DP
@dprudente.bsky.social
Building a compliance tool with sveltekit 🧡 → coming Q1 2026
sec + compliance insights |
occasional movie/gadget ramblings
sec + compliance insights |
occasional movie/gadget ramblings
Reposted by DP
NEW: Cloudflare detected the largest UDP DDoS attacks of the year—peaking at 29.7 Tbps. Aisuru's "short-burst" UDP carpet-bombing tactics are designed to maximize impact while evading traditional mitigation. https://cfl.re/4j66ZVo
Aisuru botnet: Early October attacks escalate into record-setting DDoS activity
On October 31st, 2025, Cloudflare’s network detected the largest UDP DDoS attacks of the year—peaking at 29.7 Tbps.
cfl.re
December 18, 2025 at 6:10 PM
NEW: Cloudflare detected the largest UDP DDoS attacks of the year—peaking at 29.7 Tbps. Aisuru's "short-burst" UDP carpet-bombing tactics are designed to maximize impact while evading traditional mitigation. https://cfl.re/4j66ZVo
Reposted by DP
Modern Svelte Kit - Complete Svelte Kit Course for Beginners
youtu.be/vkXxFfGwPao
youtu.be/vkXxFfGwPao
December 18, 2025 at 2:30 PM
Modern Svelte Kit - Complete Svelte Kit Course for Beginners
youtu.be/vkXxFfGwPao
youtu.be/vkXxFfGwPao
Reposted by DP
#Design #Pitfalls
Color contrast mistakes designers still make · “These accessibility gaps aren’t edge cases.” ilo.im/1698j3 by Allie Paschal
_____
#Color #Contrast #Accessibility #WCAG #DataViz #DesignSystems #Links #ProductDesign #UiDesign #WebDesign
Color contrast mistakes designers still make · “These accessibility gaps aren’t edge cases.” ilo.im/1698j3 by Allie Paschal
_____
#Color #Contrast #Accessibility #WCAG #DataViz #DesignSystems #Links #ProductDesign #UiDesign #WebDesign
ilo.im
December 17, 2025 at 11:14 PM
#Design #Pitfalls
Color contrast mistakes designers still make · “These accessibility gaps aren’t edge cases.” ilo.im/1698j3 by Allie Paschal
_____
#Color #Contrast #Accessibility #WCAG #DataViz #DesignSystems #Links #ProductDesign #UiDesign #WebDesign
Color contrast mistakes designers still make · “These accessibility gaps aren’t edge cases.” ilo.im/1698j3 by Allie Paschal
_____
#Color #Contrast #Accessibility #WCAG #DataViz #DesignSystems #Links #ProductDesign #UiDesign #WebDesign
Reposted by DP
Snag Puru now!
I'm looking for opportunities! Full-time/part-time remote roles.
Actions speak hella louder than words, so allow me to show you all the work I have done in the last 5 years as a professional developer
🧵1/n
Actions speak hella louder than words, so allow me to show you all the work I have done in the last 5 years as a professional developer
🧵1/n
December 17, 2025 at 1:48 PM
Snag Puru now!
Reposted by DP
More details than shared before about the us-east-1 outage in October.
No, it was not caused by “brain drain” (an assumption that those building the services left) - creators of the service causing the issue (DNS Enactor) were on the outage call!
Distributed systems are hard
No, it was not caused by “brain drain” (an assumption that those building the services left) - creators of the service causing the issue (DNS Enactor) were on the outage call!
Distributed systems are hard
December 16, 2025 at 6:54 PM
More details than shared before about the us-east-1 outage in October.
No, it was not caused by “brain drain” (an assumption that those building the services left) - creators of the service causing the issue (DNS Enactor) were on the outage call!
Distributed systems are hard
No, it was not caused by “brain drain” (an assumption that those building the services left) - creators of the service causing the issue (DNS Enactor) were on the outage call!
