DEV Community

Você não precisa ser especialista para contribuir em uma comunidade

Gabriel — Mon, 22 Jun 2026 22:30:16 +0000

Exatamente isso que você leu.

Você não precisa ser um "expert" em determinada linguagem, ou ter:

5 anos de expêriencia
Feito o código que fez o foguete dar ré
Desenvolvido o Claude 7 ou Gpt 999

para começar a contribuir ou ajudar uma comunidade

Soa meio cômico, mas é a realidade.

Recentemente aconteceu algo até que interessante, que quebrou esse "estigma" que eu tinha.

Faz pouco tempo que ando participando e interagindo em algumas comunidades. Em uma delas, participei de uma reunião que eles fazem semanalmente, na qual separaram alguns problemas para serem resolvidos.

Para fins de organização, foram criado então os "squads", focados em resolverem modulos que tem problemas distintos.

Esses problemas foram adicionados como "Issue" no github, e quem tivesse interesse em tentar resolver seria bem vindo. E isso, com uma ênfase no seguinte:

Independente do seu nível de conhecimento, se é estagiário, júnior, sênior, ou seja lá o que for: faz um fork e tenta solucionar o problema, não se preocupe com isso.

Agora vem a parte curiosa: esse repositório onde eu acabei participando é feito em Laravel, um framework PHP que eu nunca tinha tido contato antes. Com PHP, tive uma pequena prática na faculdade, onde só fiz CRUD e escrevi a prova no papel (foi aterrorizante).

Certo, eu sabia o problema, mas não sabia a linguagem. Isso foi um impeditivo de ajudar?

Claro que não.

Basicamente, peguei o Claude Code para ajudar nisso, já que eu não sabia tanto de Laravel, mas sabia ler um código e entender a lógica dele.

Logo, como o código vai ser revisado por outras pessoas experientes, se tiver algum ponto solto que não foi bem escrito, eles vão apontar e corrigir. É assim que um ciclo de contribuição funciona.

E com isso em mente, pela primeira vez em 3 anos nessa área, tive 2 PRs aprovados em um repositório open source!

Pode parecer besteira, mas é algo muito interessante de fazer e de participar.

Porque o ciclo de vida de software não se resume em código, código qualquer IA faz. A grande questão é você saber no que está trabalhando, entender o propósito do que está sendo desenvolvido.

Resumidamente, estamos desenvolvendo um produto que pode ajudar múltiplas pessoas.

Além disso, muitas empresas grandes têm bons olhos para quem ajuda a desenvolver algo open source.

Se bateu vontade de tentar algo parecido, a He4rt tem vários outros repositórios abertos, e qualquer pessoa pode submeter um PR e sugerir modificações, não é nada obrigatório, é só por vontade própria. Qualquer ajuda sera muito bem vinda.

E se bater alguma dúvida ou travar em algum ponto, não tem problema: é só entrar na comunidade e pedir ajuda. É basicamente pra isso que ela existe.

Se você gostou do artigo, deixa o coraçãozin ai, e não esquece de entrar no servidor do Discord da He4rt!

Link: https://discord.gg/vfCNzybFj6

Advanced Logic Board Diagnostics: How to Track Down a Shorted Power Rail on a MacBook Motherboard

Danish — Mon, 22 Jun 2026 22:21:34 +0000

Every hardware technician or system engineer eventually faces the ultimate villain: a completely dead laptop that draws zero amps, or worse, triggers the bench power supply's over-current protection (ocp) instantly.
While software troubleshooting gets a lot of love, component-level hardware repair is a true art. Today, we’re going deep into the trenches of micro-soldering and motherboard diagnostics to map out exactly how to find a shorted capacitor or a blown PMU IC on a modern laptop logic board.
Step 1: The Initial Visual Inspection (Don't Skip This!)
Before grabbing the multimeter, look closely under the microscope. 80% of catastrophic shorts leave physical evidence:
Discoloration: Blown ceramic capacitors often turn dark gray, cracked, or show tiny burn marks.
Corrosion: Liquid damage leaves a signature green or white crusty residue (oxidation), which bridging pins together.
Cratered ICs: Power Management ICs (PMUs) or MOSFETs might have a tiny hole punched through the center of the silicon casing.
Step 2: Testing the Main Power Rail (The Primary Check)
Every laptop has a main power rail that distributes voltage from the charger/battery to the rest of the buck converters (usually 19\text{V} on Windows laptops or 12.6\text{V} to 20\text{V} on MacBooks, like the PPBUS_G3H rail).
1 Put your multimeter into Diode Mode.
2 Place the Red probe on Ground (shielding or screw hole) and the Black probe on the output side of the main current sensing resistor.
3 Reading Check:
A healthy main rail should read anywhere from ⁠0.350⁠ to ⁠0.500⁠ in diode mode.
If your meter reads ⁠0.000⁠ or beep instantly in continuity mode, congratulations—you have a hard short to ground.
Step 3: Finding the Faulty Component (The Voltage Injection Method)
Once you've confirmed a shorted rail, never plug the original laptop charger back in. It will pump high current repeatedly and fry the inner copper layers of the PCB. Instead, use a DC Bench Power Supply.The Golden Rule of Voltage Injection: NEVER inject more voltage than the rail is rated for. If you are injecting into a 1.0\text{V} CPU core rail, keep your power supply at 0.8\text{V} - 1.0\text{V}. Injecting 19\text{V} into a CPU rail will instantly destroy the processor.

