Luca Pierluigi Famà
6 posts
Polyfill js - Another Supply Chain Attack
-
- 01 Jul, 2024
- 02 Mins read
What happens if a popular open-source JavaScript library get hacked?
XZ Backdoor (CVE-2024-3094) - A hidden backdoor in open-source software
-
- 03 Apr, 2024
- 04 Mins read
How a malicious actor was able to gain credibility and inject malicious payload in a popular unix-like compression library
JavaScript prototype chain and security risks
-
- 19 Dec, 2022
- 05 Mins read
What is a prototype in JavaScript and why it can lead to dangerous vulnerabilities
Software Design Security Principles
-
- 09 Jun, 2022
- 05 Mins read
A list of basic design principles to build more secure software
Dependency confusion attack technique
-
- 15 Feb, 2022
- 03 Mins read
Don't blindly trust third party libraries..
DevSecOps vs Log4Shell
-
- 17 Dec, 2021
- 03 Mins read
How DevSecOps could help mitigate Log4j (and similar) security incidents