Medium·5yDon’t Use Electron Until You’ve Read This Article
Electron is a framework that allows developers to create native desktop applications for Windows, Mac, and Linux from a single codebase. The biggest problem with Electron applications is security. It is too easy to create a highly insecure Electron application. Electron team has worked to address this problem, changing setting defaults to more secure options in recent releases.
freeCodeCamp·5yHow to Secure Your React.js Application
React.js is a scalable open-source JavaScript library and is one of the most commonly used front-end frameworks out there today. It's dynamic and is easy to get started with if you want to create interactive web applications with reusable components. But there are some thing you need to be aware of when using it for your projects.
TechCrunch·5yHacker leaks Twitch source code and creator payout data – TechCrunch
Leaker claims to have taken Twitch source code, creator payouts and other data. Twitch confirmed the breach in a tweet on Wednesday. The data contains payouts for each Twitch user, some of which reach into the six-figures. The leak could also represent a security risk, since it now allows practically anyone to search for security vulnerabilities.
The Hacker News·5yGitHub Revoked Insecure SSH Keys Generated by a Popular git Client
GitHub revokes weak SSH authentication keys that were generated via the GitKraken client. A vulnerability in a third-party library increased the likelihood of duplicated SSH keys. The issue has since been addressed in keypair version 1.0.4 and Gitkraken version 8.0-1.1.
Krebs on Security·5yWhat Happened to Facebook, Instagram, & WhatsApp? – Krebs on Security
Facebook and its sister properties Instagram and WhatsApp are suffering from ongoing, global outages. We don’t yet know why this happened, but the how is clear: something inside Facebook caused the company to revoke key digital records that tell computers and other Internet-enabled devices how to find these destinations.
SD Times·5yJetBrains launches code quality platform Qodana
Qodana is a universal code quality platform for continuous integration. Allows developers to do smart checks and edits from within in their JetBrains IDE. Based on the company’s Java IDE, IntelliJ IDEA, and allows developers to perform static analysis of Java codebases.
Honeypot·5yThe Real OWASP Top 10 2021
The OWASP top 10 describes the top 10 vulnerabilities as they were found in production environments for a particular year. While this is a good approach, it fails to take the impact of an issue into account. Broken Access Control (Including IDORs) can exist on any resource that the attacker should not be authorised to see.
DEV·5yPenetration and Security in JavaScript
This post will open up a world for you as this one was for me. I created the function below so that it had everything you need to learn attack and related defenses from the techniques. The function is Connector , which receives an options configuration object. This must contain a property named address which must be the same as one of those listed in validAddresses , otherwise an exception is thrown.