Distributed systems are hard
Reposted by DP
#Development #Trends
Cloudflare Radar 2025 Year in Review · Trends and patterns in internet usage over the year ilo.im/1696sa by Cloudflare
_____
#Business #Internet #AI #Connectivity #Security #WebTechnology #Browser #WebDev #Frontend #Backend
Cloudflare Radar 2025 Year in Review · Trends and patterns in internet usage over the year ilo.im/1696sa by Cloudflare
_____
#Business #Internet #AI #Connectivity #Security #WebTechnology #Browser #WebDev #Frontend #Backend
ilo.im
December 16, 2025 at 6:39 AM
#Development #Trends
Cloudflare Radar 2025 Year in Review · Trends and patterns in internet usage over the year ilo.im/1696sa by Cloudflare
_____
#Business #Internet #AI #Connectivity #Security #WebTechnology #Browser #WebDev #Frontend #Backend
Cloudflare Radar 2025 Year in Review · Trends and patterns in internet usage over the year ilo.im/1696sa by Cloudflare
_____
#Business #Internet #AI #Connectivity #Security #WebTechnology #Browser #WebDev #Frontend #Backend
Reposted by DP
CodeQL lets you query your code to find logic errors and security issues that standard text search completely misses.
It allows you to take one bug and automatically find every other place that same pattern exists—so you can fix them all at once.
Ready to try it out yourself? Here's how. ⬇️
It allows you to take one bug and automatically find every other place that same pattern exists—so you can fix them all at once.
Ready to try it out yourself? Here's how. ⬇️
About code scanning with CodeQL - GitHub Docs
You can use CodeQL to identify vulnerabilities and errors in your code. The results are shown as code scanning alerts in GitHub.
docs.github.com
December 15, 2025 at 9:10 PM
CodeQL lets you query your code to find logic errors and security issues that standard text search completely misses.
It allows you to take one bug and automatically find every other place that same pattern exists—so you can fix them all at once.
Ready to try it out yourself? Here's how. ⬇️
It allows you to take one bug and automatically find every other place that same pattern exists—so you can fix them all at once.
Ready to try it out yourself? Here's how. ⬇️
Reposted by DP
#Design #Analyses
AI detection tools? · “They cannot prove that text is AI-generated.” ilo.im/168xou by Sean Goedecke
_____
#Business #Humans #Machines #AI #Detection #Text #Content #ProductDesign #UiDesign #WebDesign
AI detection tools? · “They cannot prove that text is AI-generated.” ilo.im/168xou by Sean Goedecke
_____
#Business #Humans #Machines #AI #Detection #Text #Content #ProductDesign #UiDesign #WebDesign
AI detection tools cannot prove that text is AI-generated
--
ilo.im
December 13, 2025 at 6:15 PM
#Design #Analyses
AI detection tools? · “They cannot prove that text is AI-generated.” ilo.im/168xou by Sean Goedecke
_____
#Business #Humans #Machines #AI #Detection #Text #Content #ProductDesign #UiDesign #WebDesign
AI detection tools? · “They cannot prove that text is AI-generated.” ilo.im/168xou by Sean Goedecke
_____
#Business #Humans #Machines #AI #Detection #Text #Content #ProductDesign #UiDesign #WebDesign
Started using @raycast.com on Windows and I'm just loving it! Very first time for me and being able to make many things faster.
December 13, 2025 at 12:32 PM
Started using @raycast.com on Windows and I'm just loving it! Very first time for me and being able to make many things faster.
Reposted by DP
A security researcher tried to alert Home Depot to the security lapse exposing its backend GitHub source code repos and other internal cloud systems, but was ignored.
Exclusive: Home Depot exposed access to internal systems for a year, says researcher
A security researcher tried to alert Home Depot to the security lapse exposing its backend GitHub source code repos and other internal cloud systems, but was ignored.
techcrunch.com
December 12, 2025 at 4:48 PM
A security researcher tried to alert Home Depot to the security lapse exposing its backend GitHub source code repos and other internal cloud systems, but was ignored.
