"Chat Control Must Be Stopped – Now!"
https://threema.ch/en/blog/posts/stop-chat-control
#eu #europeanunion #europeancomission #privacy
"Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor. Unauthenticated attackers on the local area network can force the device to enable Telnet service by accessing a specific URL and can log in by using the administrator credentials obtained from analyzing the firmware."
https://www.cve.org/CVERecord?id=CVE-2024-6045
#security #netsec #cybersecurity
"Joining Strings in Python: A "Huh" Moment"
https://berglyd.net/blog/2024/06/joining-strings-in-python/
#python
"How to Quit Google, According to a Privacy Expert"
https://lifehacker.com/tech/how-to-quit-google-according-to-a-privacy-expert
#privacy
"Optimal SQLite settings for Django"
https://gcollazo.com/optimal-sqlite-settings-for-django/
#django #sqlite
"A new security issue was discovered that affects the JetBrains GitHub plugin on the IntelliJ Platform, which could lead to disclosure of access tokens to third-party sites."
#security #infosec #github #intellij #jetbrains
"Things you wish you didn't need to know about S3"
https://blog.plerion.com/things-you-wish-you-didnt-need-to-know-about-s3/
#aws #s3
"No Way, PHP Strikes Again! (CVE-2024-4577)"
https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/
#security #netsec #php
"How Online Privacy Is Like Fishing. In the wake of a Microsoft spying controversy, it’s time for an ecosystem perspective"
https://spectrum.ieee.org/online-privacy
#privacy #internet #cloud #ai
"Hacking Millions of Modems (and Investigating Who Hacked My Modem)"
https://samcurry.net/hacking-millions-of-modems
#security #infosec #netsec #cybersecurity
"Credentials Leaking with Subdomain Takeover"
https://trufflesecurity.com/blog/credentials-leaking-with-subdomain-takeover
#security #infosec #netsec #cybersecurity
"GitHub recommends to pin an Action to a full length commit SHA as it is currently the only way to use an Action as an immutable release.
Still, only 2% of GitHub repositories fully embrace this security best practice!"
https://pin-gh-actions.kammel.dev/
#security #github #githubactions #supplychain
"Engineering for Slow Internet - How to minimize user frustration in Antarctica."
https://brr.fyi/posts/engineering-for-slow-internet
#dev #softwaredevelopment #webdev #optimization
"Your API Shouldn't Redirect HTTP to HTTPS"
https://jviide.iki.fi/http-redirects
#security #infosec #netsec #http #api
"Stop Recommending JWTs (with symmetric keys)"
https://trufflesecurity.com/blog/stop-recommending-jwts
#security #infosec #jwt
"Best Practises for A Performant Django Admin"
https://hodovi.cc/blog/best-practises-for-a-performant-django-admin/
#python #django
"The Monsters in Your Build Cache – GitHub Actions Cache Poisoning"
https://adnanthekhan.com/2024/05/06/the-monsters-in-your-build-cache-github-actions-cache-poisoning/
#security #infosec #cybersec #github #ci #cicd
"BIMI and DMARC Can’t Save You: The Overlooked DKIM Exploit"
https://www.zone.eu/blog/2024/05/17/bimi-and-dmarc-cant-save-you/
#email #dkim #security #cybersecurity #infosec
"Employee Personal GitHub Repos Expose Internal Azure and Red Hat Secrets"
https://www.aquasec.com/blog/github-repos-expose-azure-and-red-hat-secrets/
#security #infosec #cybersecurity #github