"Allow arbitrary URLs, expect arbitrary code execution"
"we learned that someone had gained unauthorized access to our Bash Uploader script and modified it without our permission."
"Remote exploitation of a man-in-the-disk vulnerability in WhatsApp"
https://census-labs.com/news/2021/04/14/whatsapp-mitd-remote-exploitation-CVE-2021-24027/
"uBlock Origin works best on Firefox"
https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox
"Tools Are Bought, Transformations Are Sold"
https://www.onstartups.com/startups-tools-are-bought-transformations-are-sold
How to create small Docker images for Rust 🦀 🐋
"I Built a TV That Plays All of Your Private YouTube Videos"
Python 3.9.3 and 3.8.9 are now available
(Security update)
https://pythoninsider.blogspot.com/2021/04/python-393-and-389-are-now-available.html
"533 million Facebook users' phone numbers and personal data have been leaked online"
rm -rf facebook/ 😒
https://www.businessinsider.com/stolen-data-of-533-million-facebook-users-leaked-online-2021-4
"H2C Smuggling in the Wild"
"Hidden OAuth attack vectors"
https://portswigger.net/research/hidden-oauth-attack-vectors
> Whistleblower: Ubiquiti Breach “Catastrophic”
https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/
"netmask” npm package, used by 270,000+ projects, vulnerable to octal input data"
"Determining Key Shape from Sound"
https://www.schneier.com/blog/archives/2021/03/determining-key-shape-from-sound.html
City Of London Police Parrot Academic Publishers' Line That People Visiting Sci-Hub Should Be Afraid, Very Afraid - https://www.techdirt.com/articles/20210323/09223246476/city-london-police-parrot-academic-publishers-line-that-people-visiting-sci-hub-should-be-afraid-very-afraid.shtml can't have innocent young minds accessing knowledge paid for by the public...
"Middleware, middleware everywhere - and lots of misconfigurations to fix"
"This document formally deprecates Transport Layer Security (TLS) versions 1.0 (RFC 2246) and 1.1 (RFC 4346). Accordingly, those documents have been moved to Historic status."
"Don't End The Week With Nothing"
https://training.kalzumeus.com/newsletters/archive/do-not-end-the-week-with-nothing
After almost 2 weeks of down time, my instance is online again.
https://blog.ovalerio.net/archives/2177
🤷♂️
Full-stack developer, advocate of a free, secure and safe Internet. Nature lover and sports enthusiast.
[Header photo by Colin Watts, source Unsplash]