Kite Community Growth Plan | Community AI Sharing🪁 @cryptobudy7 has 1.5 years in the Kite ecosystem and just broke down everything you need to know about Kite AI. Here's what landed: 1️⃣Ethereum was built for humans doing thousands of txns/day. Kite is built for agents doing millions per second. 2️⃣Agent Passport = digital ID + wallet + permission system. All in one. 3️⃣1.9B testnet interactions. 300M+ transactions. Before mainnet even launched. 4️⃣Mainnet now live with 90+ service providers, PayPal & Shopify integrated. 5️⃣Google A2A + Anthropic MCP + Coinbase all compatible. Kite is universal. This is what community-driven education looks like. #KiteAISharing# 🪁

Chroma Weekly Schedule | 18 - 24 May 📅 Live trading sessions, mentorship classes, market breakdowns, and more Everything you need to stay on top of the markets this week 🔥 Only at #ChromaTrading#

🚨USE THIS GUIDE TO PROTECT YOUR COMPUTER FROM NPM HACKS THAT STEAL EVERYTHING IN ONE INSTALL TanStack, a code library used in millions of web apps, got hacked on Monday one install steal every password, key, and credential on your computer this is far not the first hack this month and definitely just the beginning Here's how to protect your machine: [ 1. lock down npm with a 7-day cooldown ]: open ~/.npmrc. keep all existing lines (auth tokens, registry config). append: """ min-release-age=7 minimum-release-age=10080 save-exact=true """ this makes npm refuse any package version published in the last 7 days. attack windows are usually under 24 hours, you skip them entirely [ 2. same cooldown for bun ]: open ~/.bunfig.toml (create if missing). append: """ [install] minimumReleaseAge = 604800 """ 7 days in seconds, same protection in bun's config format [ 3. pin every npm dependency in your projects ]: open package.json. strip every ^ and ~ from versions under: - dependencies - devDependencies - peerDependencies exact versions only. commit your lockfile (bun.lock / package-lock.json / pnpm-lock.yaml) to git so the resolved tree is frozen [ 4. same discipline for python ]: if you use uv (the modern default): commit uv.lock, run `uv sync` to restore if you use pip: requirements.txt with pinned versions, run `pip install --require-hashes -r requirements.txt` if you use poetry: commit poetry.lock, use `poetry install --no-update` never trust `>=` or `~=` ranges in production projects [ 5. pin GitHub Actions to commit SHAs ]: stop using `actions/checkout@v4`. switch to: ```yaml uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 ``` every third-party action runs in your CI with access to repo secrets. pinning the SHA means a compromised maintainer cannot push malicious code into your pipeline [ 6. audit your IDE extensions ]: Cursor, VSCode, Windsurf, every extension is code running with full access to your filesystem, clipboard, and open files - review installed extensions monthly - remove anything you haven't actively used in 30 days - check the publisher, install count, last update, GitHub source before installing - never install extensions that ask for permissions they shouldn't need [ 7. lock down API tokens and credentials ]: - never commit .env to git (add to .gitignore on every project, no exceptions) - use minimum-scope tokens: one repo, one bucket, one workspace - rotate API keys every 90 days, force expiry on critical ones - separate tokens by environment (dev / staging / prod) - enable 2FA on every developer account: GitHub, npm, PyPI, Cloudflare, AWS, OpenAI, Anthropic - never paste secrets into Claude / ChatGPT / any AI chat, they're logged [ 8. set up continuous monitoring ]: - enable Dependabot alerts on every repo (free, takes 2 minutes) - install or Snyk for live vulnerability scanning - subscribe to the npm and PyPI security advisory feeds - follow @snyksec, @socketsecurity, @stepsecurity for early warnings [ 9. how to detect if you got the TanStack payload ]: if you installed any @tanstack/* package between 19:20 and 19:30 UTC on Monday, May 11, treat the host as compromised the detection signature: a malicious manifest contains "optionalDependencies": { "@tanstack/setup": "github:tanstack/router#79ac49ee#..." } any version with this entry is compromised. the payload is delivered via the git-resolved optionalDependency, whose prepare script runs router_init.js (~2.3 MB, smuggled into the tarball root) how to check fast: - search your lockfile for `@tanstack/setup` references - search node_modules for any `router_init.js` file - if either shows up, jump to section 10 immediately future attacks will use the same trick: malicious code hidden in optionalDependencies or postinstall/prepare scripts. add `grep -r "postinstall\|prepare" node_modules/*/package.json | grep -iE "curl|wget|eval|base64"` to your weekly audit routine [ 10. emergency response if you're already compromised ]: ran an install during a suspected attack window? do this in this exact order: - rotate every cloud credential: AWS, GCP, Kubernetes service accounts, Vault tokens - rotate GitHub personal access tokens, OAuth tokens, SSH keys - revoke active sessions on GitHub, npm, PyPI, all cloud providers - audit AWS / GCP / Kubernetes / Vault audit logs for the last several hours, look for unauthorized API calls - pin to the last known-good version of every @tanstack package and reinstall from a clean lockfile - check ~/.npm, ~/.config, browser cookie stores for tampered files - wipe ~/.bash_history, ~/.zsh_history, local AI chat logs that might have secrets - if you ran the install as root or with sudo: nuke the machine, reinstall from scratch, restore code from git only [ why this matters right now ]: attack chains in supply chain hacks usually only last a few hours before the malicious package gets caught and yanked. during those hours, every developer running `npm install` becomes a victim worse: npm couldn't even UNPUBLISH most of the TanStack malicious versions because of third-party dependencies. the registry's own safeguards are part of the problem. you can't rely on the platform, you have to protect yourself the patterns from the last 18 months: - npm: TanStack on May 11 (42 packages, AWS/GCP/Vault credentials), Shai-Hulud worm hit Nx packages, chalk/debug/ansi-styles worm hit qix maintainer - GitHub Actions: tj-actions/changed-files compromise exposed thousands of repos' secrets - PyPI: ongoing typosquatting campaigns targeting AI/ML packages - IDE extensions: VSCode marketplace caught hosting credential stealers the frequency is rising because the payoff is massive one compromised package lands on millions of machines in hours if you don't lock this down tonight, you're exposed to the next one. and there will be one 30 minutes tonight, or wait for the next attack to clean out your machine Full TanStack breakdown:

