Really enjoyed the article by @BrianVerm from @snyksec on “Preventing YAML parsing vulnerabilities with snakeyaml in Java”. I don’t think I have ever used anchors in YAML before. I published my little demo app here if you wanted to have a play - https://github.com/leeturner/snakeyaml-dos-vulnerability
After a recommendation from @liran_tal and after watching @k3r3n3 at #SnykCon I watched Hackers: the internet’s immune system. Well worth a watch if you haven’t already - https://www.youtube.com/watch?v=erCAp_Bd0AQ
#SnykCon was awesome this year. So many insights and amazing announcements. If you missed any of the talks (or DJ sets) the recordings are now available. Great to see some of my fellow Snyk Ambassadors on there as well. https://x.com/snyksec/status/1446264114582544387
RT @snyksec: We 💜 our Snyk Ambassadors! @SonyaMoisset & @magnologan are amazing. 🪄 #SnykCon
RT @liran_tal: 🔴 So proud to see @SonyaMoisset and @magnologan at SnykCon, representing @snyksec’s new Snyk Ambassador program 🚀
@THEWalee…
An error in a server config is all it takes for the whole of twitch to be posted on the internet
https://blog.twitch.tv/en/2021/10/06/updates-on-the-twitch-security-incident/
Amazing day 2 of #SnykCon with some amazing announcements - #SnykImpact - https://snyk.io/about/snyk-impact/ #SnykLearn - https://snyk.io/blog/snyk-learn-free-developer-security-education/ and #snykapps - https://snyk.io/blog/snyk-apps-beta-build-custom-apps-extend-snyk-security-into-workflows/
Lots to dig into and get involved with
RT @Twitch: We can confirm a breach has taken place. Our teams are working with urgency to understand the extent of this. We will update th…
Very cool. Free developer security training from @snyksec - https://learn.snyk.io/
RT @Sinoc229: http://Twitch.tv got leaked. Like, the entire website; Source code with comments for the website and various console/p…
Hi, I’m Lee 👋. Senior Software Engineer at WireMock, Snyk Ambassador, Hacker of code. Appsec enthusiast. Runs Brighton Kotlin & Brighton JUG