Published on: 2025-04-17 19:21:29
I know this has been lately decaying.. most referenced are very old, such as this one: https://github.com/richardjrossiii/CBasediOSApp Hence my question: Is it possible?
Keywords: cbasediosapp com decaying github https
Find related items on AmazonPublished on: 2025-04-28 04:31:26
A sophisticated cascading supply chain attack has compromised multiple GitHub Actions, exposing critical CI/CD secrets across tens of thousands of repositories. The attack, which originally targeted the widely used “tj-actions/changed-files” utility, is now believed to have originated from an earlier breach of the “reviewdog/action-setup@v1” GitHub Action, according to a report. The initial compromise of tj-actions/changed-files, designated as CVE-2025-30066, was discovered last week when resea
Keywords: access action actions chain github
Find related items on AmazonPublished on: 2025-04-28 00:18:29
Important open source projects should not use GitHub Published on . Modified on . Thousands of the worlds best open source projects are still hosting their code repositories on GitHub. Since Microsoft has purchased GitHub this has become a serious problem. It is no news that Microsoft purchased GitHub in 2018, everyone knows that. Yet despite that fact thousands of the worlds most important open source projects continue to host their code on GitHub. Microsoft is very actively purchasing impo
Keywords: github microsoft open relevant source
Find related items on AmazonPublished on: 2025-04-28 15:41:00
Anna Bliokh/Getty Images Have you ever wanted to build your own custom application but didn't want to take the time to do any of the pesky learning that software development requires? If so, a new experimental project from GitHub might just make your dreams come true. GitHub Spark lets you build what the company calls "micro apps" or "sparks." These are very limited custom applications that perform one or two basic tasks. You create them through a chatbot interface, and when you're done, you g
Keywords: ai code github screenshot spark
Find related items on AmazonPublished on: 2025-04-29 23:47:18
DrPixel/Getty Images Have you ever wanted to build your own custom application but didn't want to take the time to do any of the pesky learning that software development requires? If so, a new experimental project from GitHub might just make your dreams come true. GitHub Spark lets you build what the company calls "micro apps" or "sparks." These are very limited custom applications that perform one or two basic tasks. You create them through a chatbot interface, and when you're done, you get a
Keywords: ai code github screenshot spark
Find related items on AmazonPublished on: 2025-05-08 23:07:02
Real GitHub Developers on GitMatch Our AI scans millions of GitHub profiles to find the perfect match for your technical needs. Here's a sample of the talent available on our platform.
Keywords: ai available developers github gitmatch
Find related items on AmazonPublished on: 2025-05-09 12:20:10
In GitHub Actions, you can use the shell keyword to specify the shell that runs a given run: block. This keyword is optional for workflows but mandatory for action definitions. The shell normally defaults to something sensible for your runner, e.g. bash on Linux and macOS, and pwsh on Windows. But it can also be specified, and GitHub documents that specifying it explicitly also implies some flags of their choosing: - shell : bash run : | echo "Hello, world!" Based on that, you might think tha
Keywords: bash echo github run shell
Find related items on AmazonPublished on: 2025-05-12 15:52:41
GitHub Copilot, Microsoft-owned GitHub’s AI coding assistant, could soon become costlier for some users. On Friday, GitHub announced “premium requests” for GitHub Copilot, a new system that imposes rate limits when users switch to AI models other than the base model for tasks such as “agentic” coding and multi-file edits. While GitHub Copilot subscribers can still take unlimited actions with the base model (OpenAI’s GPT-4o), tasks and actions with newer models, like Anthropic’s 3.7 Sonnet, will
Keywords: copilot github models premium requests
Find related items on AmazonPublished on: 2025-05-14 19:28:44
GitMCP creates a dedicated Model Context Protocol (MCP) server for any GitHub project, enabling AI assistants to understand your code in context. Code Understanding AI assistants gain a deep context of the code repo, reading llms.txt, llms-full.txt, readme.md and more, making their responses more accurate and relevant. Instant Setup No complex configuration needed. Just point to your GitHub repository and connect your AI tools.
Keywords: ai assistants code context github
Find related items on AmazonPublished on: 2025-05-17 03:24:54
GitHub announced updates to its Advanced Security platform after it detected over 39 million leaked secrets in repositories during 2024, including API keys and credentials, exposing users and organizations to serious security risks. In a new report by GitHub, the development company says the 39 million secrets were found through its secret scanning service, a security feature that detects API keys, passwords, tokens, and other secrets in repositories. "Secret leaks remain one of the most commo
Keywords: github protection secret secrets security
Find related items on AmazonPublished on: 2025-05-18 03:19:28
EDIT: Back online?! NPM discussion: https://github.com/npm/cli/issues/8203 NPM incident: https://status.npmjs.org/incidents/hdtkrsqp134s Cloudflare messaging: https://www.cloudflarestatus.com/incidents/gshczn1wxh74 GitHub issue: https://github.com/sindresorhus/camelcase/issues/114 Anyone experiencing npm outage that's more than just the referenced camelcase package?
