CommunityNews

The Vercel Breach: OAuth Supply Chain Attack Exposes the Hidden Risk in Platform Environment Variables

An OAuth supply chain compromise at Vercel exposed how trusted third party apps and platform environment variables can bypass traditional defenses and amplify blast radius. This article examines the attack chain, underlying design tradeoffs, and what it reveals about modern PaaS and software supply chain risk.

Read in full here:

View thread on forum

#environment #vercel

0 2 0

2026-04-23 00:19:00 UTC

Where Next?

View thread on forum

environment

vercel

Home General Dev>In The News

#environment #vercel

0 2 0

Last post

Popular General Dev topics

General Dev>In The News

Wearable Microphone Jamming

We engineered a wearable microphone jammer that is capable of disabling microphones in its user’s surroundings, including hidden micropho...

sandlab.cs.uchicago.edu

/security

7 1834 3

2021-10-19 22:47:50 UTC

New

General Dev>In The News

A career ending mistake

A career ending mistake — Bitfield Consulting. As software engineers, we’re constantly making detailed, elaborate plans for computers to...

bitfieldconsulting.com

#career

22 1549 8

2022-03-12 13:42:09 UTC

New

General Dev>In The News

8 Reasons to ditch Chrome and use Firefox

8 reasons to ditch Chrome and switch to Firefox. Chrome may dominate, but Firefox is a known name among browsers for a reason. Whether y...

pcworld.com

#chrome #firefox

73 1874 41

2022-07-14 16:50:27 UTC

New

General Dev>In The News

Writing a Python SQL engine from scratch

sqlglot/python_sql_engine.md at main · tobymao/sqlglot. Python SQL Parser and Transpiler. Contribute to tobymao/sqlglot development by c...

github.com

/python #sql #writing

0 1647 0

2023-01-27 14:38:38 UTC

New

General Dev>In The News

Why Python keeps growing, explained

Why Python keeps growing, explained | The GitHub Blog. A deep dive into why more people are using Python than ever, its key use cases, a...

github.blog

/python

9 1349 9

2023-08-19 11:34:00 UTC

New

General Dev>In The News

Building GitHub with Ruby on Rails

Building GitHub with Ruby and Rails | The GitHub Blog. Since the beginning, GitHub.com has been a Ruby on Rails monolith. Today, the app...

github.blog

/ruby /rails #github

1 1159 1

2023-04-08 13:18:38 UTC

New

General Dev>In The News

Declarative GNOME configuration with NixOS

Declarative GNOME configuration with NixOS. I adore tinkering with my machine, trying new tools, extensions, themes, and ideas. When I w...

hoverbear.org

/nixos

0 1557 0

2023-05-01 14:45:52 UTC

New

General Dev>In The News

SLUM: The Shadow Library Uptime Monitor

SLUM: The Shadow Library Uptime Monitor. This dashboard tracks the availability of popular shadow libraries in real time from a US-based...

open-slum.org

#library #monitor

0 2891 0

2025-01-19 20:46:27 UTC

New

General Dev>In The News

To avoid being replaced by LLMs, do what they can't

To avoid being replaced by LLMs, do what they can’t. What LLM’s can’t do yet

seangoedecke.com

18 1109 7

2025-04-14 19:56:29 UTC

New

General Dev>In The News

Self-Hosting a Firefox Sync Server

After switching from Firefox to LibreWolf, I became interested in the idea of self-hosting my own Firefox Sync server. Although I had see...

blog.diego.dev

#hosting #firefox

0 1154 0

2025-03-09 03:43:04 UTC

New

Other popular topics

General Dev>Hardware

Which keyboard do you have?

If it’s a mechanical keyboard, which switches do you have? Would you recommend it? Why? What will your next keyboard be? Pics always w...

#hardware /keyboards #sticky #mechanical-keyboards

144 9115 50

2021-01-07 23:58:36 UTC

New

General Dev>Hardware

Planck vs Preonic vs Subatomic (Keyboards)

I ended up cancelling my Moonlander order as I think it’s just going to be a bit too bulky for me. I think the Planck and the Preonic (o...

/keyboards #mechanical-keyboards #ortholinear #planck #preonic

105 17596 47

2021-05-28 21:32:35 UTC

New

General Dev>Dev Chat

How fast do you type? Check your WPM here!

