This is a must have for any dev team! Whether you're a manager or not, security principles are a skill we all need!
Check it out!
Technically it's because of the timezone, but this is a better reason! 🤣
There's a reason why @firstname.lastname@example.org's talk was towards the end of @LaraconOnline@twitter.com - to ensure developers can remain sane and attend rest of the event.
Great talk as always @email@example.com 🙌
There's about 3 months security support left for PHP 7.4 and active support for PHP 8.0. If you haven't started planning to upgrade your apps, now is a good time to start.
Anything older than PHP 7.4 is already unsupported and really wants upgrading as soon as possible.
CSPs are a great layer of security you can add to your site.
🥳 Laravel CSP has reached 1M downloads
😱 Why you need this: a story on harvesting credit card numbers with JS
🔐 A content security policy can restrict which requests a browser can make
Worried about security for your containerized application(s)?
Learn how to mitigate root privilege risks in this blog from @firstname.lastname@example.org Product Manager @email@example.com >> https://ter.li/s2t52i
It's out! 🥳
This month's Laravel Security In Depth covers Magic Emails - specifically One-Time Passcodes and Magic Links via email.
I've included some example code to make implementing your own OTPs easier.
Bumped my In Depth email to next week, so this week we've got a security tip about Type Juggling in PHP and why PHP 8 didn't completely fix it. 😈
If you're using https://packagist.org/packages/hautelook/phpass, you'll want to swap it out for something else and rotate your creds and keys ASAP.
The package was hijacked and modified to steal creds like AWS keys from your machines.
Great list of Laravel accounts to follow by @AshAllenDesign@twitter.com, check it out and get some more Laravel in your feed. 😁
Because we all need more Laravel in our lives. 😎
Top 54 Laravel Twitter Accounts to Follow! 🚀
I've just published a new article on my blog with a list of the top accounts that every Laravel developer should be following.
Have I missed anyone off by accident?
Most of the site owners focus on the development part but not security. Therefore, websites created using #PHP are hacked very often 👨💻
Audits the security of Laravel apps 🕵️
Hacks stuff on stage for fun 😈
Teaches Laravel Security at http://larasec.substack.com 🎇
Huge Tolkien fan 📖
A Mastodon instance for info/cyber security-minded people.