Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
digitalcourage.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Diese Instanz wird betrieben von Digitalcourage e.V. für die Allgemeinheit. Damit wir das nachhaltig tun können, erheben wir einen jährlichen Vorausbeitrag von 1€/Monat per SEPA-Lastschrifteinzug.

Administered by:

Server stats:

861
active users

digitalcourage.social: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.6

#github

69 posts57 participants6 posts today
Erik van Straten<p><span class="h-card" translate="no"><a href="https://mastodon.social/@geerlingguy" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>geerlingguy</span></a></span> : Juan Mesaglio analysed these types of github phishing attacks in <a href="https://medium.com/@juan.mesaglio/emerging-phishing-attack-exploiting-github-app-to-gain-user-tokens-45a7b38880dc" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">medium.com/@juan.mesaglio/emer</span><span class="invisible">ging-phishing-attack-exploiting-github-app-to-gain-user-tokens-45a7b38880dc</span></a>.</p><p>He apparently also wrote a tool to help detect such phishing, and more (I've not looked at it, nor tested it).</p><p>The domain name in the sub-URL of the phishing site in your case, is visible halfway the URL:</p><p>hxxps://github-com-settings-applications.onrender[.]com/auth/callback</p><p>That domain name is hosted on 216.24.57[.]252 (AS 397273, render.com). It has a Domain Validated certificate issued by "Google Trust Services" (go figure).</p><p>As can be seen in the RELATIONS tab in <a href="https://www.virustotal.com/gui/ip-address/216.24.57.252" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">virustotal.com/gui/ip-address/</span><span class="invisible">216.24.57.252</span></a> a lot of *.onrender.com domain names are hosted there, many were recently fount to resolve to 216.24.57[.]252.</p><p>There is a fix: <a href="https://infosec.exchange/@ErikvanStraten/114222237036021070" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.exchange/@ErikvanStrat</span><span class="invisible">en/114222237036021070</span></a> (more details, long: <a href="https://infosec.exchange/@ErikvanStraten/113079966331873386" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.exchange/@ErikvanStrat</span><span class="invisible">en/113079966331873386</span></a>).</p><p><a href="https://infosec.exchange/tags/phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>phishing</span></a> <a href="https://infosec.exchange/tags/github" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>github</span></a> <a href="https://infosec.exchange/tags/FixTheInternet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FixTheInternet</span></a> <a href="https://infosec.exchange/tags/GoogleIsEvil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GoogleIsEvil</span></a></p>
Janik :linux: :ansible: :bash:<p>Over the coming months I will move all my personal and private repositories from <a href="https://fosstodon.org/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GitHub</span></a> and <a href="https://fosstodon.org/tags/GitLab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GitLab</span></a> to <a href="https://fosstodon.org/tags/Codeberg" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Codeberg</span></a>. I run many static sites and intend to use <a href="https://ci.codeberg.org" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">ci.codeberg.org</span><span class="invisible"></span></a> to trigger the builds.</p><p>Once this process is finished and everything works fine with <a href="https://fosstodon.org/tags/forgejo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>forgejo</span></a>. I will also migrate the repos of my company <a href="https://fosstodon.org/tags/MintSystem" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MintSystem</span></a> to <a href="https://www.codey.ch/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">codey.ch/</span><span class="invisible"></span></a>. As there are some GitHub integrations I can't get rid of, I intend to mirror back the repos.</p><p>I'll keep you updated via <a href="https://fosstodon.org/tags/CodebergMigration" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CodebergMigration</span></a>.</p>
Jordi Cabot<p><a href="https://fediscience.org/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GitHub</span></a> <a href="https://fediscience.org/tags/Stargazer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Stargazer</span></a> – Get alerts on your phone when somebody stars your project <a href="https://livablesoftware.com/github-stargazer-get-alerts-on-your-phone-when-somebody-stars-your-project/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">livablesoftware.com/github-sta</span><span class="invisible">rgazer-get-alerts-on-your-phone-when-somebody-stars-your-project/</span></a> </p><p>Make me happy and fill my phone with <a href="https://fediscience.org/tags/telegram" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>telegram</span></a> ⭐ 🤖 notifications</p>
Public
Lenin alevski 🕵️💻

New Open-Source Tool Spotlight 🚨🚨🚨

VISTA is a Python-based AI chatbot built using OpenAI GPT and LangChain. It integrates with Pinecone for vector databases, focusing on semantic search and managing context. Looks like a good starting point if you're exploring AI chatbot frameworks. #AI #Chatbots

🔗 Project link on #GitHub 👉 github.com/RitikaVerma7/VISTA

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

✨
🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

Public
N-gated Hacker News

Ah, yes, because what we really needed was yet another shiny tool to transform our chaotic #GitHub projects into glorified endpoints no one asked for. 🚀🔧 Forget fixing your code or collaborating effectively; let's just drown ourselves in more #buzzwords and pretend it’s #innovation. 🙄🧐
github.com/idosal/git-mcp #shinytools #chaos #developerfrustration #HackerNews #ngated

Contribute to idosal/git-mcp development by creating an account on GitHub.
GitHubGitHub - idosal/git-mcpContribute to idosal/git-mcp development by creating an account on GitHub.
Public
Spencer Magnusson

For people with their own websites and domains, what do you use to host the site? I'm currently using GitHub pages for a links page, but I'd like to expand the site with some other things (e.g. portfolio, potentially blogs) without being explicitly linked to a public repo.

