www.stepsecurity.io Harden-Runner detection: tj-actions/changed-files action is compromised - StepSecurity
tj-actions/changed-files
leds @
leds @feddit.dk
Posts
12
Comments
345
Joined
2 yr. ago
And the struggles of people that have both
Form a free trade zone with EU!
Removed
‘Danish Viking blood is boiling.’ Danes boycott US goods with fervor as others in Europe do so too
Well.. Congratulations on keeping your finger tips
Husk at få vitamine D3
Hvordan fjerner jeg græs fra min mosplane?
I run a svn server at work
One could also argue that a lot of autistic traits are actually result of trauma from being autistic.
Years ago they would already ask for social media accounts and email address on US visa forms, it was creepy back them , scary now.
popular github action compromised
Harden-Runner detection: tj-actions/changed-files action is compromised We are investigating a critical security incident involving the popular tj-actions/changed-files GitHub Action. We want to alert you immediately so that you can take prompt action.
Your secrets are in the build logs
I read that as recipe checker and got more and more confused reading that. Are they now having people checking your recipes in the shop to make sure you got all the ingredients?
It is usefull but the trouble is that they should be much and much more certain about their designs. Let's say they want 99.99% reliability for real payload then they should by now be at 99.9% . If they want to do it by trail and error they would need to do a lot trials to show that they actually achieved that reliability. Otherwise the next one is still just as likely to explode. I guess what I'm trying to say is that you can't get there by trial and error.
Opening bank accounts can be difficult due to the reporting/spying requirements banks have on US citizens. Actually not just citizens , I think it is called US persons of interest or something like that. Anyway not all banks want to deal with that and will not allow you to open an account.
Those big mechanical relays will wear out , test them to see if they still click when applying the low voltage.
Musk would have his world dominance with starlink. Wait.. Does this mean Musk is behind all these cable sabotages and not Putin ?
Also to make it harder for people with non western names to vote
Sorry to hear that, they will undouptly run this trough an AI to decide. So game it the old fashioned way with all the buzzwords (and definitely none of the black list words) or modern prompt injection
I'd love a tabletob machine learning sorter, manually sort a bunch and tell it which are bad and which are good and then let it sort the rest.
I dont know who needs to hear this bit qBittorrent has a nasty vulnerability ( and there are some older ones too)
qBittorrent, on all platforms, did not verify any SSL certificates in its DownloadManager class from 2010 until October 2024. If it failed to verify a cert, it simply logged an error and proceeded.
To be exploitable, this bug requires either MITM access or DNS spoofing attacks, but under those conditions (seen regularly in some countries), impacts are severe.
The primary impact is single-click RCE for Windows builds from 2015 onward, when prompted to update python the exe is downloaded from a hardcoded URL, executed, and then deleted afterwards.
The secondary impact for all platforms is the update RSS feed can be poisoned with malicious update URLs which the user will open in their browser if they accept the prompt to update. This is browser hijacking and arbitrary exe delivery to a user who would likely trust whatever URL this software sent them to.
The tert
VVS spørgmål
Er der nogen af jer som kan fortælle mig om der skal paksalve eller tape på den her kugle samling til drikkevand (på selve kontakt flåde af kuglen). Jeg har det svært med at få det vandtæt uden nogen som helst.
Opdatering: Den koniske samling som opslag drejede sig er faktisk fuldstændig vandtæt uden tape eller garn! på resten af samlinger har jeg skifted taped ud med garn og salve og det virker meget bedre.
My experience with LineageOS tonight
so.. i'm running lineageOS on my phone (a Oneplus 6T) , have been for a very long time. Usually i'm really happy with this but not tonight:
- Phone suggest a update of OS , just a weekly build. Sure why not, so it does it thing and i reboot, all good.
- Open a app to listen to some podcast: screen goes black flickers a couple of times showing empty launcher. thankfully power button long press shows shutdown menu (but looks different from normal?) and lets me restart
- do same thing again , ok looks like latest update broke something
- update app, same
- go to settings , updates to try to revert to previous version: no option to install older version , only option is export. weird ok lets try to export old version . Now it lets me install that
- installation loops , seems it failed
- try app again, same black screen , hold power button to get boot menu again : now phone says ERASING .. wait what stop no .. (does lineage have a panic wipe my phone key combo i didn't know about?)
nyheder.tv2.dk EU vil overvåge dine beskeder – forslag deler vandene
Tjenester som WhatsApp og Signal skal ifølge et EU-forslag dele videoer, links og billeder med myndigheder.
favas eating ants?
Hi All, my fava beans are being eaten by black ants , no aphids. the ants themselves seem to be sucking the juice out of the leaves, leaving black spots where they have been nibling.
I thought they normally employed aphids to do the hard work for them but maybe they are skipping the middle man. Anyone seen this before?
Other leaves are full of holes but that looks more like snails , dont think the ants are capable of that.
Any good tips for encouraging the ants to move elsewhere ?
www.zetland.dk I 74 dage var Youmna verdens øjne i Gaza. Men hun var også mor til fire børn, som skulle i sikkerhed
Al Jazeera er et af de eneste etablerede internationale medier, der har haft fotografer og journalister i Gaza under de seneste syv måneders krig. Vi har talt med en af dem.
www.zetland.dk Løkke gav kunstigt åndedræt til dødsdømt vindmølleprojekt. Og spiste kaviar med milliardærerne bag
“Jeg er fucking ligeglad med, om det er CIP eller Ørsted eller en tredje part. Det handler om at få noget op at stå,” siger Lars Løkke Rasmussen.
selvgjort rødebede frokost
Hent friske rødebeder fra køkkenhaven
Vask og skær
Steg i olie med lidt balsamico eddike
Tilføj stilkerne og til sidst bladene
Spis!
Fire dages arbejdsuge for at fastholde seniorerne
www.dr.dk Fire dages arbejdsuge og 1.000 kroner mere om ugen: Partier vil gøre mere for at fastholde seniorerne
At seniorer arbejder længere kan løse nogle af problemerne med manglende arbejdskraft. Men det kan ikke stå alene, siger V, K og M.
Jeg tænker hvis seniorerne få ret til 4 dages arbejdsuge vil det også være nemmere for resten af os, nu er det ikke noget man kan nemt spørge om ellers få man nemt svaret at "det er ikke muligt her"