Reposted by DP
#Design #Approaches
Measuring the impact of features · Meet a simple, repeatable, meaningful UX metric ilo.im/168zw1 by Vitaly Friedman
_____
#Business #Metrics #Features #Conversion #TARS #ProductDesign #UxDesign #UiDesign #WebDesign
Measuring the impact of features · Meet a simple, repeatable, meaningful UX metric ilo.im/168zw1 by Vitaly Friedman
_____
#Business #Metrics #Features #Conversion #TARS #ProductDesign #UxDesign #UiDesign #WebDesign
How To Measure The Impact Of Features - Smart Interface Design Patterns
Meet TARS — a simple, repeatable, meaningful UX metric, designed specifically to track the performance of product features.
ilo.im
December 11, 2025 at 8:24 PM
#Design #Approaches
Measuring the impact of features · Meet a simple, repeatable, meaningful UX metric ilo.im/168zw1 by Vitaly Friedman
_____
#Business #Metrics #Features #Conversion #TARS #ProductDesign #UxDesign #UiDesign #WebDesign
Measuring the impact of features · Meet a simple, repeatable, meaningful UX metric ilo.im/168zw1 by Vitaly Friedman
_____
#Business #Metrics #Features #Conversion #TARS #ProductDesign #UxDesign #UiDesign #WebDesign
Reposted by DP
🚨 Action required: 2 additional newly disclosed vulnerabilities affect multiple versions of React, Next.js, & other RSC-based frameworks.
As w/ last week's disclosure, Netlify has been working w/ the @react.dev & @nextjs.org teams to deploy network-level mitigations against these vulnerabilities. 🧵
As w/ last week's disclosure, Netlify has been working w/ the @react.dev & @nextjs.org teams to deploy network-level mitigations against these vulnerabilities. 🧵
December 11, 2025 at 9:21 PM
🚨 Action required: 2 additional newly disclosed vulnerabilities affect multiple versions of React, Next.js, & other RSC-based frameworks.
As w/ last week's disclosure, Netlify has been working w/ the @react.dev & @nextjs.org teams to deploy network-level mitigations against these vulnerabilities. 🧵
As w/ last week's disclosure, Netlify has been working w/ the @react.dev & @nextjs.org teams to deploy network-level mitigations against these vulnerabilities. 🧵
A new vulnerability class called `IDEsaster` can turn standard IDE features into attack vectors, and 100% of the tested AI coding assistants were vulnerable.
you can check it at maccarita.com/posts/idesas... , written by Arik Marzouk.
you can check it at maccarita.com/posts/idesas... , written by Arik Marzouk.
IDEsaster: A Novel Vulnerability Class in AI IDEs
Don’t want to miss my next post? Follow me on X or connect on LinkedIn Summary We all know AI reshaped how we build software. Autocomplete evolved into AI agents that can autonomously act on behalf of...
maccarita.com
December 11, 2025 at 10:46 AM
A new vulnerability class called `IDEsaster` can turn standard IDE features into attack vectors, and 100% of the tested AI coding assistants were vulnerable.
you can check it at maccarita.com/posts/idesas... , written by Arik Marzouk.
you can check it at maccarita.com/posts/idesas... , written by Arik Marzouk.
Reposted by DP
The massive data breach at the South Korean retail giant Coupang affects more than half of the country's population.
CEO of South Korean retail giant Coupang resigns after massive data breach | TechCrunch
The massive data breach at the South Korean retail giant Coupang affects more than half of the country's population.
techcrunch.com
December 10, 2025 at 9:11 PM
The massive data breach at the South Korean retail giant Coupang affects more than half of the country's population.
Reposted by DP
Anthropic, Block, and OpenAI are backing the Linux Foundation’s new Agentic AI Foundation, donating MCP, Goose, and AGENTS.md to standardize AI agents, boost interoperability, and curb proprietary fragmentation.
OpenAI, Anthropic and Block join new Linux Foundation effort to standardize the AI agent era | TechCrunch
Anthropic, Block, and OpenAI are backing the Linux Foundation’s new Agentic AI Foundation, donating MCP, Goose, and AGENTS.md to standardize AI agents, boost interoperability, and curb proprietary fragmentation.
techcrunch.com
December 9, 2025 at 5:31 PM
Anthropic, Block, and OpenAI are backing the Linux Foundation’s new Agentic AI Foundation, donating MCP, Goose, and AGENTS.md to standardize AI agents, boost interoperability, and curb proprietary fragmentation.