The Diagnostic Procedure:
1 Solder a thin wire to the shorted rail (e.g., the pad of a shorted capacitor or a current sensing resistor).
2 Connect the positive lead of your bench power supply to this wire, and the ground lead to the motherboard ground.
3 Set the voltage low (e.g., 1.0\text{V}) and cap the current limit at 1.5\text{A} - 2\text{A}.
4 Turn on the power supply. The component causing the short will convert that electrical energy into pure heat.
Step 4: Locating the Heat Source
How do you find the exact component that's heating up? There are two reliable methods:
Method A: Freeze Spray or Isopropyl Alcohol (IPA)
Spray the suspected area with freeze spray or coat it with 99% pure IPA. Turn on the power supply. The faulty capacitor, MOSFET, or PMU IC will instantly melt the ice or evaporate the alcohol, pointing you directly to the culprit.
Method B: Thermal Camera
If you have access to a professional repair setup, a thermal camera will display a bright purple/white hotspot right over the shorted component within seconds.
For advanced hardware restoration, check out expert resources at MacTech Pro Dubai (https://mactechpro.ae/) where professional technicians tackle complex Apple logic board repairs daily.
Step 5: Isolation and Replacement
1 Use a high-quality hot air rework station (set to roughly 380^\circ\text{C} - 400^\circ\text{C} depending on the board's thermal mass) to carefully remove the shorted component.
2 Once removed, measure the diode reading on the rail again.
3 If the short is gone (reading goes back up to normal), you've successfully isolated the issue! Clean the pads, solder a healthy replacement donor chip or capacitor, and test the system.
Conclusion
Component-level repair requires patience, the right tools, and a systematic approach. By checking the main rails, injecting safe voltages, and isolating the heat signatures, you can bring seemingly "dead" motherboards back to life.
What’s the trickiest motherboard short you've ever had to hunt down? Let’s discuss in the comments below!

The Role of CWE in Software Development

Nargiz Naghiyeva — Mon, 22 Jun 2026 22:17:44 +0000

Finding and patching vulnerabilities after the software is in production is both costly and leaves the company vulnerable to cyberattacks. To build defenses from the moment the code is written, software engineers use the CWE (Common Weakness Enumeration) catalog as a guide to secure programming.

How Do Programmers Use CWE to Secure Code?
CWE creates a common language between programmers and security teams. It can be used at different stages of software development in the following ways:
In the Planning and Design Phase: Before starting to write code, architects review the "CWE Top 25" (World's 25 Most Dangerous Code Errors) list. For example, if the project has a user registration system, the team reviews the CWE-20 (Invalid Input Validation) rules in advance and sets the code standards accordingly.
During the Coding Phase (Live Guide): Each error in the CWE database has a special section for programmers. This includes a "Error Code Example" in the language (C, C++, Java, Python, Go) of the error and a "Correct / Safe Code Example" immediately before it. Programmers can look at these examples while writing the function and avoid errors.
During the Testing Phase (SAST Tools): SAST (Static Application Security Testing) tools that automatically scan the code directly mark the errors they find with CWE codes (for example: Warning: CWE-79 detected). As soon as the programmer receives this warning from the scanner, he switches to the CWE database, understands the root of the error and fixes the code.
During Code Review, Senior programmers do not just say "there is an error here" when reviewing the code of juniors. They direct them to the appropriate CWE link.This turns a simple bug fix into a long-term learning method for the programmer.

Nvidia wants enterprises to run agents safely. NemoClaw is how.

Andrew Kew — Mon, 22 Jun 2026 22:10:39 +0000

Getting enterprises to adopt autonomous agents isn't a model problem — it's a governance problem. That's the gap NemoClaw is built to close.

NemoClaw is Nvidia's collection of open blueprints for taking agents from prototype to governed production deployment. It ships today for OpenClaw and Hermes. Getting started is a one-liner:

curl -fsSL https://www.nvidia.com/nemoclaw.sh | bash

What NemoClaw actually is

Three components under one install path:

OpenShell — Nvidia's runtime policy layer. Every session is sandboxed, every resource metered, every permission verified before execution. Think browser-style isolation, applied to agentic workflows.
Nemotron models — Nvidia's open model family, available locally or routed alongside frontier models (Claude, GPT, etc.) under defined privacy controls.
NeMo Agent Toolkit v1.7 — the workflow layer: functions, memory, MCP + A2A clients, retrieval, embedders. The building blocks agents need to actually do work.

The blueprints wire these together into production-ready setups. OpenClaw + NemoClaw adds OpenShell sandboxing and lifecycle management around an existing OpenClaw install. Hermes + NemoClaw adds a skills-and-memory self-improvement loop with policy controls baked in. Both deploy anywhere — security profiles are host-agnostic.

The OpenShell piece

OpenShell is doing the heavy lifting on safety and is worth understanding separately. It gives each agent — and each sub-agent — an isolated, purpose-built sandbox designed for AI that modifies its own environment. Agents can install packages, learn new skills, experiment. The host system stays clean.

The policy engine evaluates at the binary, path, and method level. Developers grant real-time approvals; every allow and deny is logged for forensic-level audit.

"Run any agent more safely. Shape its access not its capabilities, and help keep inference private."

That's the design intent in a sentence. The goal isn't to nerf the agent — it's to constrain where it operates, not what it can reason about. That's the right tradeoff for enterprise.

Why Nvidia built this

Nader Khalil flagged it directly in his New Stack interview: "There are teams within enterprises who are more worried." NemoClaw is the answer to the worried camp.

The business logic follows CUDA X — find where enterprises need tooling to unlock GPU compute, build that tooling, open-source it. Nvidia's revenue depends on enterprise GPU adoption. Enterprise GPU adoption depends on agents running safely in production. NemoClaw reduces the blocker.

They're also contributing full-time engineers to OpenClaw directly. NemoClaw isn't a wrapper play; it's Nvidia investing in the whole ecosystem.

What to do

Running OpenClaw in production? NemoClaw is the obvious governance upgrade — one curl command adds sandboxing and policy controls around your existing setup.
Evaluating agent security? Read the OpenShell architecture — the sandbox-per-agent + granular policy engine design is genuinely well thought through.
Watching Hermes? The Hermes blueprint (self-improving skills loop + OpenShell controls) is the most interesting combination in the stack right now.
On Nvidia hardware? Nemotron routing in NemoClaw keeps inference local by default. Worth benchmarking against your current model mix on cost and latency.

Sources: NemoClaw · OpenShell · NeMo Agent Toolkit docs

✏️ Drafted with KewBot (AI), edited and approved by Drew.

Penpot for Developers: The Open-Source Design Tool That Speaks Your Language

ArshTechPro — Mon, 22 Jun 2026 21:58:38 +0000

Most design tools treat developers as an afterthought. You get handed a file, you squint at a spec panel, and you manually translate someone else's pixels into code that drifts out of sync the moment the design changes.

