BEGIN KEYBASE SALTPACK SIGNED MESSAGE. kXR7VktZdyH7rvq v5weRa0zkEx10gc xaQeHxRF6WCtgFb EngwuZBGF0yHoLD ShgmTs1O1VbRQIM Bq5dMxpukkoaYij zntRYcM2pco14HZ NeNhxt4EU2X1FdU gvTVKnEDEmdy56s eKVf9HaeL33d1S9 mZRPU2VSf7NHFlW QlGCUaeNd65br8j Asa9ARJ03ufjap4 61zgRDYFBXF61SD Fd0eX4vWA6kCwYw waUMBAfw1ATGD1c zz47v3mcWVPX4. END KEYBASE SALTPACK SIGNED MESSAGE.
I just realised my intro went when my instance crashed all those months ago.
My day job is a senior #networkengineer working on some very large and strange computer networks.
Two factor codes travel from some server on the internet to a SMS gateway.
But what happens if the gateway is insecure? You get a live stream of two factor codes, plus whatever else flows through the gateway.
A leaky database of SMS text messages exposed password resets and two-factor codes.
AMP for WordPress: Critical vulnerability found that could allow a low-privileged attacker to inject malicious code on AMP pages:
– AMP for WP has more than 100,000 installations
– was recently removed temporarily from the WordPress plugins library due to vulnerable code
– recently, other WP plugins also contained critical vulnerabilities
@smallsees hmm. I'm actually rewriting a lot of the plugin right now, and the new architecture should make things way more reliable moving forward. It'll take me a few weeks to do the refactor though. In the meantime, I'll take another look and see what's going on with your site.