Rusland is de grote vijand. We moeten voorbereid zijn op oorlog. Dat was donderdagmiddag de boodschap van secretaris-generaal van de NAVO Mark Rutte.

Aw, I kinda like the art in this one! It took literally over a decade for me to get to the point where looking at my own drawings didn't make me want to gag, so it's super wild to see these older comics and think "actually my art had some good points back then too." I used to tell people "if you don't like the comic's art, give it a couple weeks and it'll look different." That isn't really the case anymore- my style has solidified pretty well the last several years. There are still changes, but they're more subtle most of the time and I suspect 90% of my readers don't even notice them. Every now and then I still get a wild hair and go "agh I hate how I draw my comic!!!" and change things up, and while it usually doesn't produce permanent, radical change, it often forces me to learn how to do something different, or better than I used to. I'll never be a Great Artist but I at least enjoy drawing now, and as long as it's fun and conveying the actions I'm trying to convey, that's really all I could ask for.

joshuark shares a report from BleepingComputer: More than 10,000 Docker Hub container images expose data that should be protected, including live credentials to production systems, CI/CD databases, or LLM model keys. After scanning container images uploaded to Docker Hub in November, security researchers at threat intelligence company Flare found that 10,456 of them exposed one or more keys. The most frequent secrets were access tokens for various AI models (OpenAI, HuggingFace, Anthropic, Gemini, Groq). In total, the researchers found 4,000 such keys. "These multi-secret exposures represent critical risks, as they often provide full access to cloud environments, Git repositories, CI/CD systems, payment integrations, and other core infrastructure components," Flare notes. [...]

Additionally, they found hardcoded API tokens for AI services being hardcoded in Python application files, config.json files, YAML configs, GitHub tokens, and credentials for multiple internal environments. Some of the sensitive data was present in the manifest of Docker images, a file that provides details about the image.Flare notes that roughly 25% of developers who accidentally exposed secrets on Docker Hub realized the mistake and removed the leaked secret from the container or manifest file within 48 hours. However, in 75% of these cases, the leaked key was not revoked, meaning that anyone who stole it during the exposure period could still use it later to mount attacks.

Flare suggests that developers avoid storing secrets in container images, stop using static, long-lived credentials, and centralize their secrets management using a dedicated vault or secrets manager. Organizations should implement active scanning across the entire software development life cycle and revoke exposed secrets and invalidate old sessions immediately.

Read more of this story at Slashdot.

Longtime Slashdot reader Gilmoure shares a report from Nature: Scientists have produced the most detailed 3D map of almost all buildings in the world. The map, called GlobalBuildingAtlas, combines satellite imagery and machine learning to generate 3D models for 97% of buildings on Earth. The dataset, published in the open-access journal Earth System Science Data on December 1, covers 2.75 billion buildings, each mapped with footprints and heights at a spatial resolution of 3 meters by 3 meters. The 3D map opens new possibilities for disaster risk assessment, climate modeling and urban planning, according to study co-author Xiaoxiang Zhu, an Earth observation data scientist at the Technical University of Munich in Germany. "Imagine a video game with the world's buildings already mapped in basic spatial dimensions!" writes Gilmoure.

Read more of this story at Slashdot.

Broadcom has quietly pulled VMware vSphere Foundation from parts of EMEA, pushing smaller customers toward far more expensive bundles and prompting some to consider jumping to Hyper-V or Nutanix. The Register reports: VVF is a bundle that offers compute, storage, and networking virtualization, and a platform to run containers. It's most useful in hyperconverged infrastructure and hybrid clouds, but is less capable than the Cloud Foundation (VCF) private cloud suite. Virtzilla said EMEA customers would need to check with their local dealer to see if VVF was still on sale in their country. "VVF is no longer available in some EMEA countries, but for the majority it is still available," a Broadcom spokesperson said. "Customers will have to reach out to sales reps or partners to determine availability of a given product in their region. These changes were recent."

Our initial tipster said their reseller clued them into the impending change when VMware's new fiscal year started in November. This anonymous customer told us that their hardware fleet boasts thousands of compute cores and without more affordable options, his organization was looking at their annual VMware spend leaping by 10x from around $130,000 to $1.3 million. "We're currently looking to jump ship to either Microsoft's Hyper-V or Nutanix, as we can't eat (that) increase," they told The Register. [...]