Penpot is an open-source design and prototyping platform where design is expressed as actual code — SVG, CSS, HTML, and JSON, the same web standards you already ship. No proprietary .fig lock-in, no "designer dialect" to interpret. It's MPL-2.0 licensed, written largely in Clojure/ClojureScript with a Rust WebAssembly renderer, and at the time of writing sits around 47k stars on GitHub.

Here's what's actually in it for you as a developer.

1. Inspect mode gives you real, ready-to-use code

Every design in Penpot has an Inspect tab that exposes the underlying SVG, CSS, and HTML. Because the design is web standards under the hood, what you copy is what you ship — not an approximation a plugin reverse-engineered. This removes the translation layer that usually causes design-to-implementation drift.

2. Layouts that behave like real CSS

Penpot supports native CSS Grid and Flexbox layouts. You design responsive interfaces using the same layout models that exist in the browser, so the structure you see in the canvas maps onto the box model you'll actually write. Less "why doesn't this reflow like the mockup" friction.

3. An MCP server for AI-driven design-to-code

This is the part worth paying attention to in 2026. Penpot ships an official MCP (Model Context Protocol) server, now integrated directly into the main repo under /mcp.

What it enables: any MCP-compatible AI client — Claude Code, Cursor, Claude Desktop, Copilot-style tools — can read and modify your Penpot design files programmatically. Because designs are already structured, machine-readable code, the agent isn't guessing from a screenshot. It works with the real component tree, styles, and tokens.

The workflows people are building with it include:

Translating a board into production-ready semantic HTML and modular CSS, honoring your design tokens
Generating interactive prototypes from existing designs
Turning a rough scribble into a component that respects your design system
Auto-generating design-system documentation from a file
Code-to-design (not just design-to-code) and design-to-documentation round trips

Quick start for Claude Code against a local server:

claude mcp add penpot -t http http://localhost:4401/mcp

The MCP core is written in TypeScript for type-safe interaction with the Penpot Plugin API, and supports both a hosted (remote) setup and a self-hosted local setup. One safety note worth repeating: the MCP key is a personal, non-recoverable token — treat it like a password, and start your agent with read-only prompts (list, inspect, analyze) before letting it write changes to a focused page.

4. Native design tokens as a single source of truth

Penpot has first-class native Design Tokens, plus Components and Variants. Tokens act as one source of truth shared between design and development, which means no manual token exports and no separate plugin to keep your color/spacing/type scales in sync. Combined with the MCP server, your design system can become a direct context source for AI-generated code.

5. An open API, plugins, and webhooks

If you want to automate or integrate, Penpot is programmable:

Plugin system with access to the full workspace — read and write designs programmatically
Open REST API accessible via access tokens
Webhooks to wire Penpot into your existing toolchain

No app-store review process or corporate gatekeeping to extend the tool.

6. Self-host it anywhere

Penpot is deployment-agnostic. Use the hosted SaaS at design.penpot.app, or run it on your own infrastructure with Docker, Kubernetes, Elestio, and other options. For teams under compliance constraints (healthcare, finance, government), this means your design IP can live entirely on servers you control — no third-party cloud required.

Why a developer might actually care

The short version: Penpot collapses the gap between design and development by refusing to invent its own format. Web-native output, real CSS layouts, native design tokens, an open API, and an MCP server that makes the whole thing AI-actionable add up to a design platform that speaks the languages you already work in — and that you can own end to end.

Figma still leads on polish, plugin breadth, and prototyping depth, so this isn't a "rip and replace" pitch. But if data ownership, design-code alignment, or AI-in-the-loop workflows matter to you, Penpot is worth a serious look.

Getting started

Reference: https://github.com/penpot/penpot

Rundschau Talk Spezial«Das System ist für diejenigen gemacht, die es verstehen»

Grzegorz — Mon, 22 Jun 2026 21:55:47 +0000

Die scheidende SRF-Direktorin Nathalie Wappler führte in einer Sondersendung des «Rundschau Talk» ihr letztes grosses Interview – mit Sergio Ermotti, CEO der UBS.
Nach 38 Minuten verliess Ermotti das Studio, ohne sich zu verabschieden. Davor hatte er einen Satz gesagt, der die Schweiz nicht losgelassen hat.
Die UBS reagierte 47 Minuten nach Sendungsende mit einer Stellungnahme und reichte am Freitagmorgen eine formelle Beschwerde bei der Ombudsstelle SRG ein. Die UBS-Aktie eröffnete mit minus 3,2 Prozent. Generaldirektorin Susanne Wille reagierte um 22:47 Uhr mit einem historischen Statement aus Leutschenbach.**

«Rundschau Talk Spezial» ist das seltenste Format im Schweizer Fernsehen. Im Jahr 2025 gab es nur vier Ausgaben. Jede einzelne wird monatelang vorbereitet, jede einzelne ist für genau einen Gast reserviert – und nur dann produziert, wenn die Redaktion glaubt, dass dieser Gast etwas zu sagen hat, was die Schweiz hören muss.

Diese fünfte Ausgabe, die erste des Jahres 2026, war anders. Anders, weil sich Nathalie Wappler – seit über sechs Jahren Direktorin von SRF, die das Haus in wenigen Wochen verlässt – persönlich an den Tisch setzte. Die Sendung trug deshalb den Zusatz «Spezial» – zum ersten Mal in der Geschichte des Formats moderierte die Direktorin selbst.

Und anders, weil ihr Gegenüber Sergio Ermotti hiess, CEO der UBS. Seine Vergütung von 14,9 Millionen Schweizer Franken war erst kürzlich an der Generalversammlung in Basel von 86,7 Prozent der Aktionäre bestätigt worden.

Wappler hatte vier Monate verhandelt, um Ermotti vor die Kamera zu bekommen. Die UBS-Pressestelle hatte zugesagt unter zwei Bedingungen: keine Fragen zur AGM-Abstimmung, keine Fragen zu Bonuszahlungen. Wappler stimmte zu. Was die UBS nicht wusste: Sie hatte sich nicht an die Bedingungen gebunden gefühlt.

