"Microsoft begins turning off uBlock Origin and other extensions in Edge"
https://www.neowin.net/news/microsoft-begins-turning-off-ublock-origin-and-other-extensions-in-edge/
👎… Use Firefox (or a reputable and actively maintained fork).
#pricavy #ads #web #ublockorigin
"It is no longer safe to move our governments and societies to US clouds"
https://berthub.eu/articles/posts/you-can-no-longer-base-your-government-and-society-on-us-clouds/
Guess what? It never was!
#security #cybersecuriy #digitalsoverenity
“A year of uv: pros, cons, and should you migrate”
https://www.bitecode.dev/p/a-year-of-uv-pros-cons-and-should
I've also been using uv lately, I agree it is a pleasure to use. I still have many projects and other setups that rely on “pyenv”, “pipx”, “poetry”, “pip-tools”, etc.
I was comfortable with my setup, and it served my purposes well, but I've to admit that uv is very appealing.
Nevertheless, it will take time to migrate them all (if I decide to go in that direction).
#python #uv #pip
"Attacks on Maven proxy repositories"
https://github.blog/security/vulnerability-research/attacks-on-maven-proxy-repositories/
#security #cybersecurity #supplychain #java #maven
"No, Privacy is Not Dead: Beware the All-or-Nothing Mindset"
https://www.privacyguides.org/articles/2025/02/17/privacy-is-not-dead/
#security #privacy
"Common OAuth Vulnerabilities"
https://blog.doyensec.com/2025/01/30/oauth-common-vulnerabilities.html
#security #cybersecurity #auth #oauth
"Nearly a Year Later, Mozilla is Still Promoting OneRep"
https://krebsonsecurity.com/2025/02/nearly-a-year-later-mozilla-is-still-promoting-onerep/
#mozilla #privacy #mozillamonitor
"Leaking the email of any YouTube user for $10,000"
https://brutecat.com/articles/leaking-youtube-emails
#security #cybersecurity #google
"Secure by Design: Google's Blueprint for a High-Assurance Web Framework"
#security #websec #appsec
"You Didn't Notice MP3 Is Now Free"
https://idiallo.com/blog/listen-mp3-is-free
#computerhistory #mp3 #audio #oldschool
"Go Supply Chain Attack: Malicious Package Exploits Go Module Proxy Caching for Persistence"
https://socket.dev/blog/malicious-package-exploits-go-module-proxy-caching-for-persistence
#security #cybersecurity #go #supplychain
"What Okta Bcrypt incident can teach us about designing better APIs"
https://n0rdy.foo/posts/20250121/okta-bcrypt-lessons-for-better-apis/
#security #bcrypt #apis #okta #cybersecurity
"The surprising way to save memory with BytesIO"
https://pythonspeed.com/articles/bytesio-reduce-memory-usage/
#python
"Faster pip installs: caching, bytecode compilation, and uv"
https://pythonspeed.com/articles/faster-pip-installs/
#python #pip #uv #ci
"The thing that's crazy is that if I followed the 2 "best practices" of verifying the phone number + getting them to send an email to you from a legit domain, I would have been compromised."
https://gist.github.com/zachlatta/f86317493654b550c689dc6509973aa4
Wow, this phishing attempt was elaborate indeed.
#security #google #socialengineering #phishing
New node.js security release
https://nodejs.org/en/blog/vulnerability/january-2025-security-releases
- Worker permission bypass via InternalWorker leak in diagnostics (CVE-2025-23083) - (high)
- Path traversal by drive name in Windows environment (CVE-2025-23084) - (medium)
- GOAWAY HTTP/2 frames cause memory leak outside heap (CVE-2025-23085) - (medium)
#security #nodejs
"Catching memory leaks with your test suite"
https://pythonspeed.com/articles/identifying-resource-leaks-with-pytest/
#programming #softwaredevelopment #python #pytest
"Millions of Accounts Vulnerable due to Google’s OAuth Flaw"
https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw
I wonder if any other OAuth providers have similar issues and how they solve it.
#security #cybersecurity #infosec #oauth #googe