@boostercloud/framework-provider-azure-infrastructure (>=3.1.0 <=3.4.4), @cdktf/cli-core (>=0.20.8 <=0.21.0-pre.151) +3 more potentially affected by unknown CVE via jsii (>=5.4.12 <=5.4.31)

jsii NPM version =5.4.12, =3.1.0, =0.20.8, =5.12.7, =0.20.8, =1.26.0, =1.29.0 Source cves: unknown CVE Source advisory: OSV:GHSA-M56H-5XX3-2JC2...

Obfusticated Email Address Exfiltration

moq is vulnerable to Email Address Exfiltration. The vulnerability is due to including the SponsorLink.dll in version 4.20.0, which secretly exfiltrates the email address set in the user.email config parameter of git. This email address is hashed and sent to devlooped.com over TLS. The hidden...

Deal: Cloud And Networking Certification Training ~ Get 97% OFF

Cloud computing and networking are two of the most significant areas of growth in the IT business. Companies need engineers who can maintain distributed software and keep the company connected. If you want to work in either niche, the Essential Cloud & Networking Certification Training Bundle...

Rethinking how we learn security

A couple of years ago, I wrote an article on the relative lack of investor and startup interest in addressing a crucial CISO priority—the preparedness of employees on the security team. Considering what seems to be a steady stream of news about breaches, what can be done to encourage more people ...