Bom dia! Friday assorted links: Vitest Browser Mode - The Future of Frontend Testing | How To Test Frontend This is a full introduction guide to what you need to know about Vitest Browser Mode, from what it is, how to install and configure it, and writing your first tests 🔗

Vitest Browser Mode - The Future of Frontend Testing | How To Test Frontend

This is a full introduction guide to what you need to know about Vitest Browser Mode, from what it is, how to install and configure it, and writing...

--- Tasker - Automate Anything with AI | Browser Automation Made Simple Tasker is a free, open-source AI-powered desktop app that automates any website. Record workflows or describe them in plain English. AI handles the rest. Download for Windows, Mac, and Linux. 🔗

Tasker - Automate Anything with AI

Free and open-source browser automation. Record or describe any workflow. AI handles the rest. The smart way to eliminate repetitive web tasks.

--- SatoshiSend - Encrypted File Sharing Share files securely with end-to-end encryption and Bitcoin Lightning payments. Files are encrypted in your browser before upload - the server never sees your data. 🔗

SatoshiSend

SatoshiSend - Encrypted File Sharing with Bitcoin Lightning

Share files securely with end-to-end encryption and Bitcoin Lightning payments.

How to install nos2x extension on Firefox for Android. Open Firefox. Go to

GitHub

Release v1.17.0 · diegogurpegui/nos2x-fox

Changes: NEW: Unique unified prompt popup to avoid flooding windows (#25, #44) NEW: New kind description in prompt popup Code upgrade and cleanup

and download the .xpi file to your mobile Open a new tab, remove the keyboard to be able to see the 3 dots button on the top right. Click the 3 dots button and then click Settings (should be the last option) Scroll down and click About Firefox. Click 5 times in the Firefox logo to enable Developer's options. Go back, you now should be able to see new options on Settings. Click “Install extension from file”. The file you downloaded in the first step should be visible in the list of files. Click it to install the extension. Configure the extension by creating a profile and adding a secret key. You are good to go.

Namaste! Wednesday assorted links: The Biggest Bitcoin Heists In History - Lightning News Analyzing the biggest bitcoin heists in history reveals several recurring vulnerabilities that have enabled these massive thefts 🔗

Lightning News

The Biggest Bitcoin Heists In History - Lightning News

Analyzing the biggest bitcoin heists in history reveals several recurring vulnerabilities that have enabled these massive thefts

--- Ambient Music for Deep Work, Study, and Reflection — ambientmusic.com A calm digital space with minimalist, drone, industrial, and dark ambient music to support deep work, study, and reflection. 🔗

Ambient Music

Ambient Music for Work, Study, and Reflection — ambientmusic.com

A calm digital space with minimalist, drone, industrial, and dark ambient music to support work, study, and reflection.

Nǐ hǎo! Tuesday assorted links: Mammouth AI The best GenAI models in one subscription. Access GPT, Claude, Gemini, Mistral, Llama, Nano Banana, GPT-image, FLUX, and stay up to date with AI. 🔗

Mammouth AI

--- Staying ahead of censors in 2025: What we've learned from fighting censorship in Iran and Russia - News - Tor Project Forum From internet blackouts in Iran to Russia's evolving censorship tactics, 2025 has tested Tor's anti-censorship tools like never before. These are the moments where the work of Tor's anti-censorship team is more important than ever, to fulfill our mission of preserving connectivity between users in affected regions and the rest of the world. In this blog post, we want to talk about what we've learned, how we've adapted, and what other internet users can do to keep Tor users connected. 🔗

Tor Project Forum

Staying ahead of censors in 2025: What we've learned from fighting censorship in Iran and Russia

by meskio and shelikhoo | December 3, 2025 From internet blackouts in Iran to Russia's evolving censorship tactics, 2025 has tested Tor's ant...

--- tw93/Mole 🐹 Deep clean and optimize your Mac. Contribute to tw93/Mole development by creating an account on GitHub. 🔗

GitHub

GitHub - tw93/Mole: 🐹 Clean, uninstall, analyze, optimize, and monitor your Mac from the terminal.

