HackerTrans
TopNewTrendsCommentsPastAskShowJobs

thefreeman

no profile record

Submissions

TeamPCP Campaign Spreads to NPM via a Hijacked Bitwarden CLI

research.jfrog.com
3 points·by thefreeman·3 เดือนที่ผ่านมา·0 comments

comments

thefreeman
·23 วันที่ผ่านมา·discuss
Can you share more information on the post-LLM processing and the prompt you use? I would like to try this out but don't see any post-LLM options in Handy.

edit: nevermind, found info on the docs about how to enable post processing. Would still be interested in your prompt though if you don't mind sharing!
thefreeman
·เดือนที่แล้ว·discuss
How can you make this comment before even having a chance to try the new major model revision?
thefreeman
·เดือนที่แล้ว·discuss
Redis is not a database. It’s a key / value store.
thefreeman
·2 เดือนที่ผ่านมา·discuss
I think that was his point
thefreeman
·2 เดือนที่ผ่านมา·discuss
My money is on unauthed mongodb or public s3 bucket
thefreeman
·2 เดือนที่ผ่านมา·discuss
Well trump mobile almost definitely doesn't have a network, systems, or infrastructure to begin with. So I guess they are technically correct.
thefreeman
·2 เดือนที่ผ่านมา·discuss
You can also define required dependencies in a doc block at the top of the file and then just “uv run main” and it will automatically install and cache any dependencies and run. https://docs.astral.sh/uv/guides/scripts/
thefreeman
·4 เดือนที่ผ่านมา·discuss
yes, there were a large number of AWS products and features that were only available with a subscription
thefreeman
·4 เดือนที่ผ่านมา·discuss
You can just start claude with the —chrome flag too and it will connect to the chrome extension.
thefreeman
·4 เดือนที่ผ่านมา·discuss
don't you get a tax penalty if you aren't insured for 100% of the year?
thefreeman
·6 เดือนที่ผ่านมา·discuss
the emdash is right there for all to see
thefreeman
·6 เดือนที่ผ่านมา·discuss
I think this is what the Ralph Wiggum plugin is for. It just repeatedly reprompts the llm with the same prompt until it is fully complete or something along those lines.
thefreeman
·8 เดือนที่ผ่านมา·discuss
You put a CDN in front of it and heavily cache when serving to external customers
thefreeman
·10 เดือนที่ผ่านมา·discuss
No, it says it is restricted. You need to set a private attribute on the webview to enable it. And if you interact with private APIs your app will be rejected in review.
thefreeman
·10 เดือนที่ผ่านมา·discuss
It also barely meets the definition of "a vulnerability report". He basically just nmap scanned the server and googled the apache version. The "critical" vulnerability he linked requires controlling a backend server being reverse proxied through apache... so completely irrelevant. I didn't read every CVE for the apache version but I am doubtful there is anything that actually allows taking over the server there.