"Tech & Non-Tech Stacks to Run Listen Notes (2025)"

https://www.listennotes.com/blog/tech-non-tech-stacks-to-run-listen-notes-2025-113/

#techstack #startups

"One-Click RCE in ASUS’s Preinstalled Driver Software"

https://mrbruh.com/asusdriverhub/

#security #cybersecurity #asus

"How to Harden GitHub Actions: The Unofficial Guide"

https://www.wiz.io/blog/github-actions-security-guide

#security #supplychain #github #githubactions

"The Beauty Of Having A Pi-hole"

https://den.dev/blog/pihole/

#ads #privacy #dns #tracking #web #iot

"Insecure credential storage plagues MCP"

https://blog.trailofbits.com/2025/04/30/insecure-credential-storage-plagues-mcp/

#security #ai #mcp #cybersecurity

"I use Zip Bombs to Protect my Server"

https://idiallo.com/blog/zipbomb-protection

#security #spam #bots

"Cross-Site WebSocket Hijacking Exploitation in 2025"

https://blog.includesecurity.com/2025/04/cross-site-websocket-hijacking-exploitation-in-2025/

I remember, a few years ago, finding this kind of issue in a project, that I ended up working on.

#security #websec #web #webdev

"Principles for coding securely with LLMs"

https://www.seangoedecke.com/ai-security/

#security #cybersecurity #ai #llm

"SSL.com: DCV bypass and issue fake certificates for any MX hostname"

https://bugzilla.mozilla.org/show_bug.cgi?id=1961406

ooouuchhh

#security #ssl #tls #ca #cybersecurity #infosec

"European Union Vulnerability Database (EUVD)"

https://euvd.enisa.europa.eu/

🤔

#security #cybersecurity

"How to win an argument with a toddler"

https://seths.blog/2025/04/how-to-win-an-argument-with-a-toddler/

"Model Context Protocol has prompt injection security problems"

https://simonwillison.net/2025/Apr/9/mcp-prompt-injection/#atom-everything

#mcp #security #cybersecurity #llm #ai

"Less htmx is More"

https://unplannedobsolescence.com/blog/less-htmx-is-more/

#html #htmx #webdev #http

"Django: what’s new in 5.2"

https://adamj.eu/tech/2025/04/07/django-whats-new-5.2/

#python #django

"Gmail E2E is as terrible as expected"

https://michal.sapka.pl/2025/gmail-e2e-is-as-terrible-as-expected/

#security #gmail #cybersecurity #email

"CodeQLEAKED – Public Secrets Exposure Leads to Supply Chain Attack on GitHub CodeQL"

https://www.praetorian.com/blog/codeqleaked-public-secrets-exposure-leads-to-supply-chain-attack-on-github-codeql/

#github #githubactions #supplychain #security #cicd

"Django security releases issued: 5.1.8 and 5.0.14"

https://www.djangoproject.com/weblog/2025/apr/02/security-releases/

"CVE-2025-27556: Potential denial-of-service vulnerability in LoginView, LogoutView, and set_language() on Windows"

#security #django #python

"The EU Open Source Solutions Catalogue is now live"

https://interoperable-europe.ec.europa.eu/interoperable-europe/news/eu-open-source-solutions-catalogue-now-live

"The EU OSS Catalogue currently hosts over 640 solutions, encompassing both complete solutions and individual building blocks to be used while building your own solution."

"Designed primarily for public administrations across the EU, the catalogue provides access to reusable solutions across more than 30 key areas relevant to public sector needs."

👏

#eu #opensource #publiccode

"It's five grand a day to miss our S3 exit"

https://world.hey.com/dhh/it-s-five-grand-a-day-to-miss-our-s3-exit-b8293563

#aws #s3 #basecamp

"How to report a security issue in an open source project"

https://jacobian.org/2025/mar/27/reporting-security-issues-in-oss/

#security #cybersecurity #opensource