eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.

Server stats:

216
active users

#node

2 posts2 participants0 posts today

"Cybersecurity researchers have alerted to a supply chain attack that has targeted popular npm packages via a phishing campaign designed to steal the project maintainers' npm tokens.

The captured tokens were then used to publish malicious versions of the packages directly to the registry without any source code commits or pull requests on their respective GitHub repositories.

The list of affected packages and their rogue versions, according to Socket, is listed below -

- eslint-config-prettier (versions 8.10.1, 9.1.1, 10.1.6, and 10.1.7)
- eslint-plugin-prettier (versions 4.2.2 and 4.2.3)
- synckit (version 0.11.9)
- @pkgr/core (version 0.2.8)
- napi-postinstall (version 0.3.1)

"The injected code attempted to execute a DLL on Windows machines, potentially allowing remote code execution," the software supply chain security firm said."

thehackernews.com/2025/07/malw

Ω🪬Ω
new release of #Fedialgo, the customizable timeline algorithm / filtering system for your Mastodon feed, counts the number of times each hashtag appears in your timeline even if people don't use a "#" character to give you a better sense of what people are talking about in the Fediverse.

there's a little bit of art vs. science here because some strings are disqualified from this kind of counting (e.g. a word like "the" should not be counted even if some maniac decided to make it a hashtag) so let me know if you see any weirdly high counts.

* Link: michelcrypt4d4mus.github.io/fe
* Code: github.com/michelcrypt4d4mus/f
* Video of FediAlgo in action: universeodon.com/@cryptadamist

alojapan.com/1297188/japanese- Japanese Bundesliga stars draw crowds at Expo 2025 Osaka #Ajax #http #news #node #Osaka #OsakaNews #Promise #xhr #大阪 #大阪府 Japan internationals Makoto Hasebe, Tomoaki Makino give fans, media insights into illustrious careers during events at the Expo’s German Pavilion Bundesliga Legend Hasebe made 384 appearances in Germany, winning the Bundesliga with VfL Wolfsburg, as well as the DFB Pokal and UEFA Europa League with Eintracht Frankfurt Germ…

Replied in thread

@hyc @voxel also #PoS inherently rewards rich users and concentrates power even more than the nature of #PoW would, as running a #Monero #node or #miner doesn't require expensive custom #ASIC|s that are going to become manufactured #eWaste down the line and can't be repurposed for anything but being the noisiest and most expesive space heaters!

infosec.space/@kkarhan/1146386

  • Or to put it into perspective: PoS implementations like #Ethereum only rewarded already abdurdly rich capital holders and wiped everyone else out due to every PoS mechanism demanding a minimum of staked coins AND even if it didn't all of them inherently reward staking more with a higher "rent" / "reward"!

Case in point: There are only ugly and filthy solutions to that problem and Monero chose the "least worst" they could: Shure it still has problems but those are at least fully known, understood and working as in 'communities can outnumber single rich entities'...

Infosec.SpaceKevin Karhan :verified: (@kkarhan@infosec.space)@voxel like all #PoW #Cryptocurrency, #Monero too does #WastefulComputing. - Unlike many others it automatically adapts #Difficulty based off total #hashrate as it enshures a constant block reward of 0,6 XMR + Tx Fees per block at a constant block time of 2mins per block. That being said Monero was explicitly designed to not be #ASIC-able in a cost-efficient manner and be #GPU-unfriendly, so it's more #decentralized and doesn't cause harm by demanding custom hardware that can't be repurposed that causes 100% avoidable #eWaste! - IOW: I's the *'least worst'* option given it's PoW doesn't incentive or reward capital holders (beyond the ability to host and have power to mine)…

npm error code EBADPLATFORM
npm error notsup Unsupported platform for @shopify/create-app@3.80.7: wanted {"os":"darwin,linux,win32"} (current: {"os":"freebsd"})
npm error notsup Valid os: darwin,linux,win32
npm error notsup Actual os: freebsd

We fought for years supporting Linux because we wanted to be "free to choose our OS", and now we've reached the point where you're forced to choose it.

Many people simply don't understand the concept of freedom.

Anyway, happy Wednesday!

#Node#IT#SysAdmin

Hoo boy am I tired of seeing messages in my browser's JavaScript from some deep transitive dependency of the app I work on, saying "We're about to remove support for <feature that a slightly less nested transitive dependency uses>, sucks to be you."

This whole developer ecosystem is a nightmare of endless compatibility problems, 90% of them trivially avoidable with a moment's thought.

#Node#NPM#React