Luca Pierluigi Famà
6 posts

Polyfill js - Another Supply Chain Attack
-
Luca Pierluigi Famà
- 01 Jul, 2024
- 02 Mins read
What happens if a popular open-source JavaScript library get hacked?

XZ Backdoor (CVE-2024-3094) - A hidden backdoor in open-source software
-
Luca Pierluigi Famà
- 03 Apr, 2024
- 04 Mins read
How a malicious actor was able to gain credibility and inject malicious payload in a popular unix-like compression library

JavaScript prototype chain and security risks
-
Luca Pierluigi Famà
- 19 Dec, 2022
- 05 Mins read
What is a prototype in JavaScript and why it can lead to dangerous vulnerabilities

Software Design Security Principles
-
Luca Pierluigi Famà
- 09 Jun, 2022
- 05 Mins read
A list of basic design principles to build more secure software

Dependency confusion attack technique
-
Luca Pierluigi Famà
- 15 Feb, 2022
- 03 Mins read
Don't blindly trust third party libraries..

DevSecOps vs Log4Shell
-
Luca Pierluigi Famà
- 17 Dec, 2021
- 03 Mins read
How DevSecOps could help mitigate Log4j (and similar) security incidents