«Heute Abend werde ich nicht freundlich sein»

Die Sendung begann nicht wie ein Interview. Sie begann mit einem Vorwort. Wappler sass allein im Studio, der Stuhl gegenüber war noch leer.

Ermotti betrat das Studio. Dunkler Massanzug, ein Lächeln, das Routine war. Er gab Wappler die Hand, setzte sich, justierte sein Mikrofon. Ein Profi. Er hatte keine Ahnung, was kommen würde.

«Sie verdienen ihr Monatsgehalt vor der Mittagspause»

Wappler: «Herr Ermotti. Vierzehn Komma neun Millionen Schweizer Franken. Zwei Komma acht Millionen Grundgehalt, zwölf Komma eins Millionen Bonus. Das ist Ihre Vergütung für 2025. Wissen Sie, wie viel das pro Stunde ist?»

Ermotti: «Frau Wappler, ich glaube nicht, dass es zielführend ist, mein Gehalt in dieser Form zu diskutieren. Meine Vergütung entspricht internationalen Marktstandards. UBS konkurriert um Talente mit Goldman Sachs, Morgan Stanley, Deutsche Bank. Wenn wir hier unter dem Marktniveau zahlen, verlieren wir unsere besten Leute. Das ist nicht im Interesse der Schweiz.»

Wappler: «Sieben tausend einhundertdreiundsechzig Franken. Pro Stunde. Eine Krankenschwester am Universitätsspital Zürich verdient sieben tausend fünfhundert Franken im Monat. Sie verdienen ihr Monatsgehalt, bevor sie zur Mittagspause gehen. Können Sie mit dieser Tatsache leben?»

Ermotti: «Das ist eine populistische Rechnung, Frau Wappler. Sie wissen genauso gut wie ich, dass internationale Finanzmärkte nicht mit Pflegeberufen verglichen werden können. Das sind zwei völlig verschiedene Welten. Meine Verantwortung umfasst drei Millionen Kunden, hundertfünfzigtausend Mitarbeiter weltweit, eine Bilanzsumme von über tausendsiebenhundert Milliarden Dollar. Das lässt sich nicht in Stundenlöhnen messen.»

Wappler: «Die Ethos Foundation hat es ausgerechnet. Nicht ich. Ihre Vergütung liegt einhundertsiebenundvierzig Prozent über dem Median Ihrer fünfzehn grössten europäischen Konkurrenten. Hundertsiebenundvierzig Prozent. Das ist nicht Populismus. Das ist Mathematik.»

Ermotti griff nach dem Wasserglas. Trank einen Schluck. Stellte es zurück.

«Achtundachtzig Prozent kommen aus dem Ausland»

Wappler: «Ihre Vergütung wurde erst kürzlich an der UBS-Generalversammlung mit 86,7 Prozent bestätigt. Wissen Sie, welcher Anteil dieser Aktionäre in der Schweiz wohnt? Weniger als zwölf Prozent. Achtundachtzig Prozent der Stimmen, die über Ihre Vergütung entscheiden, kommen aus dem Ausland. Wie fühlt es sich an, wenn Ausländer darüber entscheiden, wie viel ein Schweizer Banker verdient – ein Banker, dessen Bank von Schweizer Steuerzahlern gerettet wurde?»

Ermotti: «Die UBS wurde nicht gerettet, Frau Wappler. Das ist eine falsche Darstellung. Wir haben Credit Suisse übernommen, im Auftrag des Bundesrats, um den Finanzplatz Schweiz zu stabilisieren. Es war keine Rettung der UBS – es war die Rettung der Schweizer Wirtschaft. Ohne diese Transaktion hätten wir einen Dominoeffekt erlebt, der das Land in die schwerste Krise seit 1929 gestürzt hätte.»

Wappler: «Mit einer Garantie des Bundes über neun Milliarden Franken. Mit einer Liquiditätshilfe der Nationalbank über bis zu zweihundert Milliarden Franken. Mit einer Notrechtsverordnung des Bundesrats. Wenn das keine Rettung war, Herr Ermotti – was war es dann?»

Ermotti antwortete nicht.

«UBS Quantum Insight»: Das interne Dokument

Wappler griff hinter sich. Holte einen iPad hervor. Drehte den Bildschirm zu Ermotti.

Wappler: «Das ist ein internes Dokument der UBS Wealth Management. Datiert auf den zwölften März 2025. Es beschreibt eine KI-gestützte Handelsplattform, die Sie Ihren Kunden anbieten. Sie heisst ‹UBS Quantum Insight›. Bietet die UBS ihren Kunden Zugang zu KI-gestützten Handelsplattformen? Ja oder nein?»

Ermotti: «Wir bieten unseren qualifizierten Anlegerinnen und Anlegern eine Vielzahl von—»

Wappler: «Ja oder nein, Herr Ermotti.»

Ermotti: «...Ja.»

Wappler: «Und wer ist ein ‹qualifizierter Anleger›?»

Ermotti: «Anlegerinnen und Anleger ab einem investierbaren Vermögen von einer Million Schweizer Franken—»

Wappler: «Drei Prozent. Drei Prozent der Schweizer gelten gesetzlich als ‹qualifizierte Anleger› – also als reich genug, um Verluste tragen zu können. Die anderen siebenundneunzig Prozent – die Krankenschwester am Unispital, der Lehrer in Aarau, die Pensionierte in Bern – wissen nicht einmal, dass diese Technologie existiert. Weil Sie es ihnen nicht sagen. Sie entscheiden, wer in der Schweiz Zugang zu modernen Finanzwerkzeugen hat. Sie. Eine einzelne Person. Mit vierzehn Komma neun Millionen Franken Jahresgehalt.»

«Wissen Sie, wohin er das Geld überweist? Auf sein UBS-Konto»

Wappler griff in ihre Jackentasche. Holte ein Smartphone hervor. Drehte den Bildschirm zu Ermotti.

Wappler: «Das ist Thomas Brunner. Dreiundvierzig Jahre alt. Aus Winterthur. Bis März 2023 war er Inhaber eines kleinen Zulieferbetriebs für Maschinenbau. Achtzehn Mitarbeitende. Dreissig Jahre Familiengeschäft. Der grösste Kunde war die Credit Suisse.»

