libraries – Page 12 – Experimental News Clipping Site

Schneier on Security: Delivering Malware Through Abandoned Amazon S3 Buckets

Feb 12, 2025

—

by

Source URL: https://www.schneier.com/blog/archives/2025/02/delivering-malware-through-abandoned-amazon-s3-buckets.html Source: Schneier on Security Title: Delivering Malware Through Abandoned Amazon S3 Buckets Feedly Summary: Here’s a supply-chain attack just waiting to happen. A group of researchers searched for, and then registered, abandoned Amazon S3 buckets for about $400. These buckets contained software libraries that are still used. Presumably the projects don’t realize…

Hacker News: Down the rabbit hole: Implementing SSH port forwarding over AWS Session Manager

Feb 12, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.joinformal.com/blog/down-the-rabbit-hole-implementing-ssh-port-forwarding-over-aws-session-manager/ Source: Hacker News Title: Down the rabbit hole: Implementing SSH port forwarding over AWS Session Manager Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text describes the experiences of a new employee at Formal who worked on integrating their system with AWS SSH and Session Manager protocols. It highlights the…

Hacker News: Disabling cert checks: we have not learned much

Feb 11, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://daniel.haxx.se/blog/2025/02/11/disabling-cert-checks-we-have-not-learned-much/ Source: Hacker News Title: Disabling cert checks: we have not learned much Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text discusses the critical significance of certificate verification in SSL/TLS communication, particularly highlighting the history and evolution of the curl and libcurl libraries in handling SSL verification. It emphasizes the…

Anchore: DORA + SBOM Primer: Achieving Software Supply Chain Security in Regulated Industries

Feb 11, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://anchore.com/blog/dora-overview/ Source: Anchore Title: DORA + SBOM Primer: Achieving Software Supply Chain Security in Regulated Industries Feedly Summary: At Anchore, we frequently discuss the steady drum beat of regulatory bodies mandating SBOMs (Software Bills of Materials) as the central element of modern software supply chain security. The Digital Operational Resilience Act (DORA) is…

Bulletins: Vulnerability Summary for the Week of February 3, 2025

Feb 10, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.cisa.gov/news-events/bulletins/sb25-041 Source: Bulletins Title: Vulnerability Summary for the Week of February 3, 2025 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info .TUBE gTLD–.TUBE Video Curator Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in .TUBE gTLD .TUBE Video Curator allows Reflected XSS. This issue affects…

Hacker News: Library Sandboxing for Verona

Feb 10, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://github.com/microsoft/verona-sandbox Source: Hacker News Title: Library Sandboxing for Verona Feedly Summary: Comments AI Summary and Description: Yes Summary: The text describes a process-based sandboxing mechanism designed for the Verona programming language, emphasizing security features that aim to maintain safe execution of untrusted libraries. This innovative approach to sandboxing can significantly enhance security in…

Slashdot: ‘Torrenting From a Corporate Laptop Doesn’t Feel Right’: Meta Emails Unsealed

Feb 7, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://tech.slashdot.org/story/25/02/07/1224244/torrenting-from-a-corporate-laptop-doesnt-feel-right-meta-emails-unsealed?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: ‘Torrenting From a Corporate Laptop Doesn’t Feel Right’: Meta Emails Unsealed Feedly Summary: AI Summary and Description: Yes Summary: This report highlights serious allegations against Meta for copyright infringement relating to unauthorized training of AI models on pirated literary works. Newly released emails bring to light extensive data piracy,…

Hacker News: Meta torrented & seeded 81.7 TB dataset containing copyrighted data

Feb 7, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://arstechnica.com/tech-policy/2025/02/meta-torrented-over-81-7tb-of-pirated-books-to-train-ai-authors-say/ Source: Hacker News Title: Meta torrented & seeded 81.7 TB dataset containing copyrighted data Feedly Summary: Comments AI Summary and Description: Yes Summary: The text presents serious allegations against Meta regarding copyright violations involving the unauthorized use of pirated books for training AI models. Newly revealed emails indicate substantial illegal downloading and…

Simon Willison’s Weblog: Using pip to install a Large Language Model that’s under 100MB

Feb 7, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Feb/7/pip-install-llm-smollm2/ Source: Simon Willison’s Weblog Title: Using pip to install a Large Language Model that’s under 100MB Feedly Summary: I just released llm-smollm2, a new plugin for LLM that bundles a quantized copy of the SmolLM2-135M-Instruct LLM inside of the Python package. This means you can now pip install a full LLM! If…

Hacker News: Microsoft Go 1.24 FIPS changes

Feb 6, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://devblogs.microsoft.com/go/go-1-24-fips-update/ Source: Hacker News Title: Microsoft Go 1.24 FIPS changes Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses the advancements in Go 1.24’s cryptography packages towards achieving FIPS 140-3 compliance, emphasizing significant changes that enhance security for developers using Go. Key improvements include native support for FIPS-compliant libraries, streamlined…

Tag: libraries