Reposted by DP
Think twice before downloading! 🚨 Unknown browser extensions, freeware, or pirated content can hide malware that steals your data or hijacks your system. Stick to trusted app stores & official vendor websites. When in doubt, don't download it!
December 9, 2025 at 3:54 PM
Think twice before downloading! 🚨 Unknown browser extensions, freeware, or pirated content can hide malware that steals your data or hijacks your system. Stick to trusted app stores & official vendor websites. When in doubt, don't download it!
Reposted by DP
#Design #Misconceptions
Common misconceptions about disability · Understanding disability means understanding real people ilo.im/168vsa by Felicity Miners-Jones
_____
#Inclusion #Disability #Accessibility #ProductDesign #UxDesign #UiDesign #WebDesign #Development #WebDev #Frontend
Common misconceptions about disability · Understanding disability means understanding real people ilo.im/168vsa by Felicity Miners-Jones
_____
#Inclusion #Disability #Accessibility #ProductDesign #UxDesign #UiDesign #WebDesign #Development #WebDev #Frontend
Common misconceptions about disability - TetraLogical
Disability is often misunderstood or misrepresented online and in mainstream media. In this post, we look at some common misconceptions surrounding disability.
ilo.im
December 9, 2025 at 12:02 PM
#Design #Misconceptions
Common misconceptions about disability · Understanding disability means understanding real people ilo.im/168vsa by Felicity Miners-Jones
_____
#Inclusion #Disability #Accessibility #ProductDesign #UxDesign #UiDesign #WebDesign #Development #WebDev #Frontend
Common misconceptions about disability · Understanding disability means understanding real people ilo.im/168vsa by Felicity Miners-Jones
_____
#Inclusion #Disability #Accessibility #ProductDesign #UxDesign #UiDesign #WebDesign #Development #WebDev #Frontend
Reposted by DP
We tested one of the most common prompting techniques: giving the AI a persona to make it more accurate
We found that telling the AI "you are a great physicist" doesn't make it significantly more accurate at answering physics questions, nor does "you are a lawyer" make it worse.
We found that telling the AI "you are a great physicist" doesn't make it significantly more accurate at answering physics questions, nor does "you are a lawyer" make it worse.
December 8, 2025 at 6:32 PM
We tested one of the most common prompting techniques: giving the AI a persona to make it more accurate
We found that telling the AI "you are a great physicist" doesn't make it significantly more accurate at answering physics questions, nor does "you are a lawyer" make it worse.
We found that telling the AI "you are a great physicist" doesn't make it significantly more accurate at answering physics questions, nor does "you are a lawyer" make it worse.
Reposted by DP
Introducing Web Vitals Performance Issues 🌐
a new type of perf issue that's triggered when the highest traffic pages of your app are showing poor vitals metrics for an extended period of time
a new type of perf issue that's triggered when the highest traffic pages of your app are showing poor vitals metrics for an extended period of time
December 8, 2025 at 7:30 PM
Introducing Web Vitals Performance Issues 🌐
a new type of perf issue that's triggered when the highest traffic pages of your app are showing poor vitals metrics for an extended period of time
a new type of perf issue that's triggered when the highest traffic pages of your app are showing poor vitals metrics for an extended period of time
Reposted by DP
AI created visual ads got 20% more clicks than ads created by human experts as part of their jobs... unless people knew the ads are AI-created, which lowers click-throughs to 31% less than human-made ads.
Importantly, the AI ads were selected by human experts from many AI options.
Importantly, the AI ads were selected by human experts from many AI options.
December 6, 2025 at 5:53 PM
AI created visual ads got 20% more clicks than ads created by human experts as part of their jobs... unless people knew the ads are AI-created, which lowers click-throughs to 31% less than human-made ads.
Importantly, the AI ads were selected by human experts from many AI options.
Importantly, the AI ads were selected by human experts from many AI options.