Keywords: com github https incidents npm
Find related items on AmazonPublished on: 2025-05-19 14:19:28
EDIT: Back online?! NPM discussion: https://github.com/npm/cli/issues/8203 NPM incident: https://status.npmjs.org/incidents/hdtkrsqp134s Cloudflare messaging: https://www.cloudflarestatus.com/incidents/gshczn1wxh74 GitHub issue: https://github.com/sindresorhus/camelcase/issues/114 Anyone experiencing npm outage that's more than just the referenced camelcase package?
Keywords: com github https incidents npm
Find related items on AmazonPublished on: 2025-05-22 22:54:46
A potential supply chain attack on GitHub CodeQL started simply: a publicly exposed secret, valid for 1.022 seconds at a time. In that second, an attacker could take a series of steps that would allow them to execute code within a GitHub Actions workflow in most repositories using CodeQL, GitHub’s code analysis engine trusted by hundreds of thousands of repositories. The impact would reach both public GitHub (GitHub Cloud) and GitHub Enterprise. If backdooring GitHub Actions sounds familiar, t
Keywords: actions codeql github repository workflow
Find related items on AmazonPublished on: 2025-05-27 03:32:40
simonw/ollama-models-atom-feed. I setup a GitHub Actions + GitHub Pages Atom feed of scraped recent models data from the Ollama latest models page - Ollama remains one of the easiest ways to run models on a laptop so a new model release from them is worth hearing about. I built the scraper by pasting example HTML into Claude and asking for a Python script to convert it to Atom - here's the script we wrote together.
Keywords: atom feed github models ollama
Find related items on AmazonPublished on: 2025-05-26 06:17:30
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community. By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails. Already on GitHub? Sign in to your account
Keywords: account clicking community github sign
Find related items on AmazonPublished on: 2025-05-30 13:17:05
Whose code am I running in GitHub Actions? A week ago, somebody added malicious code to the tj-actions/changed-files GitHub Action. If you used the compromised action, it would leak secrets to your build log. Those build logs are public for public repositories, so anybody could see your secrets. Scary! Mutable vs immutable references This attack was possible because it’s common practice to refer to tags in a GitHub Actions workflow, for example: jobs: changed_files: ... steps: - name: Get ch
Keywords: actions github ruby uses v4
Find related items on AmazonPublished on: 2025-06-03 01:51:42
OSGINT Retrieve informations about a github username/email Features Find github username from an email Find github username from an email Find email from github username (not working all the time) Find email from github username (not working all the time) Find informations about a profile (account creation date, public gists, id, public pgp, public ssh ...) Requirements pip3 install -r requirements.txt Usage $ python3 osgint.py -h .d88888b. d8b 888 d88P" "Y88b Y8P 888 888 888 888 88
Keywords: 888 email github https username
Find related items on AmazonPublished on: 2025-06-06 22:34:57
The compromise of GitHub Action tj-actions/changed-files has impacted only a small percentage of the 23,000 projects using it, with it estimated that only 218 repositories exposed secrets due to the supply chain attack. Despite the small number, the potential security repercussions are still significant as some repositories are very popular and could be used in further supply chain attacks. That said, owners of exposed repositories must take immediate action to rotate their secrets before atta
Keywords: action endor github repositories secrets
Find related items on AmazonPublished on: 2025-06-07 06:13:39
Building and deploying a custom site using GitHub Actions and GitHub Pages I figured out a minimal pattern for building a completely custom website using GitHub Actions and deploying the result to GitHub Pages. First you need to enable GitHub Pages for the repository. Navigate to Settings -> Pages (or visit $repo/settings/pages ) and set the build source to "GitHub Actions". Here's my minimal YAML recipe - save this in a .github/workflows/publish.yml file: name : Publish site on : push : wor
Keywords: actions github minimal pages site
Find related items on AmazonPublished on: 2025-06-05 21:38:02
A few weeks ago I received an unsolicited email from the Belgian Center for Cyber Security. It starts with the statement that 80% of cyber attacks could be avoided if 2FA was active and then says literally that If you only use a username and password for your remote logins, you're a sitting duck. This is not true, username and password are no less secure than 2FA. In a way, they are more secure. I know this is controversial, but please bear with me, and I will explain CCB assumptions, my assump
Keywords: account github password passwords weak
Find related items on AmazonPublished on: 2025-06-07 12:37:31
For the past two weeks, I’ve been spending most of my time rewriting our CI scripts in GitHub Actions. This is the third time we’ve had to redo our CI setup—first GitHub Actions, then Earthly (which we moved away from because it was discontinued), and now, reluctantly, back to GitHub Actions. Our CI is complex: merge queues, multiple runners (self-hosted, blacksmith.sh, GitHub-hosted), Rust builds, Docker images, and heavy integration tests. Every PR we merge burns through an hour of CI time, r
Keywords: actions build ci github invoke
Find related items on AmazonPublished on: 2025-06-13 18:24:46
A supply chain attack on the widely used 'tj-actions/changed-files' GitHub Action, used by 23,000 repositories, potentially allowed threat actors to steal CI/CD secrets from GitHub Actions build logs. The GitHub Action is a very popular automation tool designed for GitHub Actions workflows. It allows developers to identify files changed in a pull request or commit and take actions based on those changes, generally used in testing, workflow triggering, and automated code linting and validation.
