. Attackers compromised widely used packages like Chalk and Debug—billions of weekly downloads—slipping in code that silently hijacked crypto transactions. Tyler Moffitt joins us to explain how it happened, who's most at risk, and the practical steps every developer and security leader should take right now.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.

Apple Updates Apple released major updates for all of its operating systems. In addition to new features, these updates patch 33 different vulnerabilities. https://isc.sans.edu/diary/Apple%20Updates%20Everything%20-%20iOS%20macOS%2026%20Edition/32286 Microsoft End of Life October 14th, support for Windows 10, Exchange 2016, and Exchange 2019 will end. https://support.microsoft.com/en-us/windows/windows-10-support-ends-on-october-14-2025-2ca8b313-1946-43d3-b55c-2b95b107f281#:~:text=As%20a%20reminder%2C%20Windows%2010,one%20that%20supports%20Windows%2011. https://techcommunity.microsoft.com/blog/exchange/t-9-months-exchange-server-2016-and-exchange-server-2019-end-of-support/4366605 Phishing Targeting Rust Developers Rust developers are reporting similar phishing emails as the emails causing the major NPM compromise last week. https://github.com/rust-lang/crates.io/discussions/11889#discussion-8886064 Samsung Patches 0-Day Samsung released its monthly updates for its flagship phones fixing, among other vulnerability, an already exploited 0-day. https://security.samsungmobile.com/securityUpdate.smsb

On this episode, NPM Europe editor Peter Kneller catches up with NTR CIO Anthony Doherty to discuss likely outcomes from Ireland's current RESS 5 competition, ongoing corporate PPA appetite in the country, how asset valuations have held up and the energy transition fundraising environment.NPM is a leading data, intelligence & events company providing business development led coverage of the US & European power, storage & data center markets for the development, finance, M&A and corporate community.Download our mobile app.

Show DescriptionDave's got a Whiskey related content warning, recent security vulnerabilities in NPM, challenges with password management, and the complexities of digital security. They delve into Google's antitrust issues and the dynamics of the browser market, before transitioning to innovations in CSS, including custom properties and functions. The conversation wraps up with thoughts on the future of CSS and web development. Listen on WebsiteLinks Whiskey Web and Whatnot: Web Development, Neat Storybook: Frontend workshop for UI development Largest NPM Compromise in History - Supply Chain Attack : r/programming We all dodged a bullet - Xe Iaso Post by @cabel.panic.com — Bluesky Special: One on One with a Hacker – ShopTalk 1Password Watchtower This 25-minute video is the most riveting sudoku puzzle you will ever watch | The Verge Many years on the job and I still don't get it. - daverupert.com if() - CSS | MDN CSS at-rule functions - CSS | MDN CSS color-scheme-dependent colors with light-dark() – Bram.us Matthias Ott

Segment 1 - Interview with Jeff Pollard Introducing Forrester's AEGIS Framework: Agentic AI Enterprise Guardrails For Information Security For this episode's interview, we're talking to Forrester analyst Jeff Pollard. I'm pulling this segment's description directly from the report's executive summary, which I think says it best: As AI agents and agentic AI are introduced to the enterprise, they present new challenges for CISOs. Traditional cybersecurity architectures were designed for organizations built around people. Agentic AI destroys that notion. In the near future, organizations will build for goal-oriented, ephemeral, scalable, dynamic agents where unpredictable emergent behaviors are incentivized to accomplish objectives. This change won't be as simple or as straightforward as mobile and cloud — and that's bad news for security leaders who in some cases still find themselves challenged by cloud security. Segment 2 - Weekly News Then, in the enterprise security news, there's funding and acquisitions, but we're not going to talk about them AI's gonna call the cops on you and everyone's losing money on it and Anthropic agreed to pay for all the copyright infringement they did when training models and Otter.ai got sued for recording millions of conversations without consent Burger King got embarrassed and their lawyers didn't like it NPM package mayhem certificate authority hijinks AI darwin awards All that and more, on this episode of Enterprise Security Weekly. Segment 3 - Executive Interviews from Black Hat 2025 Interview with Rohit Dhamankar from Fortra Live from Black Hat 2025 in Las Vegas, Matt Alderman sits down with Rohit Dhamankar, VP of Product Strategy at Fortra, to dive deep into the evolving world of offensive security. From red teaming and pen testing to the rise of AI-powered threat simulation and continuous penetration testing, this conversation is a must-watch for CISOs, security architects, and compliance pros navigating today's dynamic threat landscape. Learn why regulatory bodies worldwide are now embedding offensive security requirements into frameworks like PCI DSS 4.0, and how organizations can adopt scalable strategies—even with limited red team resources. Rohit breaks down the nuances of purple teaming, AI-assisted red teaming, and the role of BAS platforms in enhancing defense postures. Whether you're building in-house capabilities or leveraging external partners, this interview reveals key insights on security maturity, strategic outsourcing, and the future of cyber offense and defense convergence. This segment is sponsored by Fortra. Visit https://securityweekly.com/fortrabh to learn more! Interview with Michael Leland from Island At BlackHat 2025 in Las Vegas, Matt Alderman sits down with Michael Leland, VP Field CTO at Island, to tackle one of cybersecurity's most urgent realities: compromised credentials aren't a possibility — they're a guarantee. From deepfakes to phishing and malicious browser plug-ins, attackers aren't “breaking in” anymore… they're logging in. Michael reveals how organizations can protect stolen credentials from being used, why the browser is now the second weakest link in enterprise security, and how Island's enterprise browser can enforce multi-factor authentication at critical moments, block unsanctioned logins in real time, and control risky extensions with live risk scoring of 230,000+ Chrome plug-ins. Key takeaways: Why credential compromise is inevitable — and how to stop credential use How presentation layer DLP prevents data leaks inside and outside apps Real-time blocking of phishing logins and unsanctioned SaaS access Plug-in risk scoring, version pinning, and selective extension control Enabling BYOD securely — even after a catastrophic laptop loss Why many users never go back to Chrome, Edge, or Safari after switching Segment Resources: https://www.island.io/blog/how-the-enterprise-browser-neutralizes-the-risks-of-compromised-credentials This segment is sponsored by Island. Visit https://securityweekly.com/islandbh to learn more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-424