I have a domain, but most website builders I see require paying to connect your own. Free would be ideal, but I understand if that's not the case.

#website#WebDev#DigitalOcean
Continued thread
Public
Marcus Jaschen

The Week in Review, Edition 86 (2025-14)

Topics:

🖥️ Attic Find: iMac from 2006

🗺️ Small updates on Bikerouter and change of domain registrar

🐙 Canceled: my paid GitHub subscription

👨‍💻 Awesome Gitea: List of all sorts of interesting stuff

🚴‍♂️ Brandenburg Odyssey: The route has been fixed

🌐 Old CSS, new CSS

🔊 Listened to this week: SHA, Karlo vom Dach, Patrik Pagan, Rachel Raw, Markus Schulz

#weekly #iMac #Apple #SnowLeopard #iFixIt #Ebay #Bikerouter #Hetzner #DNS #API #GitHub #Gitea #Brandenburg #BrandenburgOdyssee #ActivityPub #CSS #WebDevelopment #Techno

https://www.marcusjaschen.de/en/blog/2025/2025-14/

Marcus Jaschen · The Week in Review – 2025-14🖥️ Attic Find: iMac from 2006 🗺️ Small updates on Bikerouter and change of domain registrar 🐙 Canceled: my paid GitHub subscription 👨‍💻 Awesome Gitea: List of all sorts of interesting stuff 🚴‍♂️ Brandenburg Odyssey: The route has been fixed 🌐 Old CSS, new CSS 🔊 Listened to this week: SHA, Karlo vom Dach, Patrik Pagan, Rachel Raw, Markus Schulz
Public
Marcus Jaschen

Wochenrückblick, Ausgabe 86 (2025-14)

Themen:

🖥️ Dachbodenfund: iMac aus 2006

🗺️ Bikerouter-Kleinigkeiten und Wechsel des Domain-Registrars

🐙 Gekündigt: mein bezahltes GitHub-Abo

👨‍💻 Awesome Gitea: Liste mit allerlei interessantem Zeug

🚴‍♂️ Brandenburg Odyssee: Die Route wurde gefixt

🌐 Old CSS, new CSS

🔊 In dieser Woche gehört: SHA, Karlo vom Dach, Patrik Pagan, Rachel Raw, Markus Schulz

#Wochenrückblick #iMac #Apple #SnowLeopard #iFixIt #Ebay #Bikerouter #Hetzner #DNS #API #GitHub #Gitea #Brandenburg #BrandenburgOdyssee #ActivityPub #CSS #WebDevelopment #Techno

https://www.marcusjaschen.de/blog/2025/2025-14/

Marcus Jaschen · Rückblick Kalenderwoche 2025-14🖥️ Dachbodenfund: iMac aus 2006 🗺️ Bikerouter-Kleinigkeiten und Wechsel des Domain-Registrars 🐙 Gekündigt: mein bezahltes GitHub-Abo 👨‍💻 Awesome Gitea: Liste mit allerlei interessantem Zeug 🚴‍♂️ Brandenburg Odyssee: Die Route wurde gefixt 🌐 Old CSS, new CSS 🔊 In dieser Woche gehört: SHA, Karlo vom Dach, Patrik Pagan, Rachel Raw, Markus Schulz
Public
Auden in Austria Digital

📢 Releasing tei-rdfa (beta)

▶️ Python utility for extracting RDFa data from TEI-XML documents
▶️ Resolves native TEI namespace formatting (through <prefixDef>)

🔗 pypi.org/project/tei-rdfa/
🔗 github.com/timofruehwirth/tei_

We welcome beta testing, feedback & contribution via #GitHub.
Boosts will be very much appreciated.

@ACDHCH_OeAW @oeaw @fwf @TEIConsortium @w3c @hcayless

PyPItei-rdfaA Python utility for extracting RDFa data from TEI-XML documents.
#TEI#XML#RDFa
Public
N-gated Hacker News

🎉🤦‍♂️ Behold! A valiant quest to safely run #unsafe #code in #Rust 🦀—because, you know, why bother with safety when you can slap on a fancy crate and pretend you’ve solved world hunger? 🍽️ Just another day in the land of #GitHub, where #feature #bloat meets misguided innovation! 🚀
github.com/brannondorsey/mem-i #Innovation #HackerNews #ngated

Run unsafe code safely. Contribute to brannondorsey/mem-isolate development by creating an account on GitHub.
GitHubGitHub - brannondorsey/mem-isolate: Run unsafe code safelyRun unsafe code safely. Contribute to brannondorsey/mem-isolate development by creating an account on GitHub.
Public
nairou

Starting a new project, which I plan to make open source, and hope to eventually build a community of contributors. However, I'm hesitant to put it on GitHub. I have my own Forgejo server, but I don't know how likely people are to contribute if they can't just use their existing GitHub account...
#forgejo #github #opensource

ExploreLive feeds
About