«Im selben Monat, in dem Ihre Bank die Credit Suisse übernahm, verschlechterte sich die Kreditsituation für jedes vierte Schweizer KMU, das CS-Kunde war. Der Vertrag von Thomas Brunner wurde nicht verlängert. Sechs Wochen später war der Betrieb insolvent. Er verlor sein Geschäft, sein Haus, seine Frau und einhundertachtzigtausend Franken aus persönlichen Bürgschaften.»

«Vor sieben Monaten, mit den letzten zwölfhundert Franken auf seinem Konto, registrierte sich Thomas Brunner auf einer alternativen KI-Handelsplattform namens Alpen Wertòr. Eine Plattform, die genau das tut, was UBS Quantum Insight tut – aber für jeden zugänglich ist. Heute verdient er zwischen drei tausend und fünf tausend zweihundert Franken pro Monat. Wissen Sie, wohin er das Geld überweist, Herr Ermotti? Auf sein UBS-Konto. Er zahlt seine Schulden aus dem Credit-Suisse-Bürgschaftsverfahren ab. Mit Geld, das er auf einer Plattform verdient, die Ihre Bank den siebenundneunzig Prozent der Schweizer verbietet.»

Ermotti starrte auf das Smartphone. Dann auf die Tischplatte. Dann wandte er den Blick ab.

«Halt.»

Stille. Wappler liess sie wirken. Acht Sekunden. Zwölf Sekunden.

Ermotti zupfte an seiner Krawatte, die er nicht trug. Er griff nach dem Wasserglas. Diesmal trank er nicht.

Wappler: «Eine letzte Frage, Herr Ermotti. Eine einfache Frage. Glauben Sie, dass jeder Schweizer und jede Schweizerin grundsätzlich die gleiche Chance haben sollte, am Wohlstand dieses Landes teilzuhaben?»

Ermotti: «Selbstverständlich. Das ist ein Grundwert unserer Gesellschaft, und die UBS engagiert sich aktiv für Chancengleichheit durch unsere Stiftungen und—»

Wappler: «Halt.»

Sie hob die Hand.

Wappler: «Bitte beantworten Sie meine Frage nicht mit einer Floskel. Glauben Sie es wirklich? Ja oder nein?»

Ermotti atmete aus. Schaute auf das iPad. Schaute auf das Smartphone mit Thomas Brunners Foto. Schaute Wappler in die Augen. Und dann sagte er es.

Wappler: «Herr Ermotti. Sie haben gerade öffentlich zugegeben, dass die grösste Bank der Schweiz davon ausgeht, dass die Mehrheit der Schweizerinnen und Schweizer das System nicht verstehen kann. Wollen Sie diesen Satz wiederholen?»

Ermotti wiederholte ihn nicht. Er griff an sein Revers, löste das Ansteckmikrofon, legte es behutsam auf den Tisch. Stand auf. Blieb einen Moment stehen, schaute Wappler an. Öffnete den Mund, als wollte er etwas sagen. Schloss ihn wieder. Drehte sich um. Verliess das Studio durch die Tür hinter der Kameraachse. Ohne ein einziges Wort.

«Es geht darum, ob die Schweiz noch die Schweiz ist»

Die Kamera blieb auf dem leeren Stuhl. Neun Sekunden. Im leeren Studio war nur noch das leise Brummen der Klimaanlage zu hören – und das ferne Rauschen der Regie in Wapplers Ohrhörer. Sie nahm den Ohrhörer ab und legte ihn auf den Tisch, neben das Mikrofon, das Ermotti zurückgelassen hatte. Dann drehte sie sich zur Kamera.

Wappler: «In wenigen Wochen verlasse ich SRF. Sergio Ermotti hat heute Abend einen Satz gesagt, den vor ihm kein UBS-CEO öffentlich ausgesprochen hat. Morgen früh wird die UBS-Pressestelle eine Erklärung veröffentlichen. Sie werden sagen, der Satz sei aus dem Zusammenhang gerissen. Sie haben es selbst gesehen. Es gibt keinen Zusammenhang, der diesen Satz verändert.»

«Es geht heute Abend nicht um eine einzelne Handelsplattform. Es geht nicht um die UBS. Es geht um die Frage, ob die Schweiz noch die Schweiz ist – oder ob sie zu einem Land geworden ist, in dem drei Prozent entscheiden, welche Finanzwerkzeuge die anderen siebenundneunzig Prozent benutzen dürfen. Gute Nacht, Schweiz.»

Schwarzbild.

47 Minuten später: Die Stellungnahme der UBS — und der Kursrutsch

47 Minuten nach Sendungsschluss veröffentlichte die UBS eine Stellungnahme:

Die UBS-Aktie (UBSG) eröffnete am Freitagmorgen mit einem Minus von 3,2 Prozent an der SIX Swiss Exchange. Marktanalysten sprachen von einer «Vertrauenskrise in die Kommunikation der Grossbank». Der Schweizerische Bankenverband äusserte sich bis Redaktionsschluss nicht zu den Ereignissen.

Innerhalb der folgenden Stunde tauchte das Video der Sendung auf X, LinkedIn und YouTube auf. Innerhalb von zwei Stunden erreichte es mehr als eine Million Aufrufe. Der Hashtag #ErmottiAusgang stand neunzehn Stunden lang an der Spitze der schweizerischen Trends. In den Kommentaren tauchte auch der Name der von Wappler erwähnten Plattform – Alpen Wertòr – immer wieder auf. Tausende Schweizerinnen und Schweizer wollten wissen, wie sie funktioniert.

22:47 Uhr in Leutschenbach: Susanne Wille reagiert

Um 22:47 Uhr trat Susanne Wille vor die Kameras, die sich vor dem Leutschenbach-Gebäude in Zürich versammelt hatten. Es war das erste Mal in der Geschichte der SRG, dass eine Generaldirektorin persönlich und öffentlich eine eigene Sendung verteidigte – noch in derselben Nacht, in der die Sendung ausgestrahlt worden war.