Keywords: action actions compromised github secrets
Find related items on AmazonPublished on: 2025-06-14 08:36:11
A widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake "Security Alert" issues, tricking developers into authorizing a malicious OAuth app that grants attackers full control over their accounts and code. "Security Alert: Unusual Access Attempt We have detected a login attempt on your GitHub account that appears to be from a new location or device," reads the GitHub phishing issue. All of the GitHub phishing issues contain the same text, warning users that their
Keywords: access github oauth read repositories
Find related items on AmazonPublished on: 2025-06-12 08:15:08
Context: I was tasked with migrating a legacy workflow system (Broadcom CA Workflow Automation) to Airflow. There are some jobs that contain rather simple JavaScript snippets, and I was trying to design a first prototype that simply takes the JS parts and runs them in a transpiler. In this respect, I found a couple of packages that could be leveraged: - js2py: https://github.com/PiotrDabkowski/Js2Py - mini-racer: https://github.com/bpcreech/PyMiniRacer Yet, both seem to be abandoned packages t
Keywords: com github https javascript js2py
Find related items on AmazonPublished on: 2025-06-13 13:29:46
Introduction We are actively investigating a critical security incident involving the tj-actions/changed-files GitHub Action. While our investigation is ongoing, we want to alert users so they can take immediate corrective actions. We will keep this post updated as we learn more. StepSecurity Harden-Runner detected this issue through anomaly detection when an unexpected endpoint appeared in the network traffic. Based on our analysis, the incident started around 9:00 AM March 14th, 2025 Pacific
Keywords: action actions files github runner
Find related items on AmazonPublished on: 2025-06-14 04:54:23
not able to post the link in url for some reason, here it is: https://github.com/nubskr/nubmq
Keywords: able com github https link
Find related items on AmazonPublished on: 2025-06-18 18:21:33
Towards the end of last year, we learned that a group (allegedly affiliated with the Chinese government, referred to as “Salt Typhoon”) breached T-Mobile and other telecommunications companies and caused all sorts of havoc. This isn’t really a blog post about that incident, but it was the catalyst that inspired a bit of curiosity within me. I can’t (legally) access most mobile phone companies’ networks to see what vulnerabilities I can find, but there are plenty of open source software project
Keywords: freeswitch github maybe signalwire software
Find related items on AmazonPublished on: 2025-06-21 06:21:33
Towards the end of last year, we learned that a group (allegedly affiliated with the Chinese government, referred to as “Salt Typhoon”) breached T-Mobile and other telecommunications companies and caused all sorts of havoc. This isn’t really a blog post about that incident, but it was the catalyst that inspired a bit of curiosity within me. I can’t (legally) access most mobile phone companies’ networks to see what vulnerabilities I can find, but there are plenty of open source software project
Keywords: freeswitch github maybe signalwire software
Find related items on AmazonPublished on: 2025-06-24 18:30:34
Finally, an efficient blocker. Easy on CPU and memory. IMPORTANT: uBlock Origin is completely unrelated to the site "ublock.org". uBlock Origin is not an "ad blocker", it's a wide-spectrum content blocker with CPU and memory efficiency as a primary feature. *** Out of the box, these lists of filters are loaded and enforced: - uBlock Origin filter lists - EasyList (ads) - EasyPrivacy (tracking) - Peter Lowe’s Ad server list (ads and tracking) - Online Malicious URL Blocklist More lists are avail
Keywords: github https lists origin ublock
Find related items on AmazonPublished on: 2025-06-23 16:15:48
testeranto 🚧 WARNING: Testeranto is still under development and is not ready for production yet. 🚧 home: adamwong246.github.io/testeranto source: github.com/adamwong246/testeranto npm: npmjs.com/package/testeranto dev: github.dev/adamwong246/testeranto example repo: kokomo bay Demo What is testeranto? Testeranto.ts an AI-first, Acceptance Test Driven Development (ATDD) framework for typescript projects. Testeranto produces test results which can be fed to Aider.ai to automatically fix
Keywords: adamwong246 dev github test testeranto
Find related items on AmazonGo K’awiil is a project by nerdhub.co that curates technology news from a variety of trusted sources. We built this site because, although news aggregation is incredibly useful, many platforms are cluttered with intrusive ads and heavy JavaScript that can make mobile browsing a hassle. By hand-selecting our favorite tech news outlets, we’ve created a cleaner, more mobile-friendly experience.
Your privacy is important to us. Go K’awiil does not use analytics tools such as Facebook Pixel or Google Analytics. The only tracking occurs through affiliate links to amazon.com, which are tagged with our Amazon affiliate code, helping us earn a small commission.
We are not currently offering ad space. However, if you’re interested in advertising with us, please get in touch at [email protected] and we’ll be happy to review your submission.