Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
dmv.community is one of the many independent Mastodon servers you can use to participate in the fediverse.
A small regional Mastodon instance for those in the DC, Maryland, and Virginia areas. Local news, commentary, and conversation.

Administered by:

Server stats:

163
active users

dmv.community: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.4

#github

68 posts61 participants7 posts today
Public *
stateful being

#helix vs #neovim. spot the differences!

the main one isn't really visible, though: helix has a built-in #treesitter, and it does a great job at highlighting #rust out of the box, with zero configuration and dependencies!

this way, i don't have 20 plugins in #lua and/or #vimscript running in the background and autoupdating from #github - awesome! 🌈🦄 config is plain #toml - no need to write it in turing-complete languages which i only know poorly

shout out @bobulous 🙌 bobulous.org.uk/coding/Helix-c

screenshot of helix and neovim open side by side in tmux. both are configured to the everforest theme, but of course the syntax highlighting is slightly different!
Public
jbz

Semgrep | 🚨 Popular GitHub Action tj-actions/changed-files is compromised

「 Popular GitHub Action tj-actions/changed-files has been compromised (GitHub issue) with a payload that appears to attempt to dump secrets, impacting thousands of CI pipelines. This isn’t the first security issue with tj-actions/changed-files—see prior vulnerability CVE-2023-51664 」

semgrep.dev/blog/2025/popular-

SemgrepSemgrep | 🚨 Popular GitHub Action tj-actions/changed-files is compromisedPopular GitHub Action tj-actions/changed-files has been compromised with a payload that appears to attempt to dump secrets, impacting thousands of CI pipelines.
#github#cicd#githubactions
Public
mark carter

The tj-actions/changed-files #GitHub Action, which is currently used in over 23,000 repositories, has been compromised. In this attack, the attackers modified the action’s code and retroactively updated multiple version tags to reference the malicious commit. The compromised Action prints CI/CD secrets in GitHub Actions build logs. If the workflow logs are publicly accessible (such as in public repositories), anyone could potentially read these logs and obtain exposed secrets. There is no evidence that the leaked secrets were exfiltrated to any remote network destination.

stepsecurity.io/blog/harden-ru #Infosec

www.stepsecurity.ioHarden-Runner detection: tj-actions/changed-files action is compromised - StepSecuritytj-actions/changed-files
Public
stf

nice phishing attempt via #github issues, sent to a friend, who does (among others) professional phishing tests. gh is experiencing to much work to respond immediately.

a github issue with the title "notification" and the text itself saying "Unusual Sign-in Activity Detected on your Github Account" and then goes on with all kind of content expected in such mails, with links for password reset going to a phishing site.
Public
Lenin alevski 🕵️💻

New Open-Source Tool Spotlight 🚨🚨🚨

DataDog's KubeHound is a tool that queries Kubernetes clusters and surfaces Pod Security Standard violations. It works by analyzing a cluster against best practices with minimal setup. Useful for teams focused on securing their workloads in Kubernetes environments. #Kubernetes #CyberSecurity

🔗 Project link on #GitHub 👉 github.com/DataDog/KubeHound

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

✨
🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

ExploreLive feeds
About