dethos - Network

"SSL.com: DCV bypass and issue fake certificates for any MX...

"SSL.com: DCV bypass and issue fake certificates for any MX hostname"

https://bugzilla.mozilla.org/show_bug.cgi?id=1961406

ooouuchhh

#security #ssl #tls #ca #cybersecurity #infosec

"Secure software starts with those who write it: 
so empower your builders."https://semgrep.dev/build/Guardrails over Gates...

"Secure software starts with those who write it: 
so empower your builders."

https://semgrep.dev/build/

Guardrails over Gates -> Yes

#security #cybersecurity #softwaredevelopment

"European Union Vulnerability Database (EUVD)"https://euvd.enisa.europa.eu/🤔 #security #cybersecurity

"European Union Vulnerability Database (EUVD)"

https://euvd.enisa.europa.eu/

🤔

#security #cybersecurity

"How to win an argument with a toddler"https://seths.blog/2025/04/how-to-win-an-argument-with-a-toddler/

"How to win an argument with a toddler"

https://seths.blog/2025/04/how-to-win-an-argument-with-a-toddler/

"Model Context Protocol has prompt injection security...

"Model Context Protocol has prompt injection security problems"

https://simonwillison.net/2025/Apr/9/mcp-prompt-injection/#atom-everything

#mcp #security #cybersecurity #llm #ai

"Less htmx is More"https://unplannedobsolescence.com/blog/less-htmx-is-more/#html #htmx #webdev #http

"Less htmx is More"

https://unplannedobsolescence.com/blog/less-htmx-is-more/

#html #htmx #webdev #http

"Django: what’s new in 5.2"https://adamj.eu/tech/2025/04/07/django-whats-new-5.2/#python #django

"Django: what’s new in 5.2"

https://adamj.eu/tech/2025/04/07/django-whats-new-5.2/

#python #django

"Gmail E2E is as terrible as expected"https://michal.sapka.pl/2025/gmail-e2e-is-as-terrible-as-expected/#security #gmail...

"Gmail E2E is as terrible as expected"

https://michal.sapka.pl/2025/gmail-e2e-is-as-terrible-as-expected/

#security #gmail #cybersecurity #email

"CodeQLEAKED – Public Secrets Exposure Leads to Supply Chain Attack on GitHub...

"CodeQLEAKED – Public Secrets Exposure Leads to Supply Chain Attack on GitHub CodeQL"

https://www.praetorian.com/blog/codeqleaked-public-secrets-exposure-leads-to-supply-chain-attack-on-github-codeql/

#github #githubactions #supplychain #security #cicd

"Django security releases issued: 5.1.8 and...

"Django security releases issued: 5.1.8 and 5.0.14"

https://www.djangoproject.com/weblog/2025/apr/02/security-releases/

"CVE-2025-27556: Potential denial-of-service vulnerability in LoginView, LogoutView, and set_language() on Windows"

#security #django #python

"The EU Open Source Solutions Catalogue is now...

"The EU Open Source Solutions Catalogue is now live"

https://interoperable-europe.ec.europa.eu/interoperable-europe/news/eu-open-source-solutions-catalogue-now-live

"The EU OSS Catalogue currently hosts over 640 solutions, encompassing both complete solutions and individual building blocks to be used while building your own solution."

"Designed primarily for public administrations across the EU, the catalogue provides access to reusable solutions across more than 30 key areas relevant to public sector needs."

👏

#eu #opensource #publiccode

"It's five grand a day to miss our S3 exit"https://world.hey.com/dhh/it-s-five-grand-a-day-to-miss-our-s3-exit-b8293563#aws...

"It's five grand a day to miss our S3 exit"

https://world.hey.com/dhh/it-s-five-grand-a-day-to-miss-our-s3-exit-b8293563

#aws #s3 #basecamp

"How to report a security issue in an open source...

"How to report a security issue in an open source project"

https://jacobian.org/2025/mar/27/reporting-security-issues-in-oss/

#security #cybersecurity #opensource

"New Windows 11 build makes mandatory Microsoft Account sign-in even more...

"New Windows 11 build makes mandatory Microsoft Account sign-in even more mandatory"

https://arstechnica.com/gadgets/2025/03/new-windows-11-build-makes-mandatory-microsoft-account-sign-in-even-more-mandatory/

Yesterday was already too late to ditch Windows. It is your computer, your hardware, you shouldn't need a cloud account to make use of it.

#windows #microsoft

"REST in Peace? Django's Framework Problem"https://danlamanna.com/posts/rest-in-peace-djangos-framework-problem/#django...

"REST in Peace? Django's Framework Problem"

https://danlamanna.com/posts/rest-in-peace-djangos-framework-problem/

#django #djangorestframework

"Share Python Scripts Like a Pro: uv and PEP 723 for Easy...

"Share Python Scripts Like a Pro: uv and PEP 723 for Easy Deployment"

https://thisdavej.com/share-python-scripts-like-a-pro-uv-and-pep-723-for-easy-deployment/

#python #uv

"Whose code am I running in GitHub Actions?"https://alexwlchan.net/2025/github-actions-audit/#security #supplychain #cicd...

"Whose code am I running in GitHub Actions?"

https://alexwlchan.net/2025/github-actions-audit/

#security #supplychain #cicd #githubactions

"IngressNightmare: 9.8 Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress...

"IngressNightmare: 9.8 Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX"

https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities

#security #cybersecurity #kubernetes #nginx

"Next.js Middleware Exploit: Deep Dive into CVE-2025-29927 Authorization...

"Next.js Middleware Exploit: Deep Dive into CVE-2025-29927 Authorization Bypass"

https://zeropath.com/blog/nextjs-middleware-cve-2025-29927-auth-bypass

#security #cybersecurity #nextjs #webdev

"Orphaned DNS Records & Dangling IPs Still a problem in 2025"https://guardyourdomain.com/blog/dns-danger-zone/#security...

"Orphaned DNS Records & Dangling IPs Still a problem in 2025"

https://guardyourdomain.com/blog/dns-danger-zone/

#security #cybersecuriy