🛡️ Security & Privacy

• Shai-Hulud 3.0 NPM supply chain attack discovered: New malware variant automatically spreads to steal developer credentials and cloud keys, currently limited in testing phase. More
• Malicious Chrome extensions harvest 900K users' AI chats: Two extensions masquerading as AI assistants steal ChatGPT and DeepSeek conversations, including Google Featured badge holder. More
• Microsoft Copilot Studio vulnerability exposed: Connected Agents feature allows attackers to impersonate organizations and execute unauthorized actions without detection or logging. More
• Hacking washing machines at 39C3: Reverse-engineering talk reveals proprietary bus systems and diagnostic interfaces in household appliances for cloudless home automation integration. More
• IBM API Connect critical vulnerability warning: Security researchers discover severe API bug requiring immediate attention from IBM users and administrators. More
• DarkSpectre browser extension campaign uncovered: Malicious extensions harvest meeting data and sensitive information from over 2.2 million Chrome and Edge browsers. More
• Sony PS3 security vulnerability analysis: Classic Schneier analysis of PlayStation 3 cryptographic failures demonstrates importance of proper random number generation in security systems. More
• Protecting devices from spyware: Comprehensive Wired guide covers essential security measures for iPhone and Android devices against sophisticated surveillance threats. More

🛸 Tech

• Migrating from Big Tech to EU stack saves €500/year: Developer documents complete transition to European-hosted services using Proton, Scaleway, and Vivaldi while improving functionality. More
• Manus joins Meta for next innovation era: Strategic acquisition signals Meta's continued investment in cutting-edge technology and talent for future platform development. More
• Everything-as-code monorepo strategy: Kasava.dev explores modern development approach treating infrastructure, configuration, and code as unified versioned codebase. More
• Punkt MC03 privacy smartphone debuts at CES 2026: Swiss company unveils security-focused mobile device emphasizing data protection and minimal digital footprint for privacy-conscious users. More
• Clicks Communicator launches physical keyboard phone: Innovative device combines modern smartphone capabilities with tactile QWERTY keyboard for enhanced typing experience and productivity. More
• Going immutable on macOS: Developer shares journey implementing immutable infrastructure principles on Apple's desktop operating system for enhanced security and reproducibility. More
• Python numbers every programmer should know: Essential numerical constants, performance benchmarks, and optimization targets for Python developers building efficient applications. More
• Pebble Round 2 announced: Repebble project reveals most stylish Pebble smartwatch iteration continuing beloved platform's legacy through community-driven development efforts. More
• Why security-conscious should care about blog: John Graham-Cumming argues developers focused on security must understand broader technology landscape beyond immediate specialization. More
• Linux kernel security work in 2026: Greg Kroah-Hartman outlines ongoing Linux kernel security initiatives, patches, and development priorities for the year ahead. More

🤖 AI

• Google DeepMind documentary reaches 200M views: "The Thinking Game" chronicles AlphaFold breakthrough and AI lab's pursuit of artificial general intelligence over five years. More
• Simon Willison's 2025 LLM year in review: Comprehensive analysis covers reasoning models, coding agents, MCP protocol explosion, and major shifts in AI development landscape. More
• Karpathy's Zero to Hero AI course: Free comprehensive neural networks course covering fundamentals to advanced topics for aspiring AI practitioners and developers. More

🛠️ Tools

• Netrinos WireGuard mesh VPN for teams: Zero-configuration private network solution bypasses firewalls automatically, enabling seamless remote access without port forwarding requirements. More
• FracturedJson formatting library: Open-source tool for beautifying and formatting JSON with customizable styles, improving readability for developers and data analysts. More

📷 Misc

• What unprocessed photos actually look like: Technical deep dive explains camera sensor data processing, Bayer matrices, and transformations required to produce final images. More
• Manifesto for destroying corporate web through personal websites: Compelling essay argues industrial web extraction parallels automobile monopoly, proposes convivial IndieWeb tools for reclaiming creative autonomy. More

📩 Please feel free to share this article with colleagues and friends who will find it valuable.

Thanks for reading!

Have a great day!
Bogdan