🐹 Clean, uninstall, analyze, optimize, and monitor your Mac from the terminal. - tw93/Mole

Guten Morgen! Monday assorted links: MongoBleed explained simply - by Stanislav Kozlovski CVE-2025-14847 allows attackers to read any arbitrary data from the database's heap memory. It affects all MongoDB versions since 2017, here's how it works 🔗

MongoBleed explained simply

CVE-2025-14847 allows attackers to read any arbitrary data from the database's heap memory. It affects all MongoDB versions since 2017, here's a si...

--- Replacing JS with just HTML - HTMHell A collection of bad practices in HTML, copied from real websites. 🔗

Replacing JS with just HTML - HTMHell

Replacing JS with just HTML - HTMHell

A collection of bad practices in HTML, copied from real websites.

Bună dimineața! Sunday assorted links: HTTP caching, a refresher · Dan Cătălin Burzo Let’s relearn web caching together. 🔗

HTTP caching, a refresher · Dan Cătălin Burzo

Let’s relearn web caching together.

--- My Bitcoin Starter Kit Efrat Fenigson compiled a list of Bitcoin resources for beginners, enjoy & share it! 🔗

My Bitcoin Starter Kit

I've compiled my list of Bitcoin resources for beginners, enjoy & share it!

Good Morning! Saturday assorted links: karol-broda/snitch a prettier way to inspect network connections. 🔗

GitHub

GitHub - karol-broda/snitch: a prettier way to inspect network connections

a prettier way to inspect network connections. Contribute to karol-broda/snitch development by creating an account on GitHub.

--- The Trust Shift: Secure Enclaves for Private Nostr Relays on nostr TEE relays shift trust from operators to chip manufacturers. For most threats, that trade is worth making, with eyes open. 🔗

Damus

The Trust Shift: Secure Enclaves for Private Nostr Relays on nostr

TEE relays shift trust from operators to chip manufacturers. For most threats, that trade is worth making, with eyes open.

--- Clock Synchronization Is a Nightmare Time seems simple. But we engineers lose sleep over something as basic as keeping clocks in sync. Here’s why… 🔗

Arpit Bhayani

Clock Synchronization Is a Nightmare

Time seems simple. But we engineers lose sleep over something as basic as keeping clocks in sync. Here’s why…

Bom dia! Friday assorted links: Eriner/vanity-npub A fast vanity (Nostr) bech-32 npub address generator 🔗

GitHub

GitHub - Eriner/vanity-npub: A fast vanity (Nostr) bech-32 npub address generator

A fast vanity (Nostr) bech-32 npub address generator - Eriner/vanity-npub

--- Yakihonne | Nostr Compass Nostr Compass is a technical resource for the Nostr protocol, helping developers, relay operators, and builders stay current on protocol evolution. We publish weekly newsletters covering NIP proposals, client updates, relay developments, and notable code changes. Our podcast features conversations with the developers building Nostr. The topic index documents key concepts with links to primary sources. 🔗

Yakihonne

Nostr Compass

Nostr Compass is a technical resource for the Nostr protocol, helping developers, relay operators, and builders stay current on protocol evolution....

Bună dimineața! Thursday assorted links: antonmedv/textarea: A notes webapp A minimalist text editor that lives entirely in your browser and stores everything in the URL hash. 🔗

GitHub

GitHub - antonmedv/textarea: A minimalist text editor that lives in URL

A minimalist text editor that lives in URL. Contribute to antonmedv/textarea development by creating an account on GitHub.

--- Yakihonne | Nostr Compass #1 Welcome to Nostr Compass, a weekly newsletter dedicated to the Nostr protocol ecosystem 🔗

Yakihonne

Nostr Compass #1

NIP-BE brings Bluetooth mesh networking to Nostr, MIP-05 solves private push notifications, and major clients (Amethyst, WhiteNoise, Damus, Notedec...

Good Morning! Wednesday assorted links: Pidgeon Nostr scheduler client + DVM-powered job ledger. Pidgeon is a privacy first Nostr scheduler client that comes with a companion DVM. The official instance runs at

Pidgeon

Pidgeon, a Nostr scheduler for posts and DMs.

and is accessible to all Nostr users. 🔗

Pidgeon

Pidgeon, a Nostr scheduler for posts and DMs.

