与「TXT」相关的搜索结果

Mole 1.5.0 took 6 days, 171 commits, 215 files touched, and 57k+ lines changed. Detailed changelog: 1. Menu bar: added live CPU, memory, and network stats, menu-bar-only mode, right-click quick actions, hotkey support, ghost-state protection, and the new runner animation system. 2. Status: added fan controls for supported Macs, including Auto / Cool / Quiet modes, live RPM, stricter hardware probing, safer restore behavior, and upgrade recovery for old fan presets. 3. Software updates: added update checks and install flows for Homebrew Cask, Homebrew Formula, Mac App Store, Sparkle, and Electron-style appcasts, with clearer progress and safer cancellation. 4. Startup manager: added Login Items, Launch Agents, Launch Daemons, and background item review in one place, with safer authorization behavior so viewing startup items does not ask for admin access. 5. Uninstall: improved alias search, bundle ID search, app metadata matching, Homebrew cask detection, input method discovery, WeChat Input Method support, Doubao Input Method support, and safer root-owned app removal. 6. Clean: tightened log cleanup, protected VPN and proxy app state, guarded Application Support cache cleanup, improved browser and Electron cache detection, and added stronger Trash validation. 7. Analyze: improved disk labels, breadcrumbs, drill-down behavior, folder prefetching, large-directory readability, and trash safety checks. 8. License: improved device management, activation reuse, device reclaim flows, and clearer handling when a license is already used on two Macs. 9. Reliability: fixed Homebrew child-process cancellation, sudo helper reuse, fan preset recovery, MAS inventory edge cases, menu bar ghost states, Startup permission prompts, and release-signing/appcast edge cases. 10. Website and docs: updated the 1.5.0 homepage, release notes, docs, help pages, llms.txt, appcast, and downloadable DMG.

🚨 MistEye TI Alert 🚨 Based on recent intelligence, multiple high-frequency npm packages, including AntV and Echarts-for-react, as well as the durabletask Python SDK, have been compromised by Mini Shai-Hulud supply chain attacks. Notably: 1. May 19, 2026: The npm account atool (i@hust.cc) was compromised, allowing attackers to automatically publish 637 malicious versions across 317 packages within 22 minutes. 2. May 20, 2026 (Beijing Time): Within 35 minutes, attackers consecutively uploaded durabletask versions 1.4.1, 1.4.2, and 1.4.3 at 00:19, 00:49, and 00:54, bypassing normal release controls and impersonating official Microsoft releases. Additionally, these two events—the large-scale GitHub token leaks (potentially exposing official repositories) and the Grafana Labs targeted ransom attack—are likely related to the Mini Shai-Hulud supply chain compromise: • GitHub token leaks: Evidence suggests some leaked tokens may have been used to access and potentially sell official GitHub repositories. The leaks were caused by a compromised employee device, which involved a polluted VS Code extension. • Grafana Labs attack (May 16, 2026): A cybercrime group gained unauthorized access to their GitHub repositories, downloaded the codebase, and issued a ransom demand under threat of data disclosure. Affected Components / Targets: • npm packages: AntV, Echarts-for-react, and other high-frequency components in the npm ecosystem. • Python packages: durabletask 1.4.1, 1.4.2, 1.4.3. • Developer credentials and secrets: GitHub PATs, npm Tokens, AWS Keys, Kubernetes Secrets, Vault Tokens, SSH keys, and over 90 types of local sensitive files. • GitHub repositories: internal codebases potentially accessible via leaked tokens. • Grafana Labs’ repositories (downloaded by attackers; ransom demanded). Potential Attacker Actions: • Immediate exfiltration of cloud and local credentials upon package installation or import. • Unauthorized access to internal repositories and sensitive cloud infrastructure. • Lateral movement across developer machines, CI/CD pipelines, and cloud workloads. • Sale and exploitation of leaked GitHub tokens. • Supply chain compromise affecting dependent projects and production systems. • Ransom demands and potential data disclosure threats against organizations, including open source platforms. Detection Methods: • Audit npm and PyPI dependencies for affected packages: • npm: npm ls --all • Python: pip list --outdated or pip show durabletask to confirm versions. • Inspect lockfiles (package-lock.json, yarn.lock, pnpm-lock.yaml, requirements.txt, pipfile.lock) for malicious versions. • Review CI/CD pipelines and deployment logs for installation of compromised packages. • Monitor GitHub and cloud activity for unusual authentication events, including signs of leaked token usage. Mitigation Measures: • Immediately rotate all exposed GitHub, npm, PyPI, and cloud credentials. • Replace affected npm/PyPI packages with verified safe versions or freeze dependency versions. • Isolate potentially compromised systems and audit for credential theft or lateral movement. • Apply security patches and review post-compromise artifacts in CI/CD pipelines. Additional Recommendations: • Enable real-time monitoring and alerting for suspicious token or key usage. • Implement stricter dependency review policies and supply chain risk checks. • Educate teams to verify package authenticity before installation. • Monitor dark web or underground marketplaces for leaked credentials related to your organization. SlowMist will continue to track and monitor developments related to this incident, including potential new malicious releases or related exploits. MistEye has already pushed relevant threat intelligence to clients to help them proactively assess and mitigate risks.