In this episode, we are joined by special guests Mike Herchel and Andy Giles, founders of Dripyard. Dripyard is a premium Drupal theme designed to reduce the cost of ownership and enhance the developer experience for modern Drupal projects. Mike and Andy share insights into their motivation behind launching Dripyard, the detailed work that goes into creating accessible, high-quality themes, and how their themes will integrate with upcoming Drupal features like Canvas. We also discuss the module of the week, Content First, and a crucial public service announcement about a supply chain attack impacting NPM tools. For show notes visit: https://www.talkingDrupal.com/520 Topics Meet the Guests: Mike Herchel and Andy Giles Module of the Week: Content First Public Service Announcement: NPM Supply Chain Attack Event Spotlight: Bad Camp 2025 Introducing Dripyard: A New Drupal Theme Company The Concept and Vision Behind Dripyard The Importance of Accessibility in Themes Building Themes for the General Public Supporting Drupal CMS and Canvas Supporting Custom and Contrib Modules Styling Challenges with Webform Module Consulting Services for Theme Integration Sub-Theming and Customization Options Support and Assistance for Non-Developers Recipes for Efficient Theme Setup Modern CSS and JavaScript Practices Target Audience and Market Focus Licensing and Open Source Considerations Final Thoughts and Contact Information Module of the Week with Martin Anderson-Clutz - mandclu.com mandclu Content First - The Content First module provides a simple tool for viewing the plain text content of any node without design, media, or layout distractions. It helps content teams, editors, and designers focus on what matters most: the content itself. Whether you're drafting, reviewing, or rethinking your site's messaging, this module supports a true “content-first” approach by giving you a clean, layout-free version of your page. Resources Dripyard Supply Side Attack - Also this link grep -r --binary-files=text _0x112fa81 to diagnose if you've been impacted Should I Use a Carousel? Guests Mike Herchel mherchel Andy Giles andyg5000 dripyard.com Hosts John Picozzi - epam.com johnpicozzi Martin Anderson-Clutz - mandclu.com mandclu James Sansbury - tugboatqa.com q0rban

Cybersecurity Today: NPM Attack, Void Proxy Phishing, and Major Business Disruptions In this episode of Cybersecurity Today, host David Shipley discusses a recent massive NPM attack that, despite causing significant disruption, left hackers with minimal gains. We also cover a new, highly sophisticated phishing service called Void Proxy, which targets Microsoft and Google accounts. Additionally, we delve into the severe repercussions of cyber attacks on major companies like Jaguar Land Rover and Marks and Spencer, highlighting the wide-ranging impacts on supply chains and leadership. Join us for the latest updates and insights from the world of cybersecurity. 00:00 Introduction and Headlines 00:35 Massive NPM Attack: What Happened? 02:53 Void Proxy: A New Phishing Threat 05:31 Jaguar Land Rover Cyber Attack Impact 06:59 Marks and Spencer Leadership Change 08:04 Conclusion and Final Thoughts

Segment 1 - Interview with Jeff Pollard Introducing Forrester's AEGIS Framework: Agentic AI Enterprise Guardrails For Information Security For this episode's interview, we're talking to Forrester analyst Jeff Pollard. I'm pulling this segment's description directly from the report's executive summary, which I think says it best: As AI agents and agentic AI are introduced to the enterprise, they present new challenges for CISOs. Traditional cybersecurity architectures were designed for organizations built around people. Agentic AI destroys that notion. In the near future, organizations will build for goal-oriented, ephemeral, scalable, dynamic agents where unpredictable emergent behaviors are incentivized to accomplish objectives. This change won't be as simple or as straightforward as mobile and cloud — and that's bad news for security leaders who in some cases still find themselves challenged by cloud security. Segment 2 - Weekly News Then, in the enterprise security news, there's funding and acquisitions, but we're not going to talk about them AI's gonna call the cops on you and everyone's losing money on it and Anthropic agreed to pay for all the copyright infringement they did when training models and Otter.ai got sued for recording millions of conversations without consent Burger King got embarrassed and their lawyers didn't like it NPM package mayhem certificate authority hijinks AI darwin awards All that and more, on this episode of Enterprise Security Weekly. Segment 3 - Executive Interviews from Black Hat 2025 Interview with Rohit Dhamankar from Fortra Live from Black Hat 2025 in Las Vegas, Matt Alderman sits down with Rohit Dhamankar, VP of Product Strategy at Fortra, to dive deep into the evolving world of offensive security. From red teaming and pen testing to the rise of AI-powered threat simulation and continuous penetration testing, this conversation is a must-watch for CISOs, security architects, and compliance pros navigating today's dynamic threat landscape. Learn why regulatory bodies worldwide are now embedding offensive security requirements into frameworks like PCI DSS 4.0, and how organizations can adopt scalable strategies—even with limited red team resources. Rohit breaks down the nuances of purple teaming, AI-assisted red teaming, and the role of BAS platforms in enhancing defense postures. Whether you're building in-house capabilities or leveraging external partners, this interview reveals key insights on security maturity, strategic outsourcing, and the future of cyber offense and defense convergence. This segment is sponsored by Fortra. Visit https://securityweekly.com/fortrabh to learn more! Interview with Michael Leland from Island At BlackHat 2025 in Las Vegas, Matt Alderman sits down with Michael Leland, VP Field CTO at Island, to tackle one of cybersecurity's most urgent realities: compromised credentials aren't a possibility — they're a guarantee. From deepfakes to phishing and malicious browser plug-ins, attackers aren't “breaking in” anymore… they're logging in. Michael reveals how organizations can protect stolen credentials from being used, why the browser is now the second weakest link in enterprise security, and how Island's enterprise browser can enforce multi-factor authentication at critical moments, block unsanctioned logins in real time, and control risky extensions with live risk scoring of 230,000+ Chrome plug-ins. Key takeaways: Why credential compromise is inevitable — and how to stop credential use How presentation layer DLP prevents data leaks inside and outside apps Real-time blocking of phishing logins and unsanctioned SaaS access Plug-in risk scoring, version pinning, and selective extension control Enabling BYOD securely — even after a catastrophic laptop loss Why many users never go back to Chrome, Edge, or Safari after switching Segment Resources: https://www.island.io/blog/how-the-enterprise-browser-neutralizes-the-risks-of-compromised-credentials This segment is sponsored by Island. Visit https://securityweekly.com/islandbh to learn more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-424