--- Proxyman · Debug, intercept & mock HTTP with Proxyman Proxyman is a native, high-performance macOS app, which enables developers to capture, inspect, and manipulate HTTP/HTTPS requests/responses with ease. Support iOS and Android Simulator and Physical Device. 🔗

Proxyman

Proxyman - Best HTTP Debugging Proxy for macOS, iOS, Android, Windows & Linux

Proxyman is a native, high-performance HTTP debugging proxy app for macOS, iOS, Android, Windows, and Linux. Capture, inspect, and mock HTTP/HTTPS ...

Dobrý ráno! Tuesday assorted links: Best Bitcoin Movies To Watch Over The Holidays - Lightning News 🔗

Lightning News

Best Bitcoin Movies To Watch Over The Holidays - Lightning News

Stop procrastinating; just press "play", watch the best bitcoin films ever made and go on an exciting adventure down the bitcoin rabbit hole! ...An...

--- Temp.sh | Temporary File Upload Temporary File Upload. 3 days. 4GB Size Limit. CLI and ShareX Support 🔗

Temp.sh | Temporary File Upload

Temporary File Upload. 3 days. 4GB Size Limit. CLI and ShareX Support

--- rendercv/rendercv Typst-based CV/resume generator for academics and engineers 🔗

GitHub

GitHub - rendercv/rendercv: Resume builder for academics and engineers

Resume builder for academics and engineers. Contribute to rendercv/rendercv development by creating an account on GitHub.

Merry Christmas 😉 https://annas-archive.li/blog/backing-up-spotify.html

Ohayō gozaimasu! Saturday assorted links: Bitcoin Optech Newsletter #385: 2025 Year-in-Review Special | Bitcoin Optech The eighth annual Bitcoin Optech Year-in-Review special summarizes notable developments in Bitcoin during all of 2025. 🔗

Bitcoin Optech

Bitcoin Optech Newsletter #385: 2025 Year-in-Review Special

The eighth annual Bitcoin Optech Year-in-Review special summarizes notable developments in Bitcoin during all of 2025.

Namaste! Friday assorted links: Interactive Fluid Typography — Electric Magic Factory How to build responsive typography with fluid units and typed arithmetic in CSS. 🔗

Interactive Fluid Typography — Electric Magic Factory

How to build responsive typography with fluid units and typed arithmetic in CSS.

--- picknplace.js, an alternative to drag and drop 🔗

picknplace.js

picknplace.js

A proof of concept of a viable drag and drop alternative

--- How SQLite Is Tested The SQLite testing strategy 🔗

How SQLite Is Tested

Ohayō gozaimasu! Thursday assorted links: 30 Years of <br> Tags Three decades of making things on the internet 🔗

30 Years of <br> Tags

Three decades of making things on the internet

--- PearPass | Your Open-Source Password Manager Unlike cloud-based password managers, PearPass stores your passwords only on the devices you choose. Your data remains fully local and is shared only between your devices, eliminating server vulnerabilities and maximizing your privacy 🔗

PearPass | Your Open-Source Password Manager

No Cloud, No Data Centers, Just Your Devices.

Guten Morgen! Tuesday assorted links: gommzystudio/device-activity-tracker A tool for tracking over three billion WhatsApp and Signal users has been publicly released. Just by knowing the phone number, attackers can determine when users come home, when they are actively using the phone, when they go to sleep, or when they are offline. They can also drain batteries and data limits without the users noticing anything. 🔗

GitHub

GitHub - gommzystudio/device-activity-tracker: A phone number can reveal whether a device is active, in standby or offline (and more). This PoC demonstrates how delivery receipts + RTT timing leak sensitive device-activity patterns. (WhatsApp / Signal)

A phone number can reveal whether a device is active, in standby or offline (and more). This PoC demonstrates how delivery receipts + RTT timing le...

--- icitry/SVGWebsite You probably heard about SVGs - those things you use for website logos. Well, what if instead of just a simple image, it was the entire website instead? Well I made an entire Web App, including HTML, CSS, JS functionality, with embedded storage and also sharing and merging data between users - all inside what many think is just another image format. 🔗

GitHub

GitHub - icitry/SVGWebsite

Contribute to icitry/SVGWebsite development by creating an account on GitHub.

