Jérémy Derussé
@jderusse.bsky.social
developer @blackfire.io
core team & security team @symfony
core team & security team @symfony
La @FFME_officiel vient d'envoyer un email à tous ses adhérants pour les informer que leurs données personnelles ont fuitées ☠️.
Je ne suis pas surpris, je leur ai signalé la faille en Juillet 2021 🤷♂️ !
Il y a putain de 3 ans et demi 🤬!
🧵détails ⤵️ 1/7
Je ne suis pas surpris, je leur ai signalé la faille en Juillet 2021 🤷♂️ !
Il y a putain de 3 ans et demi 🤬!
🧵détails ⤵️ 1/7
January 23, 2025 at 11:44 AM
La @FFME_officiel vient d'envoyer un email à tous ses adhérants pour les informer que leurs données personnelles ont fuitées ☠️.
Je ne suis pas surpris, je leur ai signalé la faille en Juillet 2021 🤷♂️ !
Il y a putain de 3 ans et demi 🤬!
🧵détails ⤵️ 1/7
Je ne suis pas surpris, je leur ai signalé la faille en Juillet 2021 🤷♂️ !
Il y a putain de 3 ans et demi 🤬!
🧵détails ⤵️ 1/7
The french Moutain and Climbing Sport Federation @FFME_officiel just sent an email to report a data breach ☠️.
All personal information of their members (present and past) was publicly accessible.
I'm not surprised, I warn them about the vulnerability in July 2021 🤷♂️ !
All personal information of their members (present and past) was publicly accessible.
I'm not surprised, I warn them about the vulnerability in July 2021 🤷♂️ !
January 23, 2025 at 11:41 AM
The french Moutain and Climbing Sport Federation @FFME_officiel just sent an email to report a data breach ☠️.
All personal information of their members (present and past) was publicly accessible.
I'm not surprised, I warn them about the vulnerability in July 2021 🤷♂️ !
All personal information of their members (present and past) was publicly accessible.
I'm not surprised, I warn them about the vulnerability in July 2021 🤷♂️ !
This is how command injection looks like in 2024.
It involves GitHub Actions and a branch names.
github.com/advisories/G...
It involves GitHub Actions and a branch names.
github.com/advisories/G...
December 8, 2024 at 5:35 PM
This is how command injection looks like in 2024.
It involves GitHub Actions and a branch names.
github.com/advisories/G...
It involves GitHub Actions and a branch names.
github.com/advisories/G...
Dude reported false vulnerability reports to cve.mitre.org.
@github.com created advisory for these CVE, and users are now complaining and asking to fix something that does not exist 😢
@github.com created advisory for these CVE, and users are now complaining and asking to fix something that does not exist 😢
December 3, 2024 at 11:28 AM
Dude reported false vulnerability reports to cve.mitre.org.
@github.com created advisory for these CVE, and users are now complaining and asking to fix something that does not exist 😢
@github.com created advisory for these CVE, and users are now complaining and asking to fix something that does not exist 😢
Reposted by Jérémy Derussé
#Symfony 7.2 has just been released. Here is a list of curated features symfony.com/blog/symfony...
Big thanks to all the contributors!
Big thanks to all the contributors!
Symfony 7.2 curated new features (Symfony Blog)
Symfony 7.2 curated new features
symfony.com
November 29, 2024 at 9:05 AM
#Symfony 7.2 has just been released. Here is a list of curated features symfony.com/blog/symfony...
Big thanks to all the contributors!
Big thanks to all the contributors!
Reposted by Jérémy Derussé
It doesn't just happen on your open-source project that you need to patch things immediately before the official release
November 21, 2024 at 8:10 AM
It doesn't just happen on your open-source project that you need to patch things immediately before the official release