HackDig : Dig high-quality web security articles

Poison packages – “Supply Chain Risks” user hits Python community with 4000 fake modules

byPaul DucklinIf you’ve ever used the Python programming language, or installed software written in Python, you’ve probably used PyPI, even if you didn’t realise it at the time.PyPI is short for the Python Package Index, and it currently contains just under 300,000 open source add-on modules (290,614 of them when we checked [2021-03-07T00:1
Publish At:2021-03-07 20:55 | Read:740 | Comments:0 | Tags:Malware coding package manager PyPI python supply chain

Everything You Need to Know About CI/CD and Security

There are a lot of things that you probably are unfamiliar with when it comes to CI/CD and the operating protocols that go along with it. One of the first things that you are going to need to know is that CI/CD stands for Continuous Integration and Continuous Delivery. It can also stand for Continuous Integration and Continuous Deployment, depending on the s
Publish At:2021-01-05 01:50 | Read:1044 | Comments:0 | Tags:DevOps CI/CD CI/CD pipeline coding deployment development ri

Schubser and his cookie dealing friend

I actually forgot to post this in February, so I’m a little late but the topic is as current as it was back then. One week in February my colleague, Jan Girlich and me took some time to review our tools and make three of them available on github. Jan wrote a Proof of Concept (PoC) Android app that allows exploiting Java object deserialization vulnerabi
Publish At:2019-09-19 18:20 | Read:2038 | Comments:0 | Tags:Coding Android deserialisation Firesheep Java MITM mod0cooki

Experts spotted a Skype backdoor for Mac, it could be a coding bug

Experts from Trustwave discovered an authentication bypass vulnerability affecting the Mac version of Skype, experts classified it as a Skype backdoor. Security experts from Trustwave have discovered a backdoor in the Mac version of Skype. The flaw, aAn authentication bypass vulnerability, affects the Desktop API that could be used by third-party apps to imp
Publish At:2016-12-14 14:15 | Read:6376 | Comments:0 | Tags:Breaking News Hacking backdoor coding Mac Skype

Hackers Can’t Break This Style of Coding, Confirm Researchers

On April 7, 2014, the world first learned about the Heartbleed vulnerability. A small flaw in OpenSSL’s implementation of the TLS/DTLS (transport layer security protocols) heartbeat extension (RFC6520), Heartbleed enables an attacker to unravel the encryption measures in systems protected by vulnerable OpenSSL software, which some at the time estimated
Publish At:2016-09-26 14:50 | Read:4945 | Comments:0 | Tags:Cyber Security Featured Articles coding formal verification

Python difflib SequenceMatcher quick_ratio performance contribution

Hi everyone Once in a while I’m trying to contribute something non-security related to an Open Source project. At the moment I’m teaching Python courses and found some of my old scripts that are pretty useful. I’m trying to contribute a performance optimized difflib.SequenceMatcher.quick_ratio to CPython. It’s not decided yet if it
Publish At:2015-06-09 16:20 | Read:11819 | Comments:0 | Tags:Coding difflib optimisation performance python quick_ratio S


Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud