WWW-CD.ORG Christophe DemayAdblock for YouTube - 10 millions d'installs et un piège dormant https://korben.info/adblock-youtube-extension-injection-script.html Si vous avez installé une extension qui s'appelle "Adblock for YouTube" pour virer les pubs de vo #reseaux-internet/navigateurs-web #cybersecurite/malwares-menaces #navigateur #extension #vieprivée #sécurité #malware #YouTube #Chrome
Osna.FMProminent politicians from the Christian Democratic Union (CDU) and the Green Party are advocating for an extension of the Bundestag's legislative period. Thoma... https://news.osna.fm/?p=52728 | #news #bundestag #extension #five #german
1operateurRadio🇫🇷 Orthographe (aide). En français.
☺️ Enfin trouvé une extension dans Firefox pour l’orthographe, libre et publique. (GPL V. 3)
Grammalecte [fr] 👍
https://addons.mozilla.org/fr/firefox/addon/grammalecte-fr/
🙂 👋
HabrОграничения Manifest V3 в расширении EasyProxy для управления прокси
Как перестать искать подходящее расширение и написать его самому. Отличия API Firefox и Chrome Extensions.
robrichhttps://www.linkedin.com/posts/alex-turnbull-1ab9992_warning-github-has-been-breached-by-teampcp-share-7462842202730295297--SNG/ - TeamPCP stole #GitHub internal repos via a malicious #VSCode #Extension. "TeamPCP is the same crew that ran Mini Shai-Hulud this week, the npm worm that hit OpenAI, Mistral, UiPath, SAP, and OpenSearch in 72 hours. This happened from Microsoft's own developer, running Microsoft's own editor, installing from Microsoft's own marketplace, took down GitHub."
WARNING: GitHub has been breached by TeamPCP (hackers behind Shai Hulud npm hack). An infected VS Code ext. exfiltrated ~3,800 internal repos. Github's source code is on a cybercrime forum RIGHT NOW.… | Alex Turnbull | 61 comments
WARNING: GitHub has been breached by TeamPCP (hackers behind Shai Hulud npm hack). An infected VS Code ext. exfiltrated ~3,800 internal repos. Github's source code is on a cybercrime forum RIGHT NOW. How to triage ASAP 👇 If you use VS Code extensions, that's the likely next vector. The breach started from one employee device with a malicious VS Code extension. ~3,800 internal repos exfiltrated. GitHub says the attacker's claim is "directionally consistent" with their investigation. TeamPCP is the same crew that ran Mini Shai-Hulud this week, the npm worm that hit OpenAI, Mistral, UiPath, SAP, and OpenSearch in 72 hours. This happened from Microsoft's own developer, running Microsoft's own editor, installing from Microsoft's own marketplace, took down GitHub. GitHub's internal source code is now listed for $50,000 on a cybercrime forum. Critical secrets rotated overnight. No customer data accessed per their disclosure, but the attacker has the keys to the kingdom. This is the third compromise this week where the attack vector was a developer's own tooling. Context . ai → Vercel. Mini Shai-Hulud npm → OpenAI, Mistral, SAP. VS Code extension → GitHub. Your editor, package manager, and your AI tools are now the primary vector for these recent string of attacks. Here's what to do: 1 / Audit every VS Code extension 1. Open Extensions panel in VS Code 2. Remove anything you don't actively use 3. Check publisher verification on what remains — look for the blue checkmark 4. Pin extension versions in .vscode/extensions.json for shared workspaces 2 / Rotate every secret stored in code 1. Any API key, token, or credential committed to a repo — even private — assume exposed 2. Rotate first, remove from history second (git filter-repo or BFG) 3. Audit GitHub Actions secrets and environment variables 4. Check .env files in every repo you've cloned in the last 30 days 3 / Move secrets out of code permanently 1. Use a secrets manager (1Password, Doppler, AWS Secrets Manager, Vault) 2. Add pre-commit hooks (gitleaks, trufflehog) to block future commits 3. Enable GitHub secret scanning + push protection on every repo 4. Audit every contributor's commits for accidental secret pushes GitHub hosts your code and can be breached through one extension on one laptop. Your editor is now the perimeter so every extensions is a security / trust decisions. This is the new attack surface. These hacks are only getting worse and this won't be the last one. Prepare accordingly. | 61 comments on LinkedIn
ArchDaily | Broadcasting Architecture Worldwide [Unofficial]Casa Blajot / exitprojectes estudi d'arquitectura
visnudevaMy GNOME extension **CyberGlow** is out !
A neon shape overlay with tinted rain, dust, and glitch flicker reacting to the music on the desktop background, plus optional neon window underglow.
https://extensions.gnome.org/extension/10212/cyberglow/
#gnome #gnome50 #linux #opensource #foss #gnomeshell #customization #tech #programming #coding #javascript #cyberpunk #rice #rickAndMorty #extension
Martin StephensonAnyone else using tab groups on #Firefox, and disappointed there's no "1-click" way to close the groups? To solve this issue I got claude.ai to create an #extension to do just that. Get in touch if you'd like a copy, and I'll send you a link.
#tech #code #linux
#tech #code #linux
iamdtmsYes. I'm started. I will use EDGE #browser on #Linux, #Windows and #Android. That is the widest common #way where I can use Tempermonkey browser #extension with #personal userscripts and chrome extensions as well. I won't pay 10€ / month for a #site #feature I can #implement on client side as well. I will #write to https://blog.iamdtms.hu #about it if it's finished. I'll share one user script as well. What do you think?
JustGeek🧩 ToggleSwitch : activer ou désactiver toutes vos extensions Chrome en un clic
👉 https://www.justgeek.fr/toggleswitch-activer-desactiver-extensions-chrome-151975/
