"Spoofing OpenPGP and S/MIME Signatures in Emails"
"Attacking Cloud Containers Using SSRF"
The "hackerone" report is also worth reading.
"abusing web browsers for persistent and stealthy computation"
Sure ... "unintentionally"...
The one you should use for now is: "uBlock Origin"
"The danger of exposing docker.sock":
"Don’t trust the locals: investigating the prevalence of persistent client-side cross-site scripting in the wild"
Always sanitize the content fetched for local-storage before injecting it on any page.
Nice post about how to distribute your python app as a "snap".
"Malicious remote code execution backdoor discovered in the popular bootstrap-sass Ruby gem"
Project's dependencies are an important attack vector.
This must be a joke: Facebook asking users for their email password.
New LTS version of Django released. 👍 good stuff.
"Facebook Stored Hundreds of Millions of User Passwords in Plain Text for Years"
An example of the File Content Disclosure one:
"Four Wikipedias to ‘black out’ over EU Copyright Directive"
I think all of them should have participated in the protest
"Discovering a zero day and getting code execution on Mozilla's AWS Network"
The issue was on the webpagetest project but it was a nice read nevertheless.
130 EU businesses sign open letter against Copyright directive Art. 11 & 13 https://nextcloud.com/blog/130-eu-businesses-sign-open-letter-against-copyright-directive-art-11-13/ #nextcloud #pressrelease #blog #news