The panel opened with reflections on the tragic assassination of Charlie Kirk and other recent violent events, framing them through the lens of The Fourth Turning by Strauss & Howe.Discussion on how history moves in ~80–100 year cycles of crisis and renewal, with Bitcoin and decentralized protocols potentially forming the backbone of the next institutional order.John emphasized perspective, comparing today's turmoil with past upheavals (1960s, 1970s, World Wars), and highlighted the role of media saturation in shaping perceptions.Panelists praised Kirk's willingness to debate respectfully, lamenting the erosion of open dialogue in society.Shifted to macro: China's gold accumulation as a hedge against dollar hegemony, interpreted as part of a global move toward neutral reserve assets—gold today, Bitcoin tomorrow.Deep dive into U.S. financial surveillance: the inefficiencies of the Bank Secrecy Act (BSA) and threats of extending the Patriot Act to digital assets. Panelists argued KYC/AML laws are largely ineffective at stopping crime but very effective at surveilling citizens.Highlighted the DOJ's case against Samourai Wallet as an example of U.S. hostility toward Bitcoin privacy tools.Covered this week's major supply-chain attack on NPM packages, noting minimal impact but using it as a PSA: always verify addresses on hardware wallets and beware phishing scams.Tether launched a U.S.-regulated stablecoin (USAT). The panel explored how this intersects with the Genius Act, which would require stablecoin reserves to be in U.S. Treasuries, effectively creating a new forced buyer of U.S. debt.Quick hits: MicroStrategy denied S&P 500 inclusion (for now), BLS quietly revised U.S. job numbers down by 900k, Gemini goes public, and Michael Saylor positions MicroStrategy as a “Bitcoin capital markets” play. Swan Private helps HNWI, companies, trusts, and other entities go beyond legacy finance with BItcoin. Learn more at swan.com/private. Put Bitcoin into your IRA and own your future. Check out swan.com/ira.Swan Vault makes advanced Bitcoin security simple. Learn more at swan.com/vault.

Hackers left empty-handed after massive NPM supply-chain attack

The crypto community once again is dodging digital landmines as Ledger’s CTO screams “stop those onchain transactions!” thanks to a sneaky NPM supply chain attack hitting over a billion downloads. That’s right, hackers are out here snatching crypto like it’s candy. Meanwhile, Bitcoin Hyper’s presale is going full supernova, Oracle’s AI cloud dreams are spiking their stock, and Trump Media is hoarding $6 billion in CRO tokens for Truth Social’s big flex. From Nasdaq’s $50M Gemini IPO bet to Worldcoin’s AI identity takeover, we’re unpacking it all with our signature badness. Grab your hardware wallet, strap in, or strap on if you are into that kind of thing, and jump on board for our bad news episode #789 of The Bad Crypto Podcast. Full Show Notes at: http://badco.in/789 SUBSCRIBE, RATE, & REVIEW: Apple Podcast: http://badco.in/itunes Google Podcasts: http://badco.in/google Spotify: http://badco.in/spotify Amazon Music: http://badco.in/amazon FREE NFTs when you JOIN THE BAD CRYPTO NIFTY CLUB at https://badcrypto.uncut.network FOLLOW US ON SOCIAL MEDIA: Twitter: @badcryptopod - @joelcomm - @teedubya Facebook: /BadCrypto - /JoelComm - /teedubyaw Facebook Mastermind Group: /BadCrypto LinkedIn: /in/joelcomm - /in/teedubya Instagram: @BadCryptoPodcast Email: badcryptopodcast[at]gmail[dot]com Phone: SEVEN-OH-8-88FIVE- 90THIRTY DISCLAIMER: Do your own due diligence and research. Joel Comm and Travis Wright are NOT FINANCIAL ADVISORS. We are sharing our journey with you as we learn more about this crazy little thing called cryptocurrency. We make NO RECOMMENDATIONS. Don't take anything we say as gospel. Do not come to our homes with pitchforks because you lost money by listening to us. We only share with you what we are learning and what we are investing it. We will never "pump or dump" any cryptocurrencies. Take what we say with a grain of salt. You must research this stuff on your own! Just know that we will always strive for RADICAL TRANSPARENCY with any show associations.Support the show: https://badcryptopodcast.comSee omnystudio.com/listener for privacy information.

https://rhr.tv/stream - charlie kirk assassinated https://primal.net/e/nevent1qqsq83rgz6xea93qwm3r2k256zualrnn8sez3wwe7jf3s6fcjc3753g6rw5tp - ukrainian refugee iryna zarutska murdered in charlotte -massive protests in indonesia and nepal, bitchat adoption spikes https://primal.net/e/nevent1qqs0eljval9cks7g6zag4x0w5y0k9p95kq0k7gxshwxhfa24wtsmhhq457vz7 - US Government To Bring PATRIOT Act to Digital Assets https://www.therage.co/us-government-to-bring-patriot-act-to-digital-assets/ - Wholesale prices unexpectedly declined 0.1% in August, as Fed rate decision looms https://www.cnbc.com/2025/09/10/ppi-inflation-august-2025-.html - 10Y Treasury yield sinks to 4.05%, its lowest level in over 5 months https://x.com/TFTC21/status/1965151472376840274 - craig raw releases frigate electrum server https://primal.net/e/nevent1qqsxtg6cdtyv9yytwl3kc0jnzzssc8k7xzwju64tyqqry9wfwld8tvcvqunxg - zaprite launches event tickets functionality https://blog.zaprite.com/introducing-zaprite-event-tickets/ - DTAN torrent search updates https://primal.net/e/nevent1qqs0ass0muu26x0jeq9qnuty0guz94ftdx82xk84lkme03pnhjdqn2qkpeau2 - android security patches moves to quarterly model instead of monthly https://primal.net/e/nevent1qqsqjkv0czfh6py3vs6gcyu2259xkdte3tfk9vwpwpu7v430vthjmns7v03hz - NATO has invoked Article 4 of the North Atlantic Treaty at Poland's request after dozens of Russian one-way attack drones violated Polish airspace https://primal.net/e/nevent1qqsgel5fey6c2gqpz97wgejx5798xxc9j9twh56s869mhvtp927m5tgd4h72m 2:35 - Charlie Kirk 14:40 - Iryna Zarutska 21:45 - Dashboard 23:25 - Bitchat amid protests 32:15 - Digital asset PATRIOT Act 44:55 - PPI -0.1% 50:45 - 10yr yield 54:15 - Boosts 55:25 - HRF Story of the Week 57:29 - Software updates 1:17:25 - NPM vulnerability 1:21:10 - NATO Article 4 1:25:45 - MAHA 1:32:35 - Cattlebike 1:45:25 - Bessent ass kicking Shoutout to our sponsors: Coinkite https://coinkite.com/ Stakwork https://stakwork.ai/ Obscura https://obscura.net/ Follow Marty Bent: Twitter https://twitter.com/martybent Nostr https://primal.net/marty Newsletter https://tftc.io/martys-bent/ Podcast https://tftc.io/podcasts/ Follow Odell: Nostr https://primal.net/odell Newsletter https://discreetlog.com/ Podcast https://citadeldispatch.com/

