8 min read
0
1Password CLI Adds Risk
In October of 2023, I reported a vulnerability to 1Password regarding their op (a.k.a. 1password-cli) program. In my report I detailed that their approach to…
Category: Security
3 min read
0
Introducing the Poison-Pillminder
Do you manage a GitHub org with a bunch of repositories? Do you have a hard time scrambling when the latest NPM supply-chain attack hits,…
4 min read
0
Secrets in Lambda Env Vars
Hello, friends! I’m here on this fine Thursday with some low-key advice on a very serious problem: you—or someone you know—has been putting secrets into…