Move over, npm: Now VS Code extensions can’t be trusted
It’s super easy to spoof Visual Studio Code extensions. And those spoofed extensions are incredibly hard to detect.
Read More about Move over, npm: Now VS Code extensions can’t be trustedRichi Jennings
Richi Jennings is a former developer and marketer. He’s also written or edited for Computerworld, Microsoft, Cisco, Micro Focus, HashiCorp, Ferris Research, Osterman Research, DevOps.com, Orthogonal Thinking, Native Trust, Elgan Media, Petri, Cyren, Agari, Webroot, HP, HPE, NetApp on Forbes and CIO.com. Bizarrely, his ridiculous work has even won awards from the American Society of Business Publication Editors, ABM/Jesse H. Neal, and B2B Magazine.
Posts from Richi Jennings
Move over, npm: Now VS Code extensions can’t be trusted
GitHub Copilot’s ML ‘Code Brushes’: Ready for a Bob Ross ‘happy little accident’?
Machine learning can be a cognitive crutch, causing code vulnerabilities. Use with extreme caution!
Read More about GitHub Copilot’s ML ‘Code Brushes’: Ready for a Bob Ross ‘happy little accident’?
If you don't love me now: JsonWebToken could break the software supply chain (again)
The JsonWebToken library has a flaw that could have lead to remote code execution (RCE).
Read More about If you don't love me now: JsonWebToken could break the software supply chain (again).webp&w=3840&q=75)
PyTorch supply chain attack: Dependency confusion burns DevOps
A classic dependency confusion attack revealed itself last week.
Read More about PyTorch supply chain attack: Dependency confusion burns DevOps
DraftKings fantasy? How YOU can prevent credential stuffing attacks
...
Read More about DraftKings fantasy? How YOU can prevent credential stuffing attacks
Ahoy! More insecure code washes ashore with AlphaCode
Alphabet’s DeepMind brings us AlphaCode — another AI code-generating parlor trick. And, just like its large language model cousins, it can spit out buggy code.
Read More about Ahoy! More insecure code washes ashore with AlphaCode
ChatGPT: Parlor trick or Stack Overflow replacement?
Conversational AI language model ChatGPT can write code. But is it any good?
Read More about ChatGPT: Parlor trick or Stack Overflow replacement?
Meta’s GDPR fine: Why your DevOps needs red teaming
Read More about Meta’s GDPR fine: Why your DevOps needs red teaming
Your support must scale: Don’t be like Meta, dev teams
A rash of small businesses on Facebook found their accounts locked after being hacked. And it’s impossible to contact Meta to get the problem fixed.
Read More about Your support must scale: Don’t be like Meta, dev teams