Jake Manger

@jakemanger
9 Followers
7 Following
639 Posts
A PhD student turned indie developer building mini startups like a madman.
& ✍️ on
📖 medium
What I'm buildinghttps://howtoconvert.co
My Homepagehttps://merlinsbeard.ai
Mediumhttps://medium.com/@jakemanger
Jake Manger18h ago

Went full time on my side project in January

Realised my boss (me) only lets me have 0 or 1 days off a week

But also: never been happier

Jake Manger1d ago
At a cafe getting reaaal close to launching the next app
Show threadJake Manger1d ago
You can learn more at https://howtoconvert.co
How to Convert

Convert almost any file locally - nothing gets uploaded to the cloud. Do 5384 document, video, image, audio & email conversions with one app for Mac, Windows & Linux.

How to Convert
Jake Manger1d ago

I'm building an app to convert almost any file locally

This week I added 1,399 new possible file conversions
(from 3,985 to 5,384 document, video, image, audio, comic and email conversions)

It now converts more file types than any other converter

Show threadJake Manger1d ago

1. Check for backdoors at ~/.config/sysmon/sysmon.py
2. Rotate every credential on that machine
3. Check for suspicious pods: kubectl get pods -A | grep node-setup-

Safe version: anything ≤ 1.82.6

Show threadJake Manger1d ago

Attackers compromised Trivy (a security scanner) first. When LiteLLM's CI ran Trivy, it leaked their PyPI token. With that token, they published the poisoned versions.

Worst part: version 1.82.8 used a .pth file. The malicious code ran every time Python started. Even when you just ran pip.

There's a few articles popping up about this. Quite a huge deal, as MANY agent toolkits (even one I'm making in a personal project) use LiteLLM behind the scenes.

If you installed either version:

Jake Manger1d ago

In hindsight: a bad choice of a hero message

If you haven't heard, two versions of LiteLLM got hacked yesterday (1.82.7 and 1.82.8)

Live on PyPI for 3 hours. Downloaded 3.4 million times per day.

Stole SSH keys, AWS credentials, Kubernetes secrets, API keys, Docker registry credentials, and crypto wallet seed phrases.

How it happened:

Jake Manger2d ago

I made an app to convert almost any file locally
(so you don't send your files to random servers)

And now it support COMIC book files! CBZ, CBR and CBT
(these are also free to convert on the website)

Jake Manger5d ago

This is my file converter app

Drag and drop to convert almost any file

Does everything locally, unlike converters you find on Google

It just crossed 2,400 users!

Jake MangerMar 18

It's funny: 99% of my revenue comes from my main app, How to Convert

But what gets me most excited?

The one sale a month I get from my little photomosaic making app, PicTiler

Literally just made a "weeeooooeee" sound out loud