Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
urbanists.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
We're a server for people who like bikes, transit, and walkable cities. Let's get to know each other!

Administered by:

Server stats:

552
active users

urbanists.social: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

#GitHub

75 posts67 participants10 posts today
Continued thread
Public
Christos Argyropoulos MD PhD

This could take the form of setting up repositories (#github/ #zenodo) etc that store the prompts used and the output received from the #LLMs. For example, if one were to use a chatbot to develop the plan for a scientific report and/or the first draft, the prompts and the output should be made public as research methods & supplementary material.
Differencing tools could then be automatically deployed to show how the final product changed to the #LLM output that was first received or even ...

Replied in thread
Public
small circle 🕊 in calmness

@stevenaleach thank you! This is a nice project and I gave it a #github star and a #fediverse boost 🤗

PS. I also used your announcement to give example to anti-patterns I was discussing regarding the #FOSS grassroots movement as a whole, and her (in)ability to collaborate.

I could've taken any project as showcase, but yours just happened to be in line with what triggered my writing. No critique, your approach is perfectly valid. I'm focused on the general case of FOSS.

discuss.coding.social/t/how-to

Discuss Social Coding · How to ease onboarding of participants in SOSS initiatives?In Guild Alpha Workroom on matrix, @Tomat0 just posed the following idea: Something that randomly popped in my mind just now, but im thinking it might be worthwhile to see if we can set up codeberg as an OAuth2 provider on the forums/other tools? OAuth2 provider | Forgejo – Beyond coding. We forge. SSO would be nice for onboarding ppl so they dont have to make multiple accounts to access multiple tools, just one account we can point them to register as My answer: Maybe. In itself it is an...
Continued thread
Public *
⚯ Michel de Cryptadamus ⚯

2/ ...and it just so happens that #PaloAlto released a long investigation into a newer and less well known North Korean crypto operation called "Slow Pisces" and/or "Jade Sleet" at the same time.

This time the #DRPK's crypto thieves pose as recruiters on LinkedIn and try to lure developers into doing various coding challenges hosted on #GitHub as part of a job interview. Doing a challenge leads to infection with custom Python #malware.

unit42.paloaltonetworks.com/sl

Unit 42 · Slow Pisces Targets Developers With Coding Challenges and Introduces New Customized Python MalwareBy Prashil Pattni
#NorthKorea#LazarusGroup#crypto
Public *
⚯ Michel de Cryptadamus ⚯

1/ Deep dive case study of the kind of open source contributions and #GitHub astroturfing that North Korean hackers employ to try get jobs as devs at crypto companies, this time in an attempt to infiltrate #onlyDust.

tl;dr DPRK hackers use contributions to FOSS projects to build cred, after which, armed with AI video avatars, they try to leverage the cred into success in interviews for blockchain development jobs.

I've said it before but i'll say it again: the one real upside of crypto is that the industry draws close to 100% of the incoming fire from sophisticated #DPRK threat actors like Lazarus Group who would otherwise be hacking banks.

ketman.org/dprk-it-workers-in-

screenshot of link
#NorthKorea#LazarusGroup#crypto
Public
Lenin alevski 🕵️💻

New Open-Source Tool Spotlight 🚨🚨🚨

SecLists is a powerful resource for security testing. It consolidates usernames, passwords, payloads, sensitive patterns, and more into one repository. Essential for pen testers and bug hunters. #CyberSecurity #PenTesting

🔗 Project link on #GitHub 👉 github.com/danielmiessler/SecL

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

✨
🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

Public
Lenin alevski 🕵️💻

New Open-Source Tool Spotlight 🚨🚨🚨

Active Directory Certificate Services (AD CS) can be a goldmine if misconfigured. Tools like Certipy simplify enumeration and abuse, leveraging techniques like Shadow Credentials, Golden Certificates, and domain escalation paths (ESC1-ESC11). #CyberSecurity #RedTeam