Dennis and Lindsey discuss the targeted compromises of NPM packages (1:00) and the pointed letter that Sen. Ron Wyden sent to the FTC chairman asking for Microsoft to be held liable for the Ascension ransomware attack last year (11:45) before finally touching on Apple's new memory safety technology for new iPhones (20:43).NPM compromise: https://decipher.sc/2025/09/08/targeted-attack-compromises-popular-npm-packages/Wyden and Microsoft: https://decipher.sc/2025/09/10/senator-flags-microsofts-role-in-the-ascension-ransomware-hack/Apple memory safety: https://security.apple.com/blog/memory-integrity-enforcement/

Thousands had data leaked in blood center ransomware attack UK Electoral Commission recovers, 3 years after China hack Npm packages with 2 billion weekly downloads targeted in supply chain attack Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines.  

Saindo do forno, um novo podcast de Norma Melhorança em uma conversa inspiradora com Rosinete Mendonça Melo. Reconhecida por sua vasta experiência e contribuições significativas para a área, Rosinete é uma psicóloga clínica (CRP 15/0024), psicanalista didata e membro efetivo da SPRPE/NPM/FEBRAPSIPPA.Com especializações em psicologia hospitalar (USP/SCMM) e clínica, Rosinete traz um olhar único e profundo sobre o cuidado com a saúde mental em diversos contextos. Atualmente, ela atua como diretora científica do NPM e assessora voluntária do Grupo de Psicologia da Santa Casa de Misericórdia de Maceió (SCMM), além de ser graduada em Adultez Madura pelo GGAPP-GEA.Neste bate-papo, exploramos a rica trajetória de Rosinete Mendonça Melo, sua atuação como psicanalista didata e seu papel como diretora científica. A conversa é um convite para entender a importância do trabalho clínico, as nuances da psicologia hospitalar e o contínuo desenvolvimento da psicanálise.Prepare-se para uma troca de saberes que ilumina a prática profissional e a dedicação de uma vida ao serviço da saúde mental.

In deze aflevering bespreken we de hack van NPM software packages, die onder andere gebruikt worden voor Bitcoin en Crypro wallets. Door de gehackte software wordt tijdens een transactie het ontvangstadres verandert. Paul legt aan Marina uit hoe deze NPM software packages werken, wat dit met Bitcoin te maken heeft en wat je kan doen om jouw bitcoin veilig te versturen.Extra aantekeningen:Meer informatie en een overzicht van de betroffen packages vind je hier: https://www.aikido.dev/blog/npm-debug-and-chalk-packages-compromised

Major npm compromise A number of high-profile npm libraries were compromised after developers fell for a phishing email. This compromise affected libraries with a total of hundreds of millions of downloads a week. https://bsky.app/profile/bad-at-computer.bsky.social/post/3lydioq5swk2y https://github.com/orgs/community/discussions/172738 https://github.com/chalk/chalk/issues/656#issuecomment-3266894253 https://www.aikido.dev/blog/npm-debug-and-chalk-packages-compromised HTTP Request Signatures It looks like some search engines and AI bots are starting to use the HTTP request signature. This should make it easier to identify bot traffic. https://isc.sans.edu/diary/HTTP%20Request%20Signatures/32266

Crypto News: Crypto users urged to take extreme care as NPM attack hits core JavaScript libraries. SwissBorg hacked for $41M SOL after third-party API compromise. CoinShares to go public in the US through $1.2B SPAC merger. HashKey launches $500M digital asset treasury fund in Hong Kong.Show Sponsor -

AI Hellhounds, Anthropic, iCloud, NPM, gitforked, notdoor, TOR, Signal, WhatsApp, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-510

Three Buddy Problem - Episode 61: We cover a pair of software supply chain breaches (Salesforce Salesloft Drift and NPM/GitHub) that raises big questions about SaaS integrations and the ripple effects across major security vendors. Plus, Apple's new Memory Integrity Enforcement in iPhone 17 and discussion on commercial spyware infections and the value of Apple notifications; concerns around Chinese hardware and surveillance equipment in US infrastructure; Silicon Valley profiting from China's surveillance ecosystem; and controversy around a Huntress disclosure of an attacker's operations after an EDR agent was mistakenly installed. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

In the second hour, we continue our conversation regarding the fate of Public Broadcasting due to The Corporation For Public Broadcasting closing this month. We speak with Brian Wadsworth, The Chief Operating Officer for Native Public Media. He speaks about the need for Tribal Stations, the work NPM does for those stations and a handshake deal with a South Dakota Senator to provide help. Then, something we talked about on a TSBAT last month made it all the way to the US Senate and thank god, there are visuals to boot! Let's say we all end this one in style with This Shouldn't Be A Thing - Kasper's Dream Car Edition. As always, thank you for listening, texting and calling, we couldn't do this without you! Don't forget to download the free Civic Media app and take us wherever you are in the world! Matenaer On Air is a part of the Civic Media radio network and airs weekday mornings from 9-11 across the state. Subscribe to the podcast to be sure not to miss out on a single episode! You can also rate us on your podcast distribution center of choice. It goes a long way! Guest: Brian Wadsworth