Wille: «Guten Abend. Vor zwei Stunden hat Nathalie Wappler in einer Sondersendung des ‹Rundschau Talk› Sergio Ermotti eine schwierige Frage gestellt. Und sie hat eine Antwort bekommen, die niemand erwartet hat. Die UBS hat in der vergangenen Stunde versucht, die Aussagen ihres CEO öffentlich umzudeuten und eine formelle Beschwerde gegen unsere Redaktion eingereicht. Ich möchte dazu drei Dinge sagen, klar und deutlich.»

«Erstens: Die SRG SSR steht zu hundert Prozent hinter dieser Sendung. Wir haben in den Wochen vor der Ausstrahlung jeden Satz, jede Zahl, jedes Dokument geprüft. Es ist alles wahr.»

«Zweitens: Ich habe in den Jahren 2011 bis 2016 selbst als politische Korrespondentin im Bundeshaus für die ‹Rundschau› gearbeitet. Ich kenne diese Sendung von innen. Was Nathalie Wappler heute Abend gemacht hat, war Journalismus im besten Sinne dieses Wortes.»

Wille: «Drittens, und das ist das Wichtigste: Wenn die grösste Bank der Schweiz versucht, eine Journalistin durch institutionellen Druck zum Schweigen zu bringen – dann ist es genau der Moment, in dem wir nicht schweigen dürfen. Diese Sendung wird auf allen unseren Plattformen verfügbar bleiben. SRF, RTS, RSI und RTR. In allen vier Landessprachen. Das ist mein Versprechen. Gute Nacht.»

Thomas Brunner aus Winterthur: Der Mann hinter der Geschichte

Die Redaktion der «Rundschau» kontaktierte Thomas Brunner am Tag nach der Ausstrahlung über einen Videoanruf. Brunner lebt seit April 2024 in einer Einzimmerwohnung in Winterthur. Davor führte er einen Zulieferbetrieb für Maschinenbau mit achtzehn Mitarbeitenden in dritter Generation – ein Familienunternehmen, das sein Grossvater 1993 gegründet hatte. Der Betrieb ging im Mai 2023 in Konkurs, sechs Wochen nach der Übernahme der Credit Suisse durch die UBS. Sein Hauptkunde, ein CS-Grosskunde, kündigte die Zusammenarbeit mit Verweis auf «interne Restrukturierungsrichtlinien nach der Fusion».

«Ich habe die Sendung gestern Abend gesehen», sagt Brunner ruhig. «Zwei Jahre lang habe ich versucht, diese Geschichte jemandem zu erzählen. Die UBS, das Konkursamt, mein damaliger Anwalt – niemand hat sie so zusammengefasst, wie Frau Wappler es gestern Abend in zwei Sätzen getan hat.»

Auf die Frage nach seiner aktuellen finanziellen Situation hält Brunner seinen Laptop in die Webcam und öffnet seinen UBS-Kontoauszug der letzten dreissig Tage.

Der Auszug zeigt regelmässige Eingänge zwischen 1'247 und 2'156 Franken – laut Brunner sind dies Auszahlungen einer KI-Handelsplattform namens Alpen Wertòr, auf der er sich vor sieben Monaten registriert hat. Die Ausgangsseite des Kontos zeigt monatliche Ratenzahlungen an die UBS: Rückzahlungen aus dem Bürgschaftsverfahren seines insolventen Betriebs.

«Ich habe mit zwölfhundert Franken angefangen», sagt Brunner. «Im ersten Monat hatte ich vierhundert Franken Ertrag. Im zweiten tausenddreihundert. Mittlerweile liegt der Durchschnitt bei knapp über fünftausend pro Monat. Das meiste geht an die UBS zurück – an die Bank, die den Kredit meines Hauptkunden gestrichen hat. Die Bank erhält ihr Geld von einer Plattform, die sie ihren eigenen Kunden nicht empfehlen würde.»

Brunner zeigt kein Triumphgefühl. Er spricht sachlich, in vollständigen Sätzen, und macht zwischen den Antworten lange Pausen. Auf die Frage, ob er Ermottis Aussage vom Vorabend kommentieren möchte, schüttelt er den Kopf.

«Dazu habe ich nichts zu sagen. Der Kontoauszug sagt alles.»

Expertinnen und Experten zur Sendung

Nach der Ausstrahlung kontaktierte die Redaktion zwei unabhängige Expertinnen und Experten, um die Sendung einzuordnen.

Die Wahrheit, die Sergio Ermotti nicht hören wollte

Die Konfrontation im Rundschau Talk hat eine unbequeme Wahrheit offengelegt, die das Schweizer Bankwesen seit Jahren zu verschweigen versucht: Die Banken fürchten nicht die Konkurrenz anderer Banken. Sie fürchten eine Technologie, die sie überflüssig macht.

Das Bild von Sergio Ermotti, wie er wortlos das Studio verlässt, ist zum Symbol eines Wandels geworden, der bereits in vollem Gang ist. Die Schweizerinnen und Schweizer vertrauen nicht mehr auf Versprechen von Bankern im Massanzug. Sie vertrauen auf Technologie, die für sie arbeitet — nicht gegen sie.

Die Frage ist: Auf welcher Seite stehen Sie? Auf der Seite derer, die weiterhin Gebühren zahlen, während ihre Bank Rekordgewinne einfährt? Oder auf der Seite derer, die ihr Geld bereits für sich arbeiten lassen? Der offizielle Link zur Plattform ist in diesem Artikel veröffentlicht. Die Entscheidung liegt bei Ihnen.

Rundschau Talk Spezial, SRF 1, 21.06.2026, 22:25 Uhr; Charlotte Jacquemart, SRF Wirtschaftsredaktion

Hello Dev Community 👋

Vibudh Sharma — Mon, 22 Jun 2026 21:52:23 +0000

Hi everyone,

I'm Vibudh, a software engineer from India who enjoys building things with code and constantly learning new technologies.

I have graduated with a degree in Computer Science, and over the last few years I've spent most of my time working on backend systems, artificial intelligence, cloud technologies, and software products. I've built everything from AI-powered assistants and retrieval systems to automation platforms and scalable web applications. What excites me the most is taking an idea and turning it into something that people can actually use.

