"New Windows 11 build makes mandatory Microsoft Account sign-in even more mandatory"
Yesterday was already too late to ditch Windows. It is your computer, your hardware, you shouldn't need a cloud account to make use of it.
#windows #microsoft
"REST in Peace? Django's Framework Problem"
https://danlamanna.com/posts/rest-in-peace-djangos-framework-problem/
#django #djangorestframework
"Share Python Scripts Like a Pro: uv and PEP 723 for Easy Deployment"
https://thisdavej.com/share-python-scripts-like-a-pro-uv-and-pep-723-for-easy-deployment/
#python #uv
"Whose code am I running in GitHub Actions?"
https://alexwlchan.net/2025/github-actions-audit/
#security #supplychain #cicd #githubactions
"IngressNightmare: 9.8 Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX"
https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities
#security #cybersecurity #kubernetes #nginx
"Next.js Middleware Exploit: Deep Dive into CVE-2025-29927 Authorization Bypass"
https://zeropath.com/blog/nextjs-middleware-cve-2025-29927-auth-bypass
#security #cybersecurity #nextjs #webdev
"Orphaned DNS Records & Dangling IPs Still a problem in 2025"
https://guardyourdomain.com/blog/dns-danger-zone/
#security #cybersecuriy
I guess updating your mobile browser would suffice (at least according to the article)
"CVE-2024-9956 - PassKey Account Takeover in All Mobile Browsers"
https://mastersplinter.work/research/passkey/
#security #authentication #passkeys
"Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure"
https://thehackernews.com/2025/03/apache-tomcat-vulnerability-comes-under.html
#java #tomcat #security #cybersecurity #netsec
"Password reuse is rampant: nearly half of observed user logins are compromised"
https://blog.cloudflare.com/password-reuse-rampant-half-user-logins-compromised/
#security #cybersecurity #passwords #authentication
GitHub action "tj-actions/changed-files" is compromised
#security #cybersecurity #githubactions #github #cicd
"Everything you say to your Echo will be sent to Amazon starting on March 28"
Ouch. The best place for these listening devices is in the garbage.
#amazon #alexa #echo #privacy
"Thousands of Records, Including PII, Exposed Online in Healthcare Marketplace Connecting Facilities and Nurses Data Leak"
https://www.websiteplanet.com/news/eshyft-report-breach/
#security #cybersecurity
"Django security releases issued: 5.1.7, 5.0.13 and 4.2.20"
https://www.djangoproject.com/weblog/2025/mar/06/security-releases/
#security #django #python
Status of old PyPI projects: archived
Since late January, the python package index (PyPI) supports archiving projects/packages. This is, in fact, a very welcome feature, since it clearly tells without any doubt when a package is no longer maintained and will not receive any further updates.
It makes it easier for the person looking for packages, to know which ones deserve a closer inspection and which ones are there abandoned, […]
https://blog.ovalerio.net/archives/3112
#pypi #Python
"The Risk You Can't Afford to Ignore: AWS SES and Email Spoofing"
https://badshah.io/aws-ses-and-email-spoofing/
#aws #ses #email #security
"form-action Content-Security-Policy Bypass And Other Tactics For Dealing With The CSP"
#security #cybersecurity #browsers #web #csp
"how to gain code execution on millions of people and hundreds of popular apps and of course, firebase was (partially) the cause"
https://kibty.town/blog/todesktop/
#security #cybersecurity #electron #firebase