A Department of Energy (DOGE) employee Jordan Wick has been publicly sharing sensitive work-related code on GitHub, including a Twitter DM downloader and geospatial data analysis tools for undersea cables and critical minerals.
A security researcher discovered vulnerabilities in ToDesktop's build pipeline that could enable malicious code deployment to major tech applications like Cursor, Linear, and Notion Calendar. Through Firebase exploration and CLI analysis, they found ways to hijack the deployment pipeline and access sensitive credentials, potentially affecting millions of users in tech environments.
WebShield is a Safari-focused content blocker, similar to uBlock Origin, currently in beta for macOS 14+, iOS 17+, and visionOS 1.3+. The project operates on a user-supported funding model, maintaining independence from ad companies while offering core functionality free to all users, with additional perks available through WebShield+ contributions.
Waterfox is a privacy-focused web browser offering built-in tracking protection, container tabs, and private browsing features by default. The browser prioritizes user privacy by not collecting telemetry data while providing easy migration from other browsers and maintaining high performance standards.
A widespread scam operation on GitHub involves thousands of repositories distributing malware disguised as game mods and cracked software. The malware, known as Redox stealer, collects sensitive data including passwords, crypto wallets, and gaming accounts from victims' computers, then sends it to Discord servers for exploitation.
Ladybird is a novel pre-alpha web browser featuring a multi-process architecture and its own rendering engine based on web standards. The browser implements robust security measures through process isolation and inherits core components from SerenityOS. Compatible with Linux, macOS, and Windows (WSL2), it aims to become a complete, modern browsing solution.
Electronic Arts maintains a robust open-source presence with multiple Command & Conquer game repositories and development tools in C++. The organization actively manages various technical projects including game modding support, rendering frameworks, and Kubernetes deployment tools.
Nigerian entrepreneurs are developing local cloud infrastructure alternatives to AWS, Microsoft Azure, and Google Cloud, offering naira-based payments and data sovereignty solutions. The rise of homegrown cloud providers like Nebula, Nobus, and Galaxy addresses challenges faced by Nigerian tech companies dealing with currency depreciation and data localization needs. In response to local competition, AWS has started accepting naira payments, while Nigerian providers leverage shared data centers to build cost-effective infrastructure.
IBM has completed its $6.4 billion acquisition of HashiCorp, integrating advanced cloud infrastructure automation and security capabilities into its portfolio. The merger aims to help enterprises manage hybrid cloud environments more efficiently, with HashiCorp's Terraform and Vault products now available through IBM's automation software lineup. The acquisition strengthens IBM's position in multiple growth areas including Red Hat, watsonx, and IT automation.
Superglue is an open-source proxy server that simplifies API integration by automatically handling configuration, data transformation, and schema validation. The solution enables seamless connectivity to various data sources while providing features like LLM-powered mapping, smart pagination, and flexible authentication.