Why the HELL do people push their ~/ config files to public git repositories 🤦♂️
I was looking for a specific file and I got access to the #Trello board of this guy. This is just one example... there are SO MANY and for all tastes (GitHub, Spotify, cookies ...) #security
(if you are wondering, I mailed the guy and got a 'thanks')
Deliveroo, UberEats and Glovo users data exposed via an e-commerce app: https://scarpino.dev/posts/i-went-out-for-dinner-and-i-took-some-endpoint.html
Details of 6k Italian loans were exposed to all
https://scarpino.dev/posts/sharing-your-loan-details-to-anyone.html
This is unfortunate, but it was to be expected: https://vimeo.com/453948863 #covid #security #privacy
BusKill: A Kill Cord for your Laptop
https://tech.michaelaltfield.net/2020/01/02/buskill-laptop-kill-cord-dead-man-switch/
Urgent #security issue in NGINX/php-fpm #Nextcloud
https://nextcloud.com/blog/urgent-security-issue-in-nginx-php-fpm/
Apache Solr injection #security
Zoom Zero Day: 4+ Million Webcams & maybe an RCE? #security
Site Reliability Engineer (aka #DevOps). #Privacy and #FLOSS evangelist. White hat. #ArchLinux developer fellow.