This is a recap of the top 10 posts on Hacker News on September 08, 2025. This podcast was generated by wondercraft.ai (00:30): NPM debug and chalk packages compromisedOriginal post: https://news.ycombinator.com/item?id=45169657&utm_source=wondercraft_ai(01:51): Signal Secure BackupsOriginal post: https://news.ycombinator.com/item?id=45170515&utm_source=wondercraft_ai(03:12): Chat Control Must Be StoppedOriginal post: https://news.ycombinator.com/item?id=45173277&utm_source=wondercraft_ai(04:34): 14 Killed in anti-government protests in NepalOriginal post: https://news.ycombinator.com/item?id=45166972&utm_source=wondercraft_ai(05:55): Immich – High performance self-hosted photo and video managementOriginal post: https://news.ycombinator.com/item?id=45165684&utm_source=wondercraft_ai(07:17): Meta suppressed research on child safety, employees sayOriginal post: https://news.ycombinator.com/item?id=45167705&utm_source=wondercraft_ai(08:38): iPhone dumbphoneOriginal post: https://news.ycombinator.com/item?id=45171200&utm_source=wondercraft_ai(10:00): Experimenting with Local LLMs on macOSOriginal post: https://news.ycombinator.com/item?id=45168953&utm_source=wondercraft_ai(11:21): No adblocker detectedOriginal post: https://news.ycombinator.com/item?id=45176206&utm_source=wondercraft_ai(12:43): How RSS beat MicrosoftOriginal post: https://news.ycombinator.com/item?id=45166750&utm_source=wondercraft_aiThis is a third-party project, independent from HN and YC. Text and audio generated using AI, by wondercraft.ai. Create your own studio quality podcast with text as the only input in seconds at app.wondercraft.ai. Issues or feedback? We'd love to hear from you: team@wondercraft.ai

Fidelity quietly launches a tokenized fund on Ethereum. BitMine's treasury surpasses 2 million ETH. An NPM supply chain attack impacts front ends. And MegaETH introduces its USDm stablecoin. Read more: https://ethdaily.io/778 Disclaimer: Content is for informational purposes only, not endorsement or investment advice. The accuracy of information is not guaranteed.

AI Hellhounds, Anthropic, iCloud, NPM, gitforked, notdoor, TOR, Signal, WhatsApp, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-510

AI Hellhounds, Anthropic, iCloud, NPM, gitforked, notdoor, TOR, Signal, WhatsApp, Josh Marpet, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-510

Eversheds Sutherland's Thomas Warren, Partner and Co-Head of Global Energy and Frank Comparetto, Counsel in the US Tax Practice Group, join Jon Berke on the podcast this week.The duo discuss some of the impacts from the IRS guidance released on August 15th regarding safe harboring, how storage developers are going to map out their game plan despite getting favorable treatment under the One Big Beautiful Bill Act (OBBBA) and later how clean energy developers will tap the capital markets in the back half of the year.NPM is a leading data, intelligence & events company providing business development led coverage of the US & European power, storage & data center markets for the development, finance, M&A and corporate community.Download our mobile app.

In this episode of Ministry Monday we speak to Jennifer Kluge, Executive Director of NPM. Jennifer shares takeaways from all 5 locations of NPM On the Road this summer, the financial impact from the events, and what to expect at the 2026 National Convention next summer in Washington, DC.

John Stroud, managing director of Limes Renewable Energy, joins the NPM podcast this week to discuss the future of distributed energy growth under the Trump administration and what aid is being provided at the state level for both incentives and legislation.The Italian domiciled Limes established a US presence this year to develop community solar projects in Illinois and Maryland.NPM is a leading data, intelligence & events company providing business development led coverage of the US & European power, storage & data center markets for the development, finance, M&A and corporate community.Download our mobile app.

Good afternoon, I'm _____ with today's episode of EZ News. Tai-Ex opening The Tai-Ex opened 71-points this morning from yesterday's close, at 24,033 on turnover of $7.2-billion N-T. Taiwan and US sign MOU on combating cross-border drug trafficking Taiwan and the United States have signed a memorandum of understanding to jointly combat transnational drug trafficking. According to the American Institute in Taiwan, the agreement will enhance intelligence sharing between the U-S Drug Enforcement Administration and the Taiwan High Prosecutors Office .. ….. by "enabling more efficient investigations and prosecutions of transnational drug trafficking organizations." A-I-T has issues a press release quoting D-E-A Asia Pacific Division Special Agent in charge John Scott as saying that the annual forum represents the "shared commitment of Taiwan and the United States to combat the scourge (禍害) of drug trafficking." NPM to show 'meat-shaped stone' in first exhibition in Yilan The National Palace Museum has announced that its iconic "meat-shaped stone" and 14 other artifacts will be going on disply in Yilan for the first time. The artifacts will be part of a special exhibition co-organized with the Lanyang Museum in December. Along with its famed "meat-shaped stone," the National Palace Museum also selected a jade duck piece dating back to the Song and Yuan dynasties, a porcelain chicken cup in doucai painted enamels from the Ming dynasty … … and a revolving vase with swimming fish in cobalt blue glaze (釉) from the Qing dynasty as some of the artifacts that will be featured in the Yilan exhibition. Moscow says foreign troops in Ukraine would be ‘unacceptable' Russia called "absolutely unacceptable" the idea of deploying foreign forces in Ukraine discussed by Europe and Kiev as part of security guarantees for Ukraine. Foreign Minister Sergey Lavrov accused the so-called "coalition of the willing" countries of attempts to undermine US President Donald Trump's peacemaking efforts. And reiterated (重申) any discussions of European security, Ukraine included, must involve Russia. Daria Bondarchuk reports from Moscow. Uganda Announces US Deal to Take Deported Migrants Uganda's foreign ministry says the African country has agreed to a deal with the United States to take deported migrants as long as they don't have criminal records and are not unaccompanied minors. The ministry said in a statement Thursday that the agreement had been concluded but that terms were still being worked out. It added that Uganda prefers that the migrants sent there be of African nationalities (國籍), but did not elaborate on what Uganda might get in return for accepting deportees. The U.S. embassy in Uganda declined to comment on what it called “diplomatic negotiations." Human rights activists criticized the deal as possibly going against international law. New Evidence of Earlier Modern Humans and Neanderthals Interaction And new findings suggest that modern humans and Neanderthals may have interacted 100-thousand years earlier than previously thought. That's according to researchers who used CT scans and 3D mapping to study the bones of a child they believe was the result of interbreeding between the two distinct groups. The child was buried in a cave in Israel some 140-thousand years ago. Because no ancient DNA was extracted from the fossilized (變成化石的) remains, it's impossible to confirm the child's origins, but scientists say microscopic details in the bones indicate the child had traits of both groups. The findings, recently published in a peer-reviewed journal, help shed light on when the two groups began interacting and offers clues about their relationships. That was the I.C.R.T. EZ News, I'm _____. －－－－以下為 SoundOn 動態廣告－－－－ 情況緊急、靈感斷線、加班爆肝、心情低氣壓？ ♫速速速，速神湯啦♫ 30秒沖一杯，讓你一口補神氣！ 忙碌的日子裡，別忘了給自己一點剛剛好的照顧 @bullhead_1958 #牛頭牌速神湯 https://sofm.pse.is/845xm5 -- Hosting provided by SoundOn