Certipy's `shadow` command exemplifies ADCS weaknesses. By manipulating `msDS-KeyCredentialLink`, you can take over accounts via PKINIT. It's seamless but devastating for privilege escalation. #Pentesting #ActiveDirectory

Golden Certificates mimic Golden Tickets but target ADCS. Using a compromised CA private key, an attacker can forge certs for domain controllers or users. Certipy automates this process—caution with CA backups. #InfoSec #PKI

🔗 Project link on #GitHub 👉 github.com/ly4k/Certipy

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

✨
🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

Public
💧🌏 Greg Cocks

RiverREM - Generating River Relative Elevation Model (REM) Visualisations
--
github.com/OpenTopography/Rive <-- shared GitHub repository
--
opentopography.github.io/River <-- shared documentation
--
opentopography.org/blog/new-pa <-- shared Open Topography blog post about RiverREM
--
H/T Heidi Luchsinger / Open Topography
[this post should not be considered as an endorsement of this product aka caveat emptor]
#GIS #spatial #mapping #remotesensing #earthobservation #Python #LiDAR #RiverREM #visualisation #hydrology #water #river #rivervalley #floodplain #terraces #GitHub #opensource #opendata #DEM #REM #model #modeling #RiverRelativeModel #documentation #tutorial #learning #tool #elevation #raster #sinuosity #drainage

Public
Charlotte Aten

I saw today that my CoCalc (cocalc.com/) license was about to renew. I've been meaning to move to a more #SelfHosting or #P2P paradigm, so this was good timing for me to cancel. I left this message when doing so:

"I want to support Sage, and I like using CoCalc, but I don't want to put money towards a service that supports Microsoft, Amazon, or OpenAI in any way. I didn't care so much about this before, and I even log in to CoCalc with a GitHub account, but I'm tired of having my work scraped for profit by people who donate to fascists who are destroying my nation. I would consider returning if all ties to these corporations were cut and cloud computing services came from responsible companies, perhaps in the EU."

I'm pretty sure I already have backups of everything I want from GitHub, so I can be done with them too. I should have quit when Microsoft first arrived. My plan is to switch to Radicle (radicle.xyz/) rather than another centralized service. I'll be sure to post about how that goes.

cocalc.comCollaborative Calculation and Data ScienceCoCalc landing pages and documentation
#Sage#math#SageMath
Public
Olly 👾

New Windows Malware can hijack your PC, hold it for Ransom, steal your Passwords & even let Attackers spy on You.

According to a blog post from the IT-Security firm CYFIRMA, the Neptune RAT [Remote Access Trojan] is currently being spread on #GitHub, #Telegram & even #YouTube.

cyfirma.com/research/neptune-r

As reported by Cybernews, the Neptune RAT is currently making the rounds online and this dangerous malware shouldn’t be ignored. This is because it’s highly advanced and can hijack Windows devices, spy on their owners and more. <https://cybernews.com/security/rat-malware-youtube-password-stealer/> The malware also includes a ransomware feature that locks a victim’s files until they pay up. Neptune RAT can even disable Windows Defender and other antivirus programs. ⚠️Since the Neptune RAT is currently being spread on GitHub, Telegram and YouTube, you want to be extra careful when downloading any files from these services as well as clicking on any links, especially ones from unknown senders.⚠️
[ImageSource: Shutterstock] Once installed on a vulnerable PC, this RAT [Remote Access Trojan] is able to steal usernames and passwords from more than 270 different apps including popular browsers like Chrome. ⚠️How to keep your PC safe from Neptune RAT.⚠️ Normally, I’d recommend investing in a good antivirus suite but considering little can be done at this point, signing up for the best identity theft protection makes more sense. Identity theft protection services can help you recover lost funds after an attack and they also come with insurance if you need to replace your PC completely which could very well be the case with the Neptune RAT. It’s also importance that you practice good IT-Hygiene online and avoid downloading suspicious files onto your PC.
#windows#it#security
ExploreLive feeds
About