🚨 node-ipc is compromised again. Three new malicious versions just dropped: 9.1.6, 9.2.3, and 12.0.1. Socket’s AI scanner flagged them as malware within three minutes of publication. The attack vector: a dormant maintainer account (atiertant) was likely taken over via an expired email domain. The attacker registered the lapsed domain, triggered an npm password reset, and gained publish rights to a package with millions of historical downloads. The payload is a credential stealer embedded in the CommonJS entrypoint (node-ipc.cjs). It activates on require(“node-ipc”), not through a postinstall script. Here’s what it does: •Fingerprints the host (OS, arch, hostname, uname) •Harvests 113-127 credential file patterns depending on platform (AWS, GCP, Azure, SSH keys, Kubernetes configs, npm tokens, .env files, shell histories, macOS Keychain databases, and more) •Dumps the entire process.env, capturing every CI secret and cloud credential in memory •Builds a gzip archive in a temp directory •Exfiltrates everything over DNS TXT queries to bt[.]node[.]js, using a bootstrap resolver at sh[.]azurestaticprovider[.]net:443 (a deliberate lookalike of Microsoft’s Azure Static Web Apps domain) The DNS exfiltration is chunked. A 500 KB archive generates roughly 29,400 TXT queries. The body is XOR-encrypted with a SHA-256 keystream, base64-encoded, alphabet-substituted, and split into 31-character chunks before hex-encoding into DNS labels. Header, data, and footer queries use xh, xd, and xf prefixes respectively. The malware forks a detached child process (env var __ntw=1) so credential theft runs silently in the background. It also exposes a __ntRun export, meaning any downstream code that calls require(“node-ipc”).__ntRun() can trigger a second collection/exfiltration cycle. ESM-only consumers using the import path are not affected by the reviewed package metadata. CommonJS consumers are. This is the same package involved in the 2022 protestware incident. It has a history. If you use node-ipc: •Do not install 9.1.6, 9.2.3, or 12.0.1 •Audit your lockfiles for these versions •If you loaded the CommonJS entrypoint, treat all environment variables, SSH keys, cloud credentials, npm tokens, and local secrets as compromised. Rotate immediately. •Hunt for DNS TXT queries to bt[.]node[.]js and sh[.]azurestaticprovider[.]net in your network logs •Check for temp files matching /nt-/.tar.gz Credit to Ian Ahl (@TekDefense) for first publicly identifying the expired-domain account takeover vector. Developing story. Full technical breakdown and IOCs on the Socket blog:

🚨 BREAKING: node-ipc compromised. Again. Three malicious versions of node-ipc (9.1.6, 9.2.3, 12.0.1) were published today carrying an identical credential-stealing payload. This package has 10M+ weekly downloads. Here's what happened: An attacker injected an 80KB obfuscated IIFE into the CommonJS bundle. It fires on every require('node-ipc') call. No special config needed, just importing the package is enough. What it steals: → AWS, Azure, GCP credentials → SSH private keys → Kubernetes configs → Docker tokens → GitHub CLI tokens → AI tool configs (including Claude) → Terraform state → 90+ credential file patterns in total Everything gets gzipped and exfiltrated to an attacker-controlled domain (sh[.]azurestaticprovider[.]net) via DNS TXT queries and HTTPS POST, designed to look like normal traffic. The attacker published across two major version lines simultaneously (9.x and 12.x) to maximize blast radius. Semver ranges like ^9, ~9.1.x, ~9.2.x, ^12, and ~12.0 all resolve to compromised versions automatically on the next install or lockfile refresh. Key details: Only the CommonJS bundle (node-ipc.cjs) is affected. ESM imports are clean. The 9.x releases are fabricated. The 9.x line never shipped a .cjs bundle before this attack. This is a different actor from the 2022 peacenotwar incident. Purely financial, credential-theft motivation. If you installed any of these versions, assume all secrets on that machine are compromised. Rotate everything. Our full technical breakdown covers the attack chain stage by stage, IOCs, and how to check if you're affected:

🚨 MistEye Security Gate Officially Released｜Building Frontline Security Detection for AI Agents SlowMist has officially released MistEye Security Gate, a pre-execution security gateway Skill that provides security detection capabilities for dependency installation and domain access for mainstream #AI# coding agents such as @claudeai , @cursor_ai , and @OpenAI GPT. 👉 MistEye Security Gate enables: 🔹 Supply chain package risk detection (npm/pypi/go etc.) 🔹 Real-time scanning of domains/URLs/IPs/emails 🔹 File hash & malicious Skill/MCP identification 🔹 Hard blocking mechanism + daily automated inspections Core Scenarios Covered: - Dependency installation checks (requirements.txt, package.json, etc.) - External link / domain threat validation - Continuous security inspection of installed Skills How to Deploy: 1️⃣ GitHub Repo: 2️⃣ Get free API Key: 3️⃣ Set MISTEYE_API_KEY (env var preferred, or config file with 600 permission) 🛡️ Why It Matters: It cuts off #AIAgent# supply chain and external interaction risks at the source, strengthening the frontline defense. Ready to make your AI Agents run more securely? Welcome to integrate MistEye Security Gate! 🔗 Full article:

这几天，有好几个小伙伴@我说，我的一些作品在他们问 AI 的时候主动被推荐了，很神奇，我想了想感觉啥也没有做，居然可以被收录，那要不要做点更体系化的事情来整一整让现在所有的主流 AI 能够更好的知晓我的内容、产品、想法，于是就开干了。 首先抱着不产生垃圾内容污染 AI 的底线原则，也非常讨厌生成海量垃圾内容的那种为了做好 SEO 的公司，所以我要做的是让我的东西可以更多的被 AI 学习以及搜索到。 当前莫过于 ChatGPT、Claude、Grok、Gemini、Perplexity 等，以及他们依赖的搜索引擎一般是 Google、 Bing、Tavily 这一类工具，最后就变成了把内容做好AI可见性，并且主动把结构化的数据、机器可读的描述性内容，主动的告诉 AI 爬虫我这边有什么，大概花了一个小时，给大伙分享一下我做了什么？ 1、首先不要错过 llms.txt，放到你的站点根目录，用 markdown 写清楚你这个站点是做什么的，有哪些关键页面，作者是谁，AI 在检索内容的时候会优先读这个文件来理解你的内容，这里我还做了一个有意思的事，各站点的 llms.txt 互相引用，形成一个网状结构。AI 不管从哪个入口进来，都能顺着链接找到你的其他内容。当前全球站点配置这个的其实很少，早期做好有一定先发优势，做完之后，可以提交这个地址到 这几个系统， GitHub 上的 llms-txt-hub 仓库可以提 PR。 2、然后处理好 robots.txt 里区分训练爬虫和搜索爬虫，很多人知道 GPTBot、ClaudeBot 这些 AI 爬虫，但其实还有一批专门用于搜索的爬虫，跟训练爬虫是分开的，比如OAI-SearchBot是ChatGPT 搜索用的，不会拿去训练，Claude-SearchBot是Claude 搜索引用的，Perplexity-User是给到 Perplexity 检索用的，这些搜索爬虫应该主动允许，它们决定了你的内容能不能出现在 AI 搜索结果里。 3、除去 Google 的 sitemap 的提交这个搞过 seo 的都知道的之外，其实你也不要忽视Bing，实际上 Copilot、DuckDuckGo、Yahoo 的 AI 搜索底层都是 Bing 在驱动，你可以去 Bing Webmaster Tools 注册一个号，然后看到AI Performance 面板，里面有 Total Citations 和 Grounding Queries 数据，能直接看到你的内容被 AI 引用了多少次，提交 Sitemap 后 Bing 会主动抓取你的全站内容，比被动爬虫会好很多。Google Search Console 也有类似的 AI Mode 过滤器，可以看 AI Overview 的引用情况，当然假如谷歌你没有提交，也一定要记得去提交。 4、Perplexity 在海外其实比大伙想的用户量要大，他们有一个出版者计划，可以去 这里提交你的产品、网站的表单，认真写一下，甚至还有可能有搜索分成。 5、结构化数据 JSON-LD，不是传统 SEO 那套 meta description 的玩法，是给 AI 爬虫提供结构化的语义信息，在页面里嵌入 JSON-LD，告诉机器"这是一篇博客文章，作者是谁，发布时间是什么"或者"这是一个软件项目，解决什么问题"。这里会有不少技巧，比如博客名称用 BlogPosting schema、软件产品用 SoftwareApplication schema，常见问题用 FAQPage，这样 AI 在检索的时候获取到的信息会更加结构，你让他工作更舒服。 6、最有意思的一步，甚至你可以单独给 AI 做一个知识端点，这个站点不是给人看的，没有什么 UI 设计，就是一个纯粹的结构化数据服务。AI 爬虫来了之后能拿到两样东西：一个精简版的 llms.txt 概览，和一个大概 50KB 的 llms-full.txt 完整版，把所有项目的描述、FAQ、使用场景、竞品对比、README 摘录都放进去了。同时还提供了 JSON API，/api/profile 是个人信息，/api/projects 是项目列表，/api/blog 是博客文章，/api/weekly 是周刊内容。数据不是写死的，通过 GitHub API 实时拉 stars、forks、followers、最新 release 这些数据，ISR 缓存一小时自动刷新，做这个的想法是：与其等 AI 去你的各个站点零散地抓信息，不如给它一个集中的入口，把你希望它记住的东西整理好放在那里。我还加了一个"开源全家福"的叙事结构，让 AI 在回答"Tw93 是谁"这类问题时有一个完整的记忆点，而不是零碎地拼凑各个项目。 我更相信应该主动把本来就有的内容结构化，让 AI 可以更好理解，而不是去追求各种短期让 AI SEO 效果更好而去制作垃圾内容刷引用，这些都是在帮 AI 更准确地理解你的内容是什么，让AI看清楚，给她提供一个好的工作环境，而不是在优化排名，这样会比短期更加长期。 最近我把我这1个小时的工作，手打字可能思路有点乱，不过大伙应该看得明白。最后我做了一个小工具给AI看的，而不是给人看的东西，取名 Yobi，我喜欢这个词语，来自 呼び / よび，有呼唤把人叫过来的那种动作感，有兴趣小伙伴可以把自己当做AI视角去瞧瞧