This week's episode is the full recording of an NPM webinar discussion titled “Putting the Scale in Hyperscale,” held on August 12, 2025.Speakers include:Craig McKesson - Chief Commercial Officer, TakanockBill Thomas - Chief Energy Officer, CleanArc Data CentersSyed Ahmed - Head of Digital Infrastructure, Apterra Infrastructure CapitalKyle Younker - Senior Editor, NPM (m)The panel tackles utility constraints and policy shifts, the rise of behind-the-meter strategies, changing siting logic for training vs. inference and latency needs, and how new entrants—from renewable developers to crypto miners—are reshaping capital stacks.NPM is a leading data, intelligence & events company providing business development led coverage of the US & European power, storage & data center markets for the development, finance, M&A and corporate community.Download our mobile app.

Researchers uncover multiple vulnerabilities in a popular open-source secrets manager. Software bugs threaten satellite safety. Columbia University confirms a cyberattack. Researchers uncover malicious NPM packages posing as WhatsApp development tools.A new EDR killer tool is being used by multiple ransomware gangs. Home Improvement stores integrate AI license plate readers into their parking lots. The U.S. federal judiciary announces new cybersecurity measures after cyberattacks compromised its case management system. CISA officials reaffirm their commitment to the CVE Program. Our guest is David Wiseman, Vice President of Secure Communications at BlackBerry, discussing the challenges of secure communications. AI watermarking breaks under spectral pressure. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by David Wiseman, Vice President of Secure Communications at BlackBerry, who is discussing the challenges and misconceptions around secure communications. Selected Reading HashiCorp Vault 0-Day Flaws Enable Remote Code Execution Attacks (GB Hackers) Yamcs v5.8.6 Vulnerability Assessment (VisionSpace) Columbia University says hacker stole SSNs and other data of nearly 900,000 (The Record) Fake WhatsApp developer libraries hide destructive data-wiping code (Bleeping Computer) New EDR killer tool used by eight different ransomware groups (Bleeping Computer) Home Depot and Lowe's Share Data From Hundreds of AI Cameras With Cops (404 Media) US Federal Judiciary Tightens Security Following Escalated Cyber-Attacks (Infosecurity Magazine) CISA pledges to continue backing CVE Program after April funding fiasco  (The Record) CISA Issues 10 ICS Advisories Detailing Vulnerabilities and Exploits (GB Hackers) AI Watermark Remover Defeats Top Techniques  (IEEE Spectrum) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

On this week's episode, Roy Xu, Senior Director of Power Resources at Peninsula Clean Energy (PCE) joins Jillian Ward to discuss the shifting landscape that new energy projects are facing in the wake of the US budget reconciliation bill passage. Xu also shares his view on how the energy market for California could evolve over the next few years as a result.Roy oversees long-term resource planning, strategic supply-side procurement, and portfolio management and operation at PCE. Prior to joining PCE, Roy led wholesale power contracting at a Publicly Owned Utility in California for over a decade.NPM is a leading data, intelligence & events company providing business development led coverage of the US & European power, storage & data center markets for the development, finance, M&A and corporate community.Download our mobile app.

The White House unveils its plan for global AI dominance. Microsoft warns that recent SharePoint server exploitation may extend to ransomware. A phishing campaign targeting the U.S. Department of Education's grants portal. The FBI issues a warning about “The Com” cybercriminal group. SonicWall urges users to patch a critical vulnerability. A new supply chain attack has compromised several popular NPM packages. Joe Carrigan, co-host of the Hacking Humans podcast, joins to discuss how scammers are exploiting misconfigured point-of-sale terminals. Japanese police release a free decryption tool for Phobos ransomware. AI takes the wheel and drives right off a cliff. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Joe Carrigan, co-host of the Hacking Humans podcast, joins to discuss how scammers are exploiting misconfigured point-of-sale terminals, highlighting severe vulnerabilities that small businesses often overlook. If you want to hear more from Joe, head over to the Hacking Humans page. Selected Reading From Tech Podcasts to Policy: Trump's New AI Plan Leans Heavily on Silicon Valley Industry Ideas (SecurityWeek) Hackers hit more than 400 organizations in Microsoft SharePoint hacks (Axios) Microsoft says some SharePoint server hackers now using ransomware (Reuters) Hackers Clone U.S. Department of Education's Grant Site in Credential Theft Campaign (TechNadu) Copilot Vision on Windows 11 sends data to Microsoft servers (The Register) FBI: Thousands of people involved in 'The Com' targeting victims with ransomware, swatting (The Record) SonicWall urges admins to patch critical RCE flaw in SMA 100 devices (Bleeping Computer) High-Value NPM Developers Compromised in New Phishing Campaign (SecurityWeek) Free decryptor for victims of Phobos ransomware released (Fortra) 'I destroyed months of your work in seconds' says AI coding tool after deleting a dev's entire database during a code freeze: 'I panicked instead of thinking' (PC Gamer) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Reversing SharePoint Toolshell Exploits CVE-2025-53770 and CVE-2025-53771 A quick walk-through showing how to decode the payload of recent SharePoint exploits https://isc.sans.edu/diary/Analyzing%20Sharepoint%20Exploits%20%28CVE-2025-53770%2C%20CVE-2025-53771%29/32138 Compromised JavaScript NPM is Package The popular npm package is was compromised by malware. Luckily, the malicious code was found quickly, and it was reversed after about five hours. https://socket.dev/blog/npm-is-package-hijacked-in-expanding-supply-chain-attack Microsoft Quick Machine Recovery Microsoft added a new quick machine recovery feature to Windows 11. If the system is stuck in a reboot loop, it will boot to a rescue partition and attempt to find fixes from Microsoft. https://learn.microsoft.com/en-gb/windows/configuration/quick-machine-recovery/?tabs=intune

The musical world (both in music education, technology, and music ministry) has been adjusting to the reality of a world without Finale. It's been a guiding post in music notation software for many musicians. It's the software I learned on in music school. But sadly, after announcing last year that MakeMusic (Finale's parent company) would no longer support new software updates, it was time to begin shopping for another option. Today's episode of Ministry Monday features the prelude to a 4-part series on music notation software that NPM offered in the spring of 2024. While we invite you to watch all sessions if you're an NPM member (as it is a membership benefit), we offer a segment of the first episode which featured a discussion on copyright licensing within the paradigm of music notation software. To put it bluntly, we ask: are we allowed to re-engrave on music notation software, for the sake of a unified worship aid? If so, how do we report? And many more questions. For more information on Dorico, a music notation software which has become the frontrunner for Finale's replacement, check out the article written by Tony Ward in the July edition of Pastoral Music magazine. It's a resource that's yet another benefit of an NPM membership. (Have I sold you on renewing your membership yet?)

