IB Teguh TMTired of GitHub access tokens? Master #GitHubSSHKeySetup in minutes! This guide makes secure, token-free Git ops easy. #GitHub #DevSecurity #DevOps
https://teguhteja.id/github-ssh-key-setup-power-guide/?utm_source=mastodon&utm_medium=jetpack_social
Technology TalesWhiteCobra threat group targets developers with malicious VSCode extensions, stealing cryptocurrency from wallets. They've already stolen $500K+ and can generate fake credibility with 50K fake downloads in hours. Even experienced security professionals have fallen victim to these sophisticated attacks. #CyberSecurity #DevSecurity #VSCode #Malware #CryptoCurrency #DeveloperSecurity #WhiteCobra https://devops.com/whitecobra-targets-developers-with-dozens-of-malicious-extensions/
WhiteCobra Targets Developers with Dozens of Malicious Extensions - DevOps.com
Threat actors are turning developer tools into attack vectors.Koi Security reports that the group WhiteCobra has been uploading malicious VSCode, Cursor, and Windsurf extensions designed to drain cryptocurrency wallets. Victims include experienced developers — one with over a decade of “perfect OpSec” who still lost funds.The group’s leaked playbook reveals just how industrialized these campaigns have become: pre-written social media templates, automated fake downloads to inflate credibility, and revenue projections of $10K an hour — or up to $500K an hour targeting “whale” wallets.The attacks leverage hidden scripts, LummaStealer malware, and manipulation of marketplace trust signals. With ratings and download counts easily faked, even seasoned professionals are vulnerable.Full report 👉 [link]Hashtags:#DevOps #AppSec #CyberSecurity #VSCode #Cursor #CryptoSecurity #DevSecOps
nickbalancomDay 9/10: AI Code Isn’t Always Safe Code
• Review everything AI writes
• Set rules for what gets committed
• Rotate secrets often
AI is fast — but you’re still responsible.
Follow @nickbalancom for smarter, safer dev.
developer.overheid.nlWil je meedenken? Mail [email protected] en sluit aan bij de werkgroep! #OGC #APIStandards #GeoSpatial #DevSecurity
🌍🔐 #GeoDevs! Belangrijke update van de OGC meeting: Frank Terpstra (Geonovum) leidt nu de nieuwe OGC Common Security werkgroep!
Ze gaan best practices ontwikkelen mbt security voor geo-API's. Hun eerste missie: discovery-mechanismen zodat API's hun eigen beveiligingseisen kunnen communiceren. De wens is om de OpenAPI specification uit te breiden voor dit discovery-proces.
Verslag Open Geospatial Consortium (OGC) meeting | developer.overheid.nl
De 131ste Open Geospatial Consortium (OGC) - Technical Committee (TC) meeting vond plaats van 3 tot 6 maart 2025 in Rome, Italië. Het was een evenement voor professionals in de GIS industrie om samen te werken aan de toekomst van Geo- standaarden en technologieën. Namens Geonovum waren Frank Terpstra en Linda van den Brink aanwezig en hebben zij verslag gedaan van de belangrijkste inzichten.
TheDoctorGitVenom: Fake-GitHub-Repos verbreiten Malware! Kaspersky warnt vor manipulierten Open-Source-Projekten, die Daten & Krypto stehlen. Entwickler aufgepasst! 🚨 #Malware #GitHub #CyberThreat #DevSecurity
TheDoctorGitVenom: Fake-GitHub-Repos verbreiten Malware! Kaspersky warnt vor manipulierten Open-Source-Projekten, die Daten & Krypto stehlen. Entwickler aufgepasst! 🚨 #Malware #GitHub #CyberThreat #DevSecurity
Alessandro RossiWant to add an extra layer of security to your #Backstage instance? Look no further than #OpenShift Authentication! This powerful tool lets you control access and keep your data safe. Check out this informative blog post to learn more! #devsecurity https://sprou.tt/1mwq5JDJaRq