Charlie Bedard

One Ring to Rule Them All

Munawar Hafiz, CEO of OpenRefactory, writes about how a simple mistake can result in critical supply chain attacks. Edited by Charlie Bedard. On June 28, JFrog’s Brian Moussalli reported a leaked GitHub Personal Access Token (PAT) belonging to Ee Durbin (@ewdurbin), the Administrator of PyPI. Quoting from the incident report, “This token was immediately revoked, …

One Ring to Rule Them All Read More »

The Benefits of Knowing the Future

Munawar Hafiz, CEO of OpenRefactory, writes about the benefits of proactive vulnerability management strategies, including the potential advantage of knowing about bugs before they become public CVEs. Edited by Charlie Bedard. Three Vulnerabilities with Different Impacts We encounter security vulnerabilities every day. Some we are able to dodge while others leave a major impact. We’ll …

The Benefits of Knowing the Future Read More »

Crash ! Boom ! Bang ! What Happens When A Serializable Object Contains a Non-Serializable Field?

This blog was created by Arafat Tanin, Software Security Engineer, OpenRefactory and edited by Charlie Bedard. Introduction In the enchanting realm of Java, a powerful sorcery, known as serialization, enables objects to transcend their earthly forms and be reborn as byte streams. During my recent days working as a part of a team that is …

Crash ! Boom ! Bang ! What Happens When A Serializable Object Contains a Non-Serializable Field? Read More »