Timestamps00:00 – Introduction00:28 – What are Babel Fees?01:56 – MLabs' Leaner Approach: Pisa02:24 – How Pisa Works02:52 – Wallet & DApp Integration Goals03:19 – Example Use Case04:19 – Pisa User Experience05:12 – Integration Options06:09 – Confirming ADA Is Still Used Under the Hood06:37 – SPO Involvement?07:34 – How Pisa Handles Transactions08:31 – What Users Receive09:30 – Pisa Fees & Revenue Model11:09 – Support for Long-Tail Tokens12:07 – Developer Integration Effort13:35 – Target Audience & SDKs14:05 – Pisa Launch Timeline14:33 – Upcoming CIP Standard15:27 – Closing RemarksIn this episode, I speak with Ben Hart, Chase, and Luke from MLabs about Pisa – their smart contract implementation of Babel fees on Cardano. Pisa allows users to pay for transaction fees, minimum ADA, and collateral using native tokens instead of ADA. The smart contract handles real-time token swaps behind the scenes and returns a ready-to-submit transaction. No changes to the Cardano ledger are required. SPOs are involved as normal, and there's no batching – just seamless UX. Developers can integrate Pisa with a few lines of code via HTTP API or an upcoming NPM package. Topics include:What Babel fees areHow Pisa improves the user experienceDifferences from other solutions like AquariumDeveloper integration and the planned CIPLaunch timelines and supported tokensPisa launches within 60 days and is set to improve onboarding for wallets, DeFi apps, and games across Cardano.

In this potluck episode of Syntax, Wes and Scott answer your questions about maintaining popular open-source projects, where to start after a layoff, impostor syndrome, Scott's recording setup, whether a computer science degree is still worth it in the age of AI, and more! Show Notes 00:00 Welcome to Syntax! 00:44 Brought to you bySentry.io 04:16 How to maintain a successful NPM package 08:03 What to do in Denver while attending Laracon 11:18 How to branch out and learn new frameworks while balancing work life and family 15:55 Built-in state management vs external state managementFull Stack App Build | Travel Log w/ Nuxt, Vue, Better Auth, Drizzle, Tailwind, DaisyUI, MapLibre 19:43 Suggestion for CSS battles: Removing white space and new lines after the time limit? 23:06 What is Scott's recording setup? Aputure Light Dome Aputure Amaran 150c Sony FX3 Electro-Voice RE20 27:46 Snake case vs camel caseEye Tracking Study on camelCase and under_score Identifier Styles 31:16 Have you ever had impostor syndrome? 34:56 Is a degree worth it for computer science or machine learning? 38:41 Should I use a reverse proxy server?Ep 798: Self Hosting: Reverse Proxy Servers 42:03 Where to start when updating your webdev skillset 50:11 Sick Picks + Shameless Plugs Sick Picks Scott:Cardboard Cutter Wes:Kitchen Scissors Shameless Plugs Syntax YouTube Channel Hit us up on Socials! Syntax:XInstagramTiktokLinkedInThreads Wes:XInstagramTiktokLinkedInThreads Scott:XInstagramTiktokLinkedInThreads Randy:XInstagramYouTubeThreads

An exploited iOS iMessage vulnerability Apple denies? The NPM repository is under siege with no end in sight. Were Comcast and Digital Realty compromised? Don't ask them. Matthew Green agrees: XChat does not offer true security. We may know how Russia is convicting Telegram users. Microsoft finally decides to block two insane Outlook file types. 40,000 openly available video camera are online. Who owns them? Running SpinRite on encrypted drives. An LLM describes Steve's (my) evolution on Microsoft security. What do we know about the bots that are scanning the Internet? Show Notes - https://www.grc.com/sn/SN-1030-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT bitwarden.com/twit material.security drata.com/securitynow bigid.com/securitynow

An exploited iOS iMessage vulnerability Apple denies? The NPM repository is under siege with no end in sight. Were Comcast and Digital Realty compromised? Don't ask them. Matthew Green agrees: XChat does not offer true security. We may know how Russia is convicting Telegram users. Microsoft finally decides to block two insane Outlook file types. 40,000 openly available video camera are online. Who owns them? Running SpinRite on encrypted drives. An LLM describes Steve's (my) evolution on Microsoft security. What do we know about the bots that are scanning the Internet? Show Notes - https://www.grc.com/sn/SN-1030-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT bitwarden.com/twit material.security drata.com/securitynow bigid.com/securitynow

An exploited iOS iMessage vulnerability Apple denies? The NPM repository is under siege with no end in sight. Were Comcast and Digital Realty compromised? Don't ask them. Matthew Green agrees: XChat does not offer true security. We may know how Russia is convicting Telegram users. Microsoft finally decides to block two insane Outlook file types. 40,000 openly available video camera are online. Who owns them? Running SpinRite on encrypted drives. An LLM describes Steve's (my) evolution on Microsoft security. What do we know about the bots that are scanning the Internet? Show Notes - https://www.grc.com/sn/SN-1030-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT bitwarden.com/twit material.security drata.com/securitynow bigid.com/securitynow

An exploited iOS iMessage vulnerability Apple denies? The NPM repository is under siege with no end in sight. Were Comcast and Digital Realty compromised? Don't ask them. Matthew Green agrees: XChat does not offer true security. We may know how Russia is convicting Telegram users. Microsoft finally decides to block two insane Outlook file types. 40,000 openly available video camera are online. Who owns them? Running SpinRite on encrypted drives. An LLM describes Steve's (my) evolution on Microsoft security. What do we know about the bots that are scanning the Internet? Show Notes - https://www.grc.com/sn/SN-1030-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT bitwarden.com/twit material.security drata.com/securitynow bigid.com/securitynow