Nǐ hǎo! Monday assorted links: Bitcoin Products - Trusted Bitcoin Tools, Wallets & Services Battle-tested, personally vetted, products we'd recommend to friends 🔗

Bitcoin Products

Bitcoin Products - Trusted Bitcoin Tools, Wallets & Services

Discover battle-tested Bitcoin products we'd recommend to friends and family. Find trusted exchanges, hardware wallets, Lightning apps, and more.

--- 40 open-source tools redefining how security teams secure the stack - Help Net Security Open source security software has become a key way for teams to get flexibility, transparency, and capability without licensing costs. The free tools in this roundup address problems security teams deal with, from managing large environments to catching misconfigurations and understanding how new technologies change threat exposure. 🔗

Help Net Security

40 open-source tools redefining how security teams secure the stack - Help Net Security

Discover free security software that helps teams monitor systems, find vulnerabilities, secure identities, and manage risk.

Guten Morgen! Sunday assorted links: Fedimint Observer Fedimint Observer is intended to become the \mempool.space for Fedimint\. Due to the privacy properties of Fedimint it won't be able to show concrete transaction flows, but transfers in and out of single federations are visible. 🔗

Fedimint Observer

--- Home • Easel A beginner-friendly 2D game programming language designed to match how humans, not computers, think about game logic. It also makes your games multiplayer, automatically. Even if you've never coded before, you'll love making games with Easel! 🔗

Easel

Home • Easel

Make games. Play together. So easy.

Guten Morgen! Saturday assorted links: VoxCSS — CSS voxel engine for the DOM There’s been a number of 3D engines in CSS over the years but this one looks especially good. 🔗

PolyCSS

PolyCSS - CSS 3D Engine for the DOM

Render solid and textured 3D meshes in the DOM without WebGL. Each polygon is a real element you can style, click, and inspect. Supports OBJ/MTL, G...

--- GSAP Demo Hub Animation libraries like GSAP are great, but discovering truly inspiring examples can be hard. GSAP have fixed that with this glorious collection. 🔗

GSAP Demo Hub

A growing collection of interactive demos and examples. Learn, explore, and see what’s possible with GSAP.

--- TempMail.Best Best Free Disposable Temporary Email Address Generator. Privacy friendly, Valid for 1 hour 🔗 https://tempmail.best/ --- Search :: Lumen Court orders demanding domain blocks to Cloudflare. 🔗

Making sure you&#39;re not a bot!

Buenos días! Friday assorted links: LND: Excessive Failback Exploit #2 – Matt Morehouse A variant of the excessive failback exploit disclosed earlier this year affects LND versions 0.18.5 and below, allowing attackers to steal node funds. Users should immediately upgrade to LND 0.19.0 or later to protect their funds. 🔗

Matt Morehouse

LND: Excessive Failback Exploit #2

Discussion of a variant of the previously-disclosed excessive failback exploit in LND.

--- LND: Infinite Inbox DoS – Matt Morehouse LND 0.18.5 and below are vulnerable to a denial-of-service (DoS) attack that causes LND to run out of memory (OOM) and crash or hang. Users should upgrade to at least LND 0.19.0 to protect their nodes. 🔗

Matt Morehouse

LND: Infinite Inbox DoS

Discussion of an LND DoS vulnerability from large incoming message queues.

--- LND: Replacement Stalling Attack – Matt Morehouse A vulnerability in LND versions 0.18.5 and below allows attackers to steal node funds. Users should immediately upgrade to LND 0.19.0 or later to protect their funds. 🔗

Matt Morehouse

LND: Replacement Stalling Attack

Discussion of weaknesses in LND

--- Denial of Service and Source Code Exposure in React Server Components – React Security researchers have found and disclosed two additional vulnerabilities in React Server Components while attempting to exploit the patches in last week’s critical vulnerability. These new vulnerabilities do not allow for Remote Code Execution. The patch for React2Shell remains effective at mitigating the Remote Code Execution exploit. 🔗

Denial of Service and Source Code Exposure in React Server Components – React

The library for web and native user interfaces

--- Size of Life Explore the scale of living things, from an amoeba to a blue whale. 🔗 https://neal.fun/size-of-life/