Double Shot #2381
- Ruby gem strong_password found to contain remote code execution code in a malicious version, further strengthening worries of growth in supply-chain attacks - Long headline but important news.
- SKS Keyserver Network Under Attack - Longstanding vulnerabilities may be catching up with OpenPGP.
- Meet the Noops - Silly little APIs designed just to play with.
- "Should I Dish Up My Rails Front End With Webpack, Webpacker, Bundler, or the Asset Pipeline?" - A look at the current state of Rails asset management.
- pihole-google - If you're really worried about Google's power, you can block it from your network entirely.
- lazydocker - "A simple terminal UI for both docker and docker-compose." Looks like a reasonable alternative to keeping multiple terminal windows running.
- How to get started with Threat Modeling, before you get hacked - A skill that not enough developers are familiar with.
- AWS Security Incident Response Guide - A solid framework for handling incidents in the cloud, at least if you use AWS.
- urlpages - The URL *is* the web page here.