An exploited iOS iMessage vulnerability Apple denies? The NPM repository is under siege with no end in sight. Were Comcast and Digital Realty compromised? Don't ask them. Matthew Green agrees: XChat does not offer true security. We may know how Russia is convicting Telegram users. Microsoft finally decides to block two insane Outlook file types. 40,000 openly available video camera are online. Who owns them? Running SpinRite on encrypted drives. An LLM describes Steve's (my) evolution on Microsoft security. What do we know about the bots that are scanning the Internet? Show Notes - https://www.grc.com/sn/SN-1030-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT bitwarden.com/twit material.security drata.com/securitynow bigid.com/securitynow

A new White House executive Order overhauls U.S. cybersecurity policy. The EU updates its “cybersecurity blueprint”. The Pentagon's inspector general  investigates Defense Secretary Hegseth's Signal messages. Chinese hackers target U.S. smartphones. A new Mirai botnet variant drops malware on vulnerable DVRs. 17 popular Gluestack packages on NPM have been compromised. Attackers exploit vulnerabilities in Fortigate security appliances to deploy Qilin ransomware. A Nigerian man gets five years in prison for a hacking and fraud scheme. Our guest is Tim Starks from CyberScoop, discussing Sean Cairncross' journey toward confirmation as the next National Cyber Director. Fire Stick flicks spark a full-on legal blitz. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Tim Starks from CyberScoop, to discuss Sean Cairncross, who's bringing a focus on policy coordination if confirmed as the next National Cyber Director. Selected Reading Trump Administration Revises Cybersecurity Rules, Replaces Biden Order (Infosecurity Magazine) Europe arms itself against cyber catastrophe (Politico) Pentagon watchdog investigates if staffers were asked to delete Hegseth's Signal messages (Associated Press) Chinese hackers and user lapses turn smartphones into a 'mobile security crisis' (Associated Press) iMessage Zero-Click Attacks Suspected in Targeting of High-Value EU, US Individuals (SecurityWeek) New Mirai botnet infect TBK DVR devices via command injection flaw (Bleeping Computer) Malware found in NPM packages with 1 million weekly downloads (Bleeping Computer) Hackers Actively Exploiting Fortigate Vulnerabilities to Deploy Qilin Ransomware (Cyber Security News) Nigerian Involved in Hacking US Tax Preparation Firms Sentenced to Prison (SecurityWeek) Hacked Fire Sticks now come with more than just malware – a possible jail sentence (Cybernews) Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Fan Favorite: This episode originally aired on April 24, 2018. As the Chaplain for the Seattle Seahawks and pastor of a massive congregation that counts names like Justin Bieber and Tim Tebow as members, Judah Smith knows a thing or two about leadership. His messages of radical love and inclusion have resonated with hundreds of thousands around the world from all different walks of life. Judah shares the leadership principles that have helped him build a strong community on this episode of Impact Theory with Tom Bilyeu. SHOW NOTES: Judah explains his role with the Seattle Seahawks and what it's taught him about leadership. [4:00] Judah discusses the art of accountability and conflict. [7:46] Judah tells the power of exposing his vulnerability to the masses. [19:22] Judah shares why communication is the backbone of all his relationships. [29:26] Judah reveals the impact he wants to have on the world. [41:25] QUOTES: "Avoiding conflict minimizes the depth of relationship that you can experience, and of course the excellence in which you can experience progress and fulfillment and live your dreams." [10:15] "I don't think people can be who they're supposed to be without community. And community doesn't have to be 10,000 people, it can be five, it can be three, it can be the right people. Not just a bunch of people, but the right people." [14:15] "The pain is part of being alive. We're not living a Disney cartoon, we're living real life. And the pain we feel, it makes us more human, it makes us more alive." [28:43] FOLLOW JUDAH SMITH: TWITTER - https://bit.ly/2HnQiWH FACEBOOK - https://bit.ly/2K6G4b3 INSTAGRAM - https://bit.ly/2HpMO1K CHECK OUT OUR SPONSORS Audible: Sign up for a free 30 day trial at https://audible.com/IMPACTTHEORY  Vital Proteins: Get 20% off by going to https://www.vitalproteins.com and entering promo code IMPACT at check out Upway: Get $150 OFF any purchase over a thousand when you use code IMPACT at https://upway.co. Thrive Market: ​​Go to https:thrivemarket.com/impact for 30% off your first order, plus a FREE $60 gift! American Alternative Assets: If you're ready to explore gold as part of your investment strategy, call 1-888-615-8047 or go to https://TomGetsGold.com Tech Unheard: Tune into Tech Unheard from Arm and NPM—wherever you get your podcasts. Monarch Money: Use code THEORY at https://monarchmoney.com for 50% off your first year! Mint Mobile: If you like your money, Mint Mobile is for you. Shop plans at https://mintmobile.com/impact.  DISCLAIMER: Upfront payment of $45 for 3-month 5 gigabyte plan required (equivalent to $15/mo.). New customer offer for first 3 months only, then full-price plan options available. Taxes & fees extra. See MINT MOBILE for details. What's up, everybody? It's Tom Bilyeu here: If you want my help... STARTING a business: join me here at ZERO TO FOUNDER SCALING a business: see if you qualify here. Get my battle-tested strategies and insights delivered weekly to your inbox: sign up here. ********************************************************************** If you're serious about leveling up your life, I urge you to check out my new podcast, Tom Bilyeu's Mindset Playbook —a goldmine of my most impactful episodes on mindset, business, and health. Trust me, your future self will thank you. ********************************************************************** Join me live on my Twitch stream. I'm live daily from 6:30 to 8:30 am PT at www.twitch.tv/tombilyeu ********************************************************************** LISTEN TO IMPACT THEORY AD FREE + BONUS EPISODES on APPLE PODCASTS: apple.co/impacttheory ********************************************************************** FOLLOW TOM: Instagram: https://www.instagram.com/tombilyeu/ Tik Tok: https://www.tiktok.com/@tombilyeu?lang=en Twitter: https://twitter.com/tombilyeu YouTube: https://www.youtube.com/@TomBilyeu Learn more about your ad choices. Visit megaphone.fm/adchoices