drspod

joined 4 years ago
[–] drspod@lemmy.ml 3 points 1 year ago (1 children)

It appears to spawn a curl process to send the email by constructing a string using user-supplied values. I don't know what checks Guile Scheme does on system calls, but I would guess you are vulnerable to command injection here. That's not ideal for something you want to deploy as a micro-service.

libcurl has bindings for Guile, you should use those instead: https://github.com/spk121/guile-curl

[–] drspod@lemmy.ml 46 points 1 year ago (2 children)

You can install this blacklist with either uBlockOrigin or uBlacklist. It's still being updated:

https://github.com/laylavish/uBlockOrigin-HUGE-AI-Blocklist

uBlockOrigin & uBlacklist Huge AI Blocklist

A huge blocklist of manually curated sites (1000+) that contain AI generated content, for the purposes of cleaning image search engines (Google Search, DuckDuckGo, and Bing) with uBlock Origin or uBlacklist.

Also works on mobile (iOS, iPadOS, Android) via uBlacklist, as well as pihole/adguard (via Hosts file)

[–] drspod@lemmy.ml 3 points 1 year ago

This marks the end of the beginning of the end.

[–] drspod@lemmy.ml 1 points 1 year ago (2 children)
[–] drspod@lemmy.ml 36 points 1 year ago* (last edited 1 year ago) (5 children)
  • They drove there in their own vehicle
  • They were seen on CCTV cameras going there and back
  • They turned off their phones around the time when the tree was cut down
  • They filmed it being cut down
  • They took a photo of a piece of the tree in the back of their car
  • They discussed it over text messages and voice notes as the media coverage picked up
  • They pled not guilty 🤣
[–] drspod@lemmy.ml 7 points 1 year ago

It ain't made with mematic

honest work

[–] drspod@lemmy.ml 9 points 1 year ago

Q. I don’t trust this new key! Are you really Kali Linux?

A. The new key is signed by some developers from the Kali team, and the signatures are available on the Ubuntu OpenPGP keyserver. You can check it out at https://keyserver.ubuntu.com/pks/lookup?search=827C8569F2518CC677FECA1AED65462EC8D5E4C5&fingerprint=on&op=index.

I hope those developers have verified in person that the key custodian is not under duress!

[–] drspod@lemmy.ml 19 points 1 year ago (1 children)

That pretty much sums it up, well said.

I take issue, though, with the repeated misspelling of "vulture capitalist."

[–] drspod@lemmy.ml 15 points 1 year ago (5 children)

Who is "we"?

[–] drspod@lemmy.ml 2 points 1 year ago (1 children)

Please tell me you're not vibe coding this project.

[–] drspod@lemmy.ml 1 points 1 year ago

I thought the fine was for not allowing apps to tell users about alternate payment systems. Nothing to do with sideloading apps. Unless there was a second judgement with a fine recently?

 

Amazing collection of props and costumes!

 

Edit 2025-04-09 16:42Z - article was updated with a tenth package (Prettier - Code)

A set of ten VSCode extensions on Microsoft's Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer for Monero.

ExtensionTotal researcher Yuval Ronen has uncovered ten VSCode extensions published on Microsoft's portal on April 4, 2025.

The package names are:

  1. Prettier - Code for VSCode (by prettier) - 486K installs
  2. Discord Rich Presence for VS Code (by Mark H) - 189K installs
  3. Rojo – Roblox Studio Sync (by evaera) - 117K installs
  4. Solidity Compiler (by VSCode Developer) - 1.3K installs
  5. Claude AI (by Mark H)
  6. Golang Compiler (by Mark H)
  7. ChatGPT Agent for VSCode (by Mark H)
  8. HTML Obfuscator (by Mark H)
  9. Python Obfuscator for VSCode (by Mark H)
  10. Rust Compiler for VSCode (by Mark H)
 

Edit 2025-04-09 16:42Z - article was updated with a tenth package (Prettier - Code)

A set of ten VSCode extensions on Microsoft's Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer for Monero.

ExtensionTotal researcher Yuval Ronen has uncovered ten VSCode extensions published on Microsoft's portal on April 4, 2025.

The package names are:

  1. Prettier - Code for VSCode (by prettier) - 486K installs
  2. Discord Rich Presence for VS Code (by Mark H) - 189K installs
  3. Rojo – Roblox Studio Sync (by evaera) - 117K installs
  4. Solidity Compiler (by VSCode Developer) - 1.3K installs
  5. Claude AI (by Mark H)
  6. Golang Compiler (by Mark H)
  7. ChatGPT Agent for VSCode (by Mark H)
  8. HTML Obfuscator (by Mark H)
  9. Python Obfuscator for VSCode (by Mark H)
  10. Rust Compiler for VSCode (by Mark H)
 

I would like to switch away from Apple Music, and Spotify despite being a European company, is not a desirable option for me. What music streaming services would you recommend?

I managed to download a text-only list of the albums in my Apple Music library, so if there's a simple library import option then that would also be very helpful.

 

Actually I'm not sure what the difference is between a raffle and a sweepstakes. Is it like a tombola?

I'm not trying to start an argument it's just, ngl i could really use some of those empty cans rn

 

AMAB

 
 

This is a moving story about a cafe in Japan that allows house-bound people to join in with society and find a purpose, using remotely operated robotic avatars.

 

I had never heard of Absolute Linux, but the rest of this article has some interesting musings on lightweight distros that I thought would make for good discussion here.

 

If you want to go straight to the original write-up, it's here: https://eieio.games/blog/bad-apple-with-regex-in-vim/

 

From the Free Your Soul EP in 1995.

view more: next ›