I’m doing some sustainability research atm, anyone know if there’s a way to measure the amount of energy (kWh) of a Mac using software alone?

RT @snyksec
💜 Today, we honor the life of Martin Luther King Jr., who cared deeply and followed his dream to help create a more just and equitable world.

Please consider joining us in reflecting and giving to the King Center this : bit.ly/3n3HmJl

This is so cool... My friends @stepzen_dev built a JSON -> SDL converter for automatically generating GraphQL schemas! This is honestly so useful... How did I not know about this sooner?! buff.ly/3K2ELc2

RT @mraible
Wow! 🤩

When I started my current gig @oktadev, I set a goal to be excellent like @venkat_s and @starbuxman. I'm gonna take this as achievement unlocked!

I ❤️ learning from you both!

Kudos to @Sharat_Chander and the @java advocates team too. Y'all are awesome! 👏 👏 👏 twitter.com/sharat_chander/sta

RT @ericsmalling
Finally broke into the 170s an hit 50lbs lost this morning!

We (@snyksec) are officially hiring a Developer Event Marketing Manager! If you love building quality events and love developers, I'd love to work with you! <333 buff.ly/3zTmMA0

What You Should Know About npm Packages 'colors' and 'faker' - YouTube buff.ly/3qiECth

RT @snyksec
📺 And... we're live!

Tune in now to learn about our joint research with @Claroty, which uncovered vulnerabilities intrinsic to how parsers deal with URLs.

Featuring: @bagder (creator of cURL), Noam Moshe, @h4ck3r_ky13, and @_clarkio.

🔗: twitch.tv/snyklive

RT @Claroty
"A study of 16 different URL parsing libraries has unearthed inconsistencies and confusions that could be exploited to bypass validations and open the door to a wide range of attack vectors." Via @TheHackersNews, citing research from & @snyksec: okt.to/CZcd1Q

RT @liran_tal
🚨⚠️ Important update on turn of events:

The maintained of said colors npm package released about an hour ago a new version 1.4.2 that now pushes the code that triggers the infinite loop to another file in the package: safe.js for those using this other API:

RT @liran_tal
🚨 BREAKING

⚠️ The colors@1.4.1 npm package has an offending infinite loop code and is deemed vulnerable to Denial of Service

This continues the fallout of the Faker.js package of open source maintainer Marak

The story and what you should do: snyk.io/blog/open-source-maint

Crazy times we live in. The Log4j vulnerabilities are so prevalent that even the FTC has stepped in to help regulate.

Good news: there are remediations available and they're generally not hard to implement! You can even do it automatically with services like @snyksec <3
---
RT @snyksec
🚨 Earlier this week, the US issued a warning regarding the vulnerability.

Although increased scrutiny from the FTC may seem daunting at first,…
twitter.com/snyksec/status/147

Hahahahha
---
RT @mdeggies
my parents kept all of our old schoolwork and report cards in giant files, then gave those files back to me and my siblings over the holiday. this one best describes my perf to this day- strong urge to ditch first and last period to smoke weed with friends. otherwise pretty solid
twitter.com/mdeggies/status/14

JNDI-Related Vulnerability Discovered in H2 Database Console | JFrog buff.ly/3qPOyJM <--- Uh-oh. Another RCE to be aware of if you're a Java developer. Be careful out there! Use something like @snyksec to stay on top of this stuff, people! <333

RT @snyksec
😲 Our joint research with @Claroty uncovered vulnerabilities intrinsic to how parsers deal with URLs!

Don't miss this upcoming session on Jan. 11 with @bagder, creator of cURL, Noam Moshe from the Claroty research team, @h4ck3r_ky13, and @_clarkio!

🔗: twitch.tv/snyklive

RT @NicoleBeckwith
Listening to heavy metal and playing with the @snyksec SCA product. Tomorrow I dig into SAST, Container and IaC products. If you haven’t taken a look at them you should! They also have a free version for all the devs out there to check the vulnerabilities in your repos.

Show older
Mastodon for Tech Folks

This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!