Dave Everitt

Do JS devs know enough about security? It can be overlooked in their "full stack" forest.

“The majority …within JavaScript environments, … of software developers using bundler tools … (or) poorly configured external plug-ins or scripts … broadcasting … sensitive keys…"

https://apple.news/A3Afjg163T3Cv5wwH8we4BA

Security credentials inadvertently leaked on thousands of websites — New Scientist

Researchers identified nearly 10,000 websites where API keys could be found, exposing details that could let attackers access sensitive information

Mar 28 at 10:42amopenvibe