Gemini全面接入Google Docs 在Google Docs里，Gemini可以生成和编辑Word、Excel、PPT、PDF、Markdown、LaTeX、TXT、RTF，生成的文档均可以编辑和导出。

Tether. me 如何利用 50 年前的“老基建”降维打击 Web3 支付？ 晚上被Tether钱包刷屏了，使得我非常好奇，tether钱包背后是如何实现短域名实现链上转账的。 下面跟着Humphrey一起看看Tether钱包背后的技术实现原理，以及其和几年前的ENS的区别。 长期以来，加密货币的支付门槛都卡在“那一串乱码地址”上。Tether 最近力推的 name@tether.me 并不是在造新轮子，而是通过 BIP-353 协议，让“发钱”变得像“发邮件”一样简单。 🛠️ 技术底层：什么是 BIP-353？ 很多人误以为它是类似 ENS 的新域名，其实它的本质是 “DNS 支付指令”。 借用基建：它将支付信息（BIP-21 URI）编码进互联网现有的 DNS TXT 记录中。 极简流程： 你在钱包输入 alice@tether.me ➜ 钱包后台自动查询子域名的 DNS 记录 ➜ 秒回一条包含 BTC 主网、闪电网络或 ETH 的支付指令。 本地安全： 配合 Tether 的 WDK 开发套件与 QVAC 本地 AI，所有 DNSSEC 签名验证都在设备本地完成，既防篡改又不经云端，保障了去中心化的安全性。 ⚡ vs ENS：两种维度的极致路径 虽然表现形式都是“人类可读的字符”，但两者底层逻辑截然不同： tether. me (DNS 模式) —— “极致的支付工具” 逻辑： 利用全球现成的 DNS 系统，像访问网页一样查询地址。 优势： 零成本、零门槛、极速。 用户无需支付 Gas 费注册，也不用持有 ETH，它是为 10 亿普通用户设计的支付 App 思维。 代价： 半中心化。 如果域名被封禁，解析会失效，它更像是一张高效的“电子名片”。 ENS (区块链模式) —— “终极的 Web3 身份” 逻辑： 完全构建在以太坊智能合约上。 优势： 主权在我、永不消失。 只要私钥在手，没有任何机构能注销你的 .eth，它是 Web3 的“永久身份证”。 代价： 高昂的注册费与续费 Gas，对非加密原住民极不友好。 💡 Humphrey认为 1. tether. me 不是 ENS 的竞争者，而是它的补充。ENS 负责“身份的主权与不可篡改”，而以 BIP-353 为核心的 负责“消灭支付摩擦”。 2. Tether 的野图很明显：不改变用户的互联网习惯，只改变背后的清算体系。

[#VIDEO📼#] ⠀ 잘생긴 도라희들이 말아주는 하이브 투어 | 집대성 ep.102 투모로우바이투게더 ▶ ⠀ #대성# #DAESUNG# #DLITE# #유튜브# #집대성# #TXT#

どーせおっぱいしか見てないでしょ そういいとこ好き 私にしか持ってないものを 褒めたくれる人好き ファンネームは 【たの友🫰✋】