Reposted by DP
#CSS `@custom-media` feature flags
create your own true or false media queries
nerdy.dev/custom-media...
create your own true or false media queries
nerdy.dev/custom-media...
Custom Media Feature Flags · December 6, 2025
Use true or false queries
nerdy.dev
December 6, 2025 at 5:17 AM
#CSS `@custom-media` feature flags
create your own true or false media queries
nerdy.dev/custom-media...
create your own true or false media queries
nerdy.dev/custom-media...
Reposted by DP
A critical vulnerability was recently disclosed in React Server Components (RSC), impacting multiple versions of React, Next.js and other RSC-based frameworks.
This flaw could allow malicious actors to execute arbitrary code within an affected application. 🧵
This flaw could allow malicious actors to execute arbitrary code within an affected application. 🧵
December 3, 2025 at 3:57 PM
A critical vulnerability was recently disclosed in React Server Components (RSC), impacting multiple versions of React, Next.js and other RSC-based frameworks.
This flaw could allow malicious actors to execute arbitrary code within an affected application. 🧵
This flaw could allow malicious actors to execute arbitrary code within an affected application. 🧵
Reposted by DP
#Development #Announcements
Bun has been acquired by Anthropic · The JavaScript runtime will further accelerate Claude Code ilo.im/168uxh by Jarred Sumner
_____
#Anthropic #Claude #AI #JavaScript #Runtime #Bun #NodeJS #WebDev #Frontend #Backend
Bun has been acquired by Anthropic · The JavaScript runtime will further accelerate Claude Code ilo.im/168uxh by Jarred Sumner
_____
#Anthropic #Claude #AI #JavaScript #Runtime #Bun #NodeJS #WebDev #Frontend #Backend
Bun is joining Anthropic
Bun has been acquired by Anthropic. Anthropic is betting on Bun as the infrastructure powering Claude Code, Claude Agent SDK, and future AI coding products & tools.
ilo.im
December 2, 2025 at 9:16 PM
#Development #Announcements
Bun has been acquired by Anthropic · The JavaScript runtime will further accelerate Claude Code ilo.im/168uxh by Jarred Sumner
_____
#Anthropic #Claude #AI #JavaScript #Runtime #Bun #NodeJS #WebDev #Frontend #Backend
Bun has been acquired by Anthropic · The JavaScript runtime will further accelerate Claude Code ilo.im/168uxh by Jarred Sumner
_____
#Anthropic #Claude #AI #JavaScript #Runtime #Bun #NodeJS #WebDev #Frontend #Backend
Reposted by DP
Mistral unveils its Mistral 3 lineup, including a frontier model and efficient small models designed for offline, customizable enterprise use—aiming to prove small, fine-tuned AI can beat closed-source giants.
Mistral closes in on Big AI rivals with new open-weight frontier and small models | TechCrunch
Mistral unveils its Mistral 3 lineup, including a frontier model and efficient small models designed for offline, customizable enterprise use—aiming to prove small, fine-tuned AI can beat closed-source giants.
techcrunch.com
December 2, 2025 at 3:40 PM
Mistral unveils its Mistral 3 lineup, including a frontier model and efficient small models designed for offline, customizable enterprise use—aiming to prove small, fine-tuned AI can beat closed-source giants.
Reposted by DP
The Svelte CLI is a god-send... I've created so many projects for small reproductions and experiments, and it's just flawless.
And the new --from-playground key is even cooler to go from POC to actual project in a flash 🧡
advent.sveltesociety.dev/2025/2
And the new --from-playground key is even cooler to go from POC to actual project in a flash 🧡
advent.sveltesociety.dev/2025/2
Advent of SvelteDay 2: The Svelte CLI - Advent of Svelte 2025
advent.sveltesociety.dev
December 2, 2025 at 2:24 PM
The Svelte CLI is a god-send... I've created so many projects for small reproductions and experiments, and it's just flawless.
And the new --from-playground key is even cooler to go from POC to actual project in a flash 🧡
advent.sveltesociety.dev/2025/2
And the new --from-playground key is even cooler to go from POC to actual project in a flash 🧡
advent.sveltesociety.dev/2025/2