For the moment, a Broadcom spokesperson told us it has no plans to ditch VMware vSphere Standard, the basic server virtualization bundle which we're told makes up about 60 percent of the company's licenses and is a lower-cost way to access VMware's hypervisor than buying its full suite of VMware Cloud Foundation products. "We have not announced any changes to the availability of vSphere Standard in EMEA nor end of support for vSphere Standard," the spokesperson said via email. "The product remains fully available across EMEA today. However, Broadcom product availability can vary by region to align with local market requirements, customer demand, and other considerations."

Read more of this story at Slashdot.

A UC Berkeley professor, suspecting years of targeted computer damage against one Ph.D. student, secretly installed a hidden camera that allegedly caught another doctoral candidate sabotaging the student's laptop. The student now faces felony vandalism charges and is due for his first court appearance on Dec. 15. The Mercury News reports: A UC Berkeley professor smelled a rat -- over the years there had been $46,855 in damage from computers that failed, and nearly all of it seemed to affect one particular Ph.D. candidate at the college's Electrical Engineering and Computer Sciences department.

The professor wondered if the student's luck was really that bad, or if something else was afoot. So he installed a hidden camera -- disguised in a department laptop, and pointed it at the student's computer. According to police, the sly move captured another Ph.D. candidate, 26-year-old Jiarui Zou, damaging his fellow student's computer with some implement that caused sparks to fly out of the laptop.

Now, Zou has been charged with three felony counts of vandalism, related to the destruction of three computers on Nov. 9-10. The charges allege the damage amounted to more than $400 each time, though the professor who reported the vandalism, and the affected student, told police they suspect Zou of the additional incidents that had been going on for years, court records show.

Read more of this story at Slashdot.

President Trump signed an executive order establishing a single federal AI regulatory framework that preempts state-level rules, aiming to centralize oversight of the rapidly growing AI industry. "The Trump administration, with the aid of AI and crypto czar David Sacks, has been pursuing a path that would allow federal rules to preempt state regulations on AI, a move meant to keep big Democratic-led states like California and New York from exerting their control over the growing industry," notes CNBC.

Developing...

Read more of this story at Slashdot.

Cranamanor13 has added a photo to the pool:

John from Brisbane has added a photo to the pool:

I thought I ought to deliver on my commitment to finally go back to where I left of my images for the year before starting the holiday ones and get a gallop on. I am many months behind. This shot is taken in the Laidley Creek Valley, south west of the town of the same name and on the road to Mulgowie. How I would love to live in a world of peace and gaze out on this rural scene every day!

John from Brisbane has added a photo to the pool:

The birds are resting at Shorncliffe and watching the world go by with a car carrier at dead slow about to reverse engines and take a helping hand from tugs to tie up at the Port of Brisbane while a Qantas aircraft is on finals and about to touch down at Brisbane International airport.

John from Brisbane has added a photo to the pool:

Fresh prawns and seafood are a basic part of a Christmas lunch in Australia. The catch from Moreton Bay, Queensland is partly offloaded and sold directly from the trawler in places such as Shorncliffe, Redcliffe and the Gold and Sunshine Coasts. The demand at this time of year usually results in long lines of people waiting to purchase seafood that can't be fresher. This year's catch is said to be exceptional due to the run-off nutrients from the wet weather we have experienced in the last couple of months.

This trawler is tied up in Cabbage Tree Creek in suburban Shorncliffe.

Old Man Hiking has added a photo to the pool:

Victoria, Australia

Stueyman has added a photo to the pool:

Stueyman has added a photo to the pool:

Wellington Dam, WA

Thomas Hawk posted a photo:

date stamped on back of photograph, June 1972

Thomas Hawk posted a photo:

xthylacine has added a photo to the pool:

Koenji, Tokyo, Japan

Judge said his fraud was on 'epic, generational scale'

Terraform Labs founder Do Kwon will spend 15 years in jail after pleading guilty to committing fraud.…

illustrations created for my first solo show TENDRE HIVER in Seoul