Razer, maker of green-hued gaming hardware and accessories, has entered the game-streaming space with its new—but not entirely new—app, PC Remote Play. It's based on very good existing streaming tech and makes connecting a PC to mobile devices fairly simple. It's worth checking out unless you have a hard-and-fast policy about avoiding software "utilities" from RGB-obsessed gaming companies.

That, or you're already using and comfortable with Moonlight. Moonlight and Sunshine are the open source game-streaming client and server that wonderfully picked up where Nvidia's Gamestream left off. PC Remote Play is based on Moonstream's open source code, and Razer has made much of its own version's code available.

You're getting a few small upgrades when using PC Remote Play:

Read full article

Comments

Former NSA deputy director George Barnes has made his first investment as a venture capitalist for his new job at the VC incubation studio Red Cell Partners. It’s a $3 million pre-seed deal in an open source cybersecurity startup called Hunted Labs, he told TechCrunch exclusively. Barnes spent his entire 35-year career at the spy agency, […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Open source software used by more than 23,000 organizations, some of them in large enterprises, was compromised with credential-stealing code after attackers gained unauthorized access to a maintainer account, in the latest open source supply-chain attack to roil the Internet.

The corrupted package, tj-actions/changed-files, is part of tj-actions, a collection of files that's used by more than 23,000 organizations. Tj-actions is one of many GitHub Actions, a form of platform for streamlining software available on the open source developer platform. Actions are a core means of implementing what's known as CI/CD, short for Continuous Integration and Continuous Deployment (or Continuous Delivery).

Scraping server memory at scale

On Friday or earlier, the source code for all versions of tj-actions/changed-files received unauthorized updates that changed the "tags" developers use to reference specific code versions. The tags pointed to a publicly available file that copies the internal memory of severs running it, searches for credentials, and writes them to a log. In the aftermath, many publicly accessible repositories running tj-actions ended up displaying their most sensitive credentials in logs anyone could view.

Read full article

Comments