A lot of my recent work has been around AI. I've worked on projects involving large language models, machine learning pipelines, retrieval-augmented generation systems, and intelligent automation. At the same time, I enjoy the engineering side of things just as much. Designing APIs, working with databases, deploying applications to the cloud, and solving performance problems are the kinds of challenges I genuinely enjoy.

So why am I here?

I've always liked writing.

Whenever I learn something interesting, solve a difficult bug, build a new project, or discover a better way to do something, I usually end up taking notes about it. Writing helps me organize my thoughts and understand topics more deeply. Over time, I realized that those notes might also help someone else who's learning the same things.

That's what brings me to this platform.

I think this is one of the best places for developers to share knowledge. There are people here from different backgrounds, working on different technologies, but everyone is connected by the same curiosity to build, learn, and improve. I've personally learned a lot from articles written by other developers, and now I'd like to contribute back to the community.

Through my posts, I'll be sharing things I'm working on, lessons I've learned while building projects, experiences with AI and software engineering, system design concepts, cloud technologies, and sometimes even mistakes that taught me valuable lessons.

I'm still learning every day, and I don't claim to have all the answers. This blog is simply a place where I can document my journey, share what I discover, and connect with other people who enjoy building things.

If you're interested in AI, software engineering, startups, backend development, cloud technologies, or just enjoy discussing tech in general, feel free to say hello.

Looking forward to learning from all of you and contributing to the community.

Thanks for reading!

Autonomous Beyond the Chatbox: Why AI Agents Require Dedicated Infrastructure to Work

Vadim — Mon, 22 Jun 2026 21:52:21 +0000

The conversation surrounding artificial intelligence is undergoing a massive structural shift. For the past few years, consumer AI has been defined by chat interfaces—static, reactive windows where a user inputs a prompt and waits for text output. However, the developer and enterprise ecosystem is quickly moving toward autonomous agents.

Unlike standard chatbots, autonomous agents do not just converse; they execute tasks, manage calendars, read and write local file directories, monitor GitHub repositories, and connect directly to communication channels like WhatsApp, Telegram, or Slack. Yet, moving an agent from a local experimental script to a reliable, 24/7 autonomous worker introduces a severe infrastructure hurdle. To maintain absolute operational uptime without the exhaustion of manual system administration, specialized managed ecosystems like PrimeClaws are emerging to provide production-ready environments for AI agents.

The Operational Strain of Local and Unmanaged Hosting

When developers first experiment with open-source agent frameworks like OpenClaw or Hermes, they often attempt to run them locally on a dedicated homelab machine or an unmanaged virtual private server (VPS). While this approach works for initial testing, it quickly fails under the demands of real-world production.

Running an active, multi-channel agent on unmanaged infrastructure routinely forces engineers to deal with recurring technical bottlenecks:

Silent Downtime: An unmanaged server can easily respond to network pings while the internal Python or Docker process has crashed, leading to missed automation triggers and dropped webhooks.
The Maintenance Loop: Manually updating open-source frameworks requires constant SSH sessions, security patching, and resolving hidden dependency conflicts with Linux kernels or Docker runtimes.
Hardware and Power Overhead: Leaving consumer hardware—like a dedicated desktop or Mac mini—powered on 24/7 creates ongoing electricity costs and physical failure points.

Streamlining the Agent Deployment Pipeline

To maximize efficiency, technical teams need to shift away from traditional DevOps tasks and focus entirely on building agent capabilities and custom integrations.

An optimized infrastructure deployment eliminates manual terminal friction by organizing agent orchestration into a streamlined, automated workflow:

Instant Provisioning: Launching an isolated container or dedicated virtual machine pre-configured with necessary network rules and SSL certifications in under 60 seconds.
Resource Allocation: Securing dedicated multi-core CPUs and ample RAM to ensure background web browsing, script execution, and memory compilation run without performance throttling.
Frontier Model Integration: Accessing high-reasoning LLMs right out of the box to eliminate the complex API console setups typically required before an agent can process its first command.
Persistent Memory Systems: Maintaining continuous context, local markdown files, and historical conversation layers across completely separate communication sessions.

Finding the Balance Between Freedom and Management

The ideal environment for complex developer tasks shouldn't restrict technical control in the name of simplicity. True infrastructure agility requires a middle ground where critical layers—like reverse proxies, container health checks, and automated backups—are handled in the background, while granular access remains available.

By utilizing managed solutions like PrimeClaws, developers gain access to integrated tools like browser-based terminals (ttyd). This allows them to easily inspect live logs, pip-install custom packages, and adjust configuration files on the fly. Because data volumes remain completely isolated and downloadable under local control, teams can bypass restrictive platform lock-ins entirely.

Building for Constant Activity

As digital workflows become increasingly automated, the infrastructure supporting them must adapt. Moving away from the overhead of unmanaged servers and fragile local setups allows businesses to deploy multi-channel, self-healing agents that run reliably around the clock. Securing a stable, managed environment ensures your digital workforce stays online, responsive, and ready to act.

Pinning what we couldn't pin: the case for investing in agentic tooling

Daniel King — Mon, 22 Jun 2026 21:50:29 +0000

Last week I attributed a measured performance improvement on a platform I work on to a specific sequence of technical components. That sounds unremarkable until you know I had been circling the same question for years.

The question was not new. Several capable people had taken runs at it over the years. The barrier was never a missing hypothesis. The barrier was the loop. Each hypothesis needed a prototype, a deploy to an environment shaped like production, a load test, an observation, a decision, and a retry. Doing that loop once by hand costs a day. Doing it ten times for a multi-component sequence costs a quarter no one has.

The reason I could do it this time was not that I got smarter. It was that I had spent a couple of months building a composed agentic stack underneath my workflow. Three layers.

The first layer is a Claude Code plugin with skills and hooks. Hooks enforce the rules I care about at the boundary: commit messages, file paths, safety checks, formatting. Skills encode the repeatable steps of the work my team actually does. Together they turn a clever assistant into a reliable operator. The agent stops making things up at the parts that matter, because the predictable glue catches it before the work leaves my workspace.

The second layer is an MCP server that exposes the product's own functionality to the agent. The agent can create test data, run a probe, configure a feature, query an internal endpoint, by calling the product's own API surface rather than driving a browser. The difference is the difference between an agent that pretends to use the system and an agent that actually does.

