tuannvm

#!/bin/bash
echo "=== Axios Compromise Scanner ===" && echo "Malicious: 1.14.1, 0.30.4 | Attack: 2026-03-31" && echo && find ~ -path "*/node_modules/axios/package.json" -type f 2>/dev/null | while read p; do v=$(jq -r '.version' "$p" 2>/dev/null || grep -o '"version"[[:space:]]*:[[:space:]]*"[^"]*"' "$p" 2>/dev/null | head -1 | cut -d'"' -f4); case "$v" in 1.14.1|0.30.4) echo "🚨 MALICIOUS: $p → $v" ;; *) echo "✓ Safe: $p → $v" ;; esac; done && echo && if find ~ -path "*/node_modules/plain-crypto-js" -type d 2>/dev/null | head -1 | grep -q .; then echo "🚨 TROJAN: plain-crypto-js present"; else echo "✓ No trojan package"; fi && echo && if find ~ -path "*/node_modules/axios/*" -type f -name "*.js" -exec grep -l "sfrclak\.com" {} \; 2>/dev/null | head -1 | grep -q .; then echo "🚨 C2 CALLBACK: sfrclak.com found"; else echo "✓ No C2 callbacks"; fi

tuannvm

#!/bin/bash
echo "=== Axios Compromise Scanner ==="
echo "Malicious versions: 1.14.1, 0.30.4"
echo "Checking..."
echo

find ~ -path "*/node_modules/axios/package.json" -type f 2>/dev/null | while read p; do
  v=$(jq -r .version "$p" 2>/dev/null || grep -oP '"version":\s*"\K[^"]+' "$p" | head -1)
  case "$v" in
    1.14.1|0.30.4) echo "🚨 MALICIOUS: $(dirname $p) → $v" ;;

tuannvm

# Axios NPM Compromise Scanner
# Malicious versions: 1.14.1, 0.30.4 | Attack: March 31, 2026
# https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan

## One-liner (curl | bash)
```bash
curl -sL https://gist.githubusercontent.com/tuannvm/bceae613979f7b91586c75262ca37b81/raw/axios-scan.sh | bash
```

## Direct one-liner

tuannvm

#!/usr/bin/env bash

set -u

CCODEX_CMD="${HOME}/.local/bin/ccodex"
ALIAS_FILE="${HOME}/.oh-my-zsh/custom/ccodex-alias.zsh"
CCODEX_INSTALL_URL="${CCODEX_INSTALL_URL:-https://gist.github.com/tuannvm/6fe6cf37c05265a9ee0acbd3d2da52d4/raw/ccodex}"

has_cmd() {
  command -v "$1" >/dev/null 2>&1

tuannvm

https://blog.cloudflare.com/code-mode/

Cloudflare’s blog post “Code Mode: the better way to use MCP,” authored by Kenton Varda and Sunil Pai, introduces a new approach to using the Model Context Protocol (MCP) that significantly improves AI agent performance. Traditional MCP usage involves directly exposing tools to large language models (LLMs), but this method faces limitations due to LLMs’ limited familiarity with tool-call tokens, resulting in difficulty with complex or numerous tools.

The new Code Mode approach converts MCP tools into a TypeScript API and instructs the LLM to write code that calls the API. This provides several advantages:

1. Improved Tool Handling: LLMs handle more tools and complex interactions better because they are extensively trained on real-world TypeScript code rather than synthetic tool-calling data.
2. Efficient Multi-Call Execution: Code Mode allows LLMs to chain multiple tool calls without looping every result back through the neural network, reducing token

tuannvm

Register A Cluster To Deploy Apps To (Optional)

argocd cluster add docker-desktop

https://registry.terraform.io/providers/oboukili/argocd/latest/docs/resources/cluster

Application Definition

tuannvm

References

• https://github.com/varmaprr/Confluent-Kafka-Certification
• https://github.com/afonsir/apacha-kafka-ccdak
• https://www.confluent.io/wp-content/uploads/confluent-kafka-definitive-guide-complete.pdf
• https://kafka.apache.org/documentation/
• https://docs.confluent.io/platform/current/platform.html
• Developer questions
• Administrator questions

tuannvm

package main

import (
	"fmt"
	"io/ioutil"
	"log"
	"net/http"

	"github.com/gorilla/mux"
)

tuannvm

• Histogram bucket for negative values ("(..., 0)")
• https://github.com/iovisor/bpftrace/blob/master/docs/reference_guide.md

tuannvm

• CKS
  • Helpful Tips
  • Introduction
  • Cloud Native Security
    • Area of Concern for Kubernetes Infrastructure
    • Area of Concern for Workload Security
    • Area of Concern for Containers
    • Area of Concern for Code
  • Pod Security Standards
• What's the difference between a security policy and a security context?