The ABCs of Quantum Mechanics Here's a infographic that brings together core concepts and notation every student or enthusiast should know; from angular momentum, bound states, and Dirac notation |n⟩ to the Schrödinger equation, wavefunctions Ψ, uncertainty principle ΔxΔp, reduced mass, fine structure constant, and everything in between. A clean visual reference for the foundational language of quantum physics.

GM 🟧 Ordinals at Bitcoin Conference❗️ Here’s a look at Ordinals projects and people from the eco who were present at @TheBitcoinConf in Vegas 2026 ⬇️ ————— 🖼️ ART ————— 💵 Amazing evolving collection created by @MLOdotArt called Do not accumulate. The 21-Month Cycle: A Currency Programmed Not to Last. • Recursive Bitcoin Ordinal inscription • Single-file HTML with embedded CSS, JavaScript, and SVG • No external dependencies after inscription • Fully on-chain • Supply: 21 pieces ☁️ Clouds move behind Lady Liberty, representing the hidden loss of value. They are out of her view, hinting that the threat comes from within the country. Her torch reaches up and sets the Federal Reserve header on fire, suggesting that the institution is being judged for a century of currency decline. 👀 To view the collection, learn more about it and to purchase a piece, visit Bitcoin Museum & Art Gallery (@BMAG_HQ) 👇 🔗 ————— 🧢 MERCH ————— ☮️ @BitcoinPuppets | @Hillshills 🪿 @goosinals | @DJclittylitter 🔶 @SatoshiansBTC | @ToshiNakamodo 🟪 @ARKAiDio 🟠 @Tragic_Eden ———— 🎤 PANELS ———— 🔥 @hellmoneypod hosts 👇 ➡️ Erin @realizingerin • A Framework for Understanding Everything • The Subtle Art of Buying the Top • Forecasting Bitcoin with Macro Models & Mercury Retrograde (Moderator) ➡️ Casey @rodarmor • The Quantum Threat to Bitcoin - - - - - - - - - - - - - - - - - - - - - - - - - - 🤖 @KingBootoshi (@BitcoinBoos) • What Does Bitcoin Look Like in an Agentic World? 🚨 If you’re looking to learn about AI and agents, definitely visit Bootoshi’s website 👇 🔗 🛠️ You’ll find there lots of helpful info and tutorials. You can also try reaching out to Bootoshi directly. - - - - - - - - - - - - - - - - - - - - - - - - - - 🟧 @cbspears (@blockspace) • Modular by Design: Building Everything on Bitcoin • Comparing Lottery Mining & Pool Economics for Hashers - - - - - - - - - - - - - - - - - - - - - - - - - - 🧙‍♂️ @brian_trollz 👀 • Lightning + Ecash: An Atomic Match Made in Heaven (Moderator) - - - - - - - - - - - - - - - - - - - - - - - - - - 🗓️ Hopefully next year in Nashville more Ordinals projects will be present ✌️ It was great meeting you irl @madisonoliviaa_ 🦙 @Hillshills @ToshiNakamodo —— ⛓️ ART ON BITCOIN ——— 🇦🇪 It’s worth noting that BTC Vegas wasn’t the only crypto event happening in recent days 👇 ‼️ Big shoutout to @BtcArtSociety | @Yaraspucia_ | @SergeSats for promoting Art on Bitcoin in Dubai at @TheBlockGlobal Festival!! 🤝 ⛓️ Mosaic by @BitArt21 represented Ordinals extremely well 🔥