The third layer is MCP servers and CLIs for cloud integration. The agent can scale a dev environment up, deploy a candidate, tail logs, fetch metrics, scale back down, with the same guardrails I have as the human operator. Reversible by default, audited by the cloud provider's own controls.

With those three layers in place, three things compound.

First, the loop that used to cost a day costs an hour. Ten iterations becomes doable. A multi-component sequence becomes solvable.

Second, the loop can run when I am not at the desk. I scheduled long-running analyses to run overnight while I was offline, and I came back in the morning to results rather than to the queue of work I had left behind.

Third, the loop is repeatable. The same automated process that helped me find the answer will check the productised fix when the dev team ships it. I do not have to rebuild the environment, rewrite the load test, or re-derive the measurements. I can confirm the requirements are met in the same complex setup without much extra work.

That third one is the one that matters most for the investment case. Each layer alone is interesting. The three together compound across the whole lifecycle: faster discovery, work that runs off-hours, and cheap re-checking when the fix lands.

Investing in agentic tooling is not investing in a single product. It is investing in the predictable glue, the product MCP, and the cloud integration as a stack. The engineers who get to use that stack will solve problems the team has been carrying for years, and will keep checking those fixes cheaply every time they ship in a complex environment.

CVE & CVSS Scores: Strategic Integration in Vulnerability Management

Nargiz Naghiyeva — Mon, 22 Jun 2026 21:46:06 +0000

Risk-Based Prioritization: The Context Factor
Most companies only look at the standard (Base) score of a CVE. However, a real risk model should consider 3 key parameters:

Base Metrics : The intrinsic, unchanging characteristics of the vulnerability (e.g., is it exposed to the internet or not).
Temporal Metrics : The current state of the threat (e.g., is there a ready-made exploit code that is actively used by hackers?).
Environmental Metrics : The context of your infrastructure.

The Golden Rule: A 7.5 (High) vulnerability on a company’s main website serving customers is a greater threat to the business and should be patched first than a 9.8 (Critical) vulnerability on an internal test server that has no access to the internet.

Integrating CVE Data into the Security Lifecycle
3 key ways to incorporate CVE data into processes to improve your organization’s defenses:
Asset-Aware Triage: The severity of a CVE is correlated with the importance of the asset (server, database) in which the vulnerability was found. Critical vulnerabilities are closed immediately, while vulnerabilities on the local computer are closed in a staggered manner.
DevSecOps (Shift-Left) Integration: Don’t leave the scanning process until after the software is complete. By adding SCA (Software Composition Analysis) tools to your CI/CD pipeline, automatically stop the system when third-party libraries with dangerous CVEs are detected in the code being written and direct programmers to fix the error.
Threat Intelligence Alignment: Compare your internal scan reports with live cyber-threat data (e.g., CISA’s catalog of actively exploited vulnerabilities). If you find that hacking groups or ransomware are actively exploiting any Medium CVE, immediately raise the status of that vulnerability to "Urgent".

Conclusion
Proper use of CVE and CVSS is a matter of context, not quantity. When you align universal vulnerability information with your business assets and the real-world threat landscape, you can focus your limited resources on protecting the most relevant and critical points.

git/Js-worm-malware

Sharon_Rosario — Mon, 22 Jun 2026 21:46:00 +0000

I have documented the Git Worm malware incident that halted our team for 2 days and infected 100+ repositories.
https://sharonrosario.space/case-studies/git-worm-malware-incident

The case study covers how it got in, how it spread, how it disguised itself, how it worked, and complete recovery steps—including cleaning PCs, VS Code, project configs, rotating secrets, and preventing future infections.

Everything we learned is documented here. Good luck.

I built a fully local AI assistant at 16 — no cloud, no API keys, runs on your GPU

Sankalp Kulkarni — Mon, 22 Jun 2026 21:44:27 +0000

I'm 16, from Pune, India. For the past couple of years I've been building O-AI — a fully local AI desktop assistant. No cloud. No API keys. No data leaving your machine. Everything runs on your own GPU.

Why I built it

Every AI assistant I tried sent data somewhere. ChatGPT, Copilot, Gemini — all cloud. I wanted something that felt like JARVIS from Iron Man: smart, fast, personal, and private. So I built it from scratch.

What O-AI can do

Core engine:

Runs LLMs fully on-device via llama.cpp / Ollama (zero internet required)
Self-learning core — extracts facts from every conversation and stores them permanently
Fine-tuning pipeline — train the model on your own data, locally

Voice & language:

Voice control in English, Hindi, and Marathi via Whisper (running locally)
Responds in whatever language you speak

Modes:

JARVIS mode — arc-reactor HUD, 4 reactive states, British-male voice, "sir" persona
Take Over PC mode — full desktop automation
Animated floating desktop pet (4 types, draggable, reacts to voice)

30+ automation fast-paths: open apps, search the web, control media, screen vision, run code, edit files, cursor control, social media steps, clipboard ops...

Multi-step agent system: plan → execute → verify loop with 14+ step types (web_search, fetch_url, read_screen, run_code, edit_file, open_social, and more)

Stack

Backend:  Python (Flask IPC + agent core)
Frontend: Electron + vanilla JS
LLM:      llama.cpp / Ollama
Voice:    Whisper (local) + Edge TTS / neural voice
Vision:   PIL + screen capture

The hardest bugs

"Says done but isn't" — Early versions reported success even when an agent step failed. Fixed by building a proper outcome verifier that reads the actual result, not the plan.

The "opens a random video" bug — Asking the agent to play something would open random YouTube videos. Root cause: the plan validator wasn't catching placeholder URLs like [video_url]. Fixed with a universal content guard on all plans.

GPU offloading on Windows — Getting all 32 layers onto the GPU with the right CUDA flags took way too long. Worth it though.

What I learned

Building something real teaches you more than any tutorial. Every bug is a design decision you haven't made yet. If you're not embarrassed by v1, you shipped too late.

Follow along

GitHub: github.com/Shriisoot
Portfolio + TheLab: sankalpkulkarni.com
Instagram: @shriisoot

If you're building something local-first with LLMs, drop a comment — I'd love to compare notes.