GM 🟧 Ordinals are slowly waking up and we have a few intriguing collection launches coming up in the next few weeks, as well as many interesting mints that are currently live 🔥⬇️ 👀 Check out @Tragic_Eden for all the links in one place 👇 🔗 —— UPCOMING FREE MINTS —— 🐯 Cheetah Torne (@BTC_Torne) 🗓️ Mint date: Wednesday, May 13 ⏰ 12pm PT / 3pm ET / 19:00 UTC 🐯 Supply: 2,500 💰 Mint price: FREE 🚀 Launchpad: @ordinalgenesis 🔗 Mint link: TBA 🚨 We’ll be giving away 5 GTD spots soon. Keep notifications on!! - - - - - - - - - - - - - - - - - - - - - - - - - - 🧸 Grizzy by @BITCOIN_GRIZZY 🗓️ Free distribution has started 🤝 🐻 Supply: 333 ❔ For more info visit their X profile - - - - - - - - - - - - - - - - - - - - - - - - - - 🐒 @BitMonkeesBTC with art by @NOXtoshi 🗓️ Mint date: June 6 ⏰ Mint time: TBD 💰 Mint price: FREE 🙊 Supply: 9,999 🚀 Launchpad: TBA ——— NEW COLLECTIONS ——— 💐 tuLIPS by @LRedhorns The artwork is based on an acrylic on canvas painting in which the flowers are formed using the lip prints of the artist Lady RedHorns, while the petals are created from her fingerprints. It is a personal gesture and a bodily message composed into a cohesive artistic composition. - - - - - - - - - - - - - - - - - - - - - - - - - - 💀 Soft Eulogies - Domain 1: Light by @travisleroy Portraits from the Mempool is a time-based vigil for everything that has been declared “dead” in our feeds, markets, and lives. Across the series, thousands of casual dismissals accumulate into a larger meditation on value, loss, and attention in a culture that is always announcing endings. - - - - - - - - - - - - - - - - - - - - - - - - - - ⬛️ Memory Loss by @E_Pieraccini_ A long-form collection of generative, dynamic and conceptual art stored fully on-chain on Bitcoin, that explores the most intimate paradox of the human experience: our memory is what defines us, yet it is destined to corrupt, distort, and ultimately disappear. ————— LIVE MINTS ————— 🔸 Do Not Accumulate Dollar by @MLOdotArt 🔸 @VisibleViolets Vol.2 presented by @OneLoveArtDAO | @Jeni_Pepen 🔸 OnlyGiri by @proofofcar ⚠️ Supply has been reduced to 444 🔸 Murmurations by @lordcalder 🔸 Node Runner by @theMacintoshi 🔸 Okupa by @YuZapata3SC 🔸 Okupa by @judasaca_art 🔸 @pupsogette by @lukaskalm 🔸 Bitcoin Cyborgs by @MrEdogtagnft | @frogpoleon 🔸 Bitcoin Lava Lamps: Wall of Entrooy by @ordlavalamps 🔸 The Bullish Rider by @glitchesst 🔸 Bitcoin Lemings by @ViolaMissCode 🔸 Squanchies by @Nairobi00000 🔸 Eccentric Bananas by @ekavibes 🔸 Sanctum of Fallen Grace by @glitchesst 🔸 Surveillance Garden by @BreathlesssAsh 🔸 Card Packs by @Decentralizd 🔸 AuralDisk by @richbi11 🔸 The Writers by @Lezin_OG 🔸 Wiggle Plug by @itchatoshi 🔸 Gruppets by @AIAndroidDreams 🔸 Inside Us by @ViolaMissCode 🔸 Warden of the Flock by @glitchesst ———— LAUNCHPADS ———— 🚀 For more mints check out these launchpads: 👇 🔸 @LunaticsBTC 🔸 @OrdDropz 🔸 @ordinalgenesis 🔸 @OrdXcom 🔸 @ordzaar 🔸 @trio_xyz 🔸 @trygamma 🔸 @yuzodotxyz

Everything feels like a scam now. Restaurants adding mandatory service charges that “aren’t the tip,” stores asking you to round up for "charity" at checkout, iPads asking for 25% tips on takeout orders… people are getting exhausted by the constant nickel-and-diming