Do the test and post your score :nerd_face: :keyboard: If possible, please add info such as the keyboard you’re using, the layout (Qw...

typing-speed-test.aoeu.eu

/keyboards

82 7682 31

2021-07-10 05:52:20 UTC

New

macOS>Chat

My thoughts on macOS vs Linux

Small essay with thoughts on macOS vs. Linux: I know @Exadra37 is just waiting around the corner to scream at me “I TOLD YOU SO!!!” but I...

#macos #linux

166 9730 69

2021-04-10 22:36:29 UTC

New

General Dev>Dev Chat

Roc Language - a new purely functional programming language built for speed and ergonomics

Hi folks, I don’t know if I saw this here but, here’s a new programming language, called Roc Reminds me a bit of Elm and thus Haskell. ...

#programminguages #functional-programming

49 5164 14

2021-11-10 20:03:09 UTC

New

Community>In The Spotlight

Spotlight: Dmitry Zinoviev (Author) Interview and AMA!

Author Spotlight Dmitry Zinoviev @aqsaqal Today we’re putting our spotlight on Dmitry Zinoviev, author of Data Science Essentials in ...

#author-spotlight /python /book-complex-network-analysis-in-python /book-data-science-essentials-in-python /book-resourceful-code-reuse /book-pythonic-programming

33 5211 14

2022-10-11 20:07:10 UTC

New

General Dev>In The News

X can’t stop spread of explicit, fake AI Taylor Swift images

Will Swifties’ war on AI fakes spark a deepfake porn reckoning?

arstechnica.com

/swift

0 8379 0

2024-01-26 05:47:12 UTC

New

Backend>Learning Resources

Agile Web Development with Rails 8

Get the comprehensive, insider information you need for Rails 8 with the new edition of this award-winning classic. Sam Ruby @rubys ...

pragprog.com

#pragprog #web-development /ruby /rails #published-book /book-agile-web-development-with-rails-8

12 7404 7

2025-03-27 18:33:39 UTC

New

Backend>Learning Resources

Ash Framework

Explore the power of Ash Framework by modeling and building the domain for a real-world web application. Rebecca Le @sevenseacat and ...

pragprog.com

#pragprog /elixir #published-book /ash /book-ash-framework

15 7555 9

2025-02-06 12:19:21 UTC

New

Backend>Learning Resources

Simplicity

Fight complexity and reclaim the original spirit of agility by learning to simplify how you develop software. The result: a more humane a...

pragprog.com

#pragprog #published-book /book-simplicity

10 6553 8

2025-03-14 21:53:12 UTC

New

General Dev>In The News

PipeDream on the Acorn Archimedes

General Dev>In The News

Texas accuses Netflix of spying on users, including children

General Dev>In The News

Through the looking glass of benchmark hacking

General Dev>In The News

Google account registration now requires sending an SMS via phone instead of receiving an SMS

General Dev>In The News

Software engineering may no longer be a lifetime career

General Dev>In The News

Eight More 8-Bit Era Microprocessors

General Dev>In The News

I returned to AWS - and was reminded HARD why I left

General Dev>In The News

Light without electricity? Glowing algae could make it possible

General Dev>In The News

Introduction to Meshtastic

General Dev>In The News

Dear Readers: Yes, pen pal programs still exist in a digital world

General Dev>In The News

General Dev In The News ❯

Latest on Devtalk

Quarkus 3.36.0.CR1 and 3.35.3 released!

Backend>Official News

Symfony v7.4.11 and v6.4.39 released!

Backend>Official News

Laravel v13.6.0 released!

Backend>Official News

PipeDream on the Acorn Archimedes

General Dev>In The News

Port Wolfenstein3D (MS-DOS, C) to Rust (Cross-OS, Controller-Support)

Game Dev>Game

Anyone tried mattpocock/skills for Claude Code? Here is what I found after a week

AI>Chat

Kotlin v2.4.0-RC released!

Backend>Official News

Building Agentic Applications with CrewAI and MCP (Manning)

AI>Learning Resources

Erlang OTP-29.0 released!

Backend>Official News

Nest v11.1.20 released!

Backend>Official News

LLMs Corrupt Your Documents When You Delegate

AI>In The News

GrapheneOS fixes Android VPN leak Google refused to patch

Android>In The News

Amazon employees are "tokenmaxxing" due to pressure to use AI tools

AI>In The News

Texas accuses Netflix of spying on users, including children

General Dev>In The News

Through the looking glass of benchmark hacking

General Dev>In The News

Devtalk ❯

We ❤️ helpful members!

We reward our most helpful members via our MOTM scheme - by giving away a whopping 25 books per year!

Sub Categories:

We're in Beta

About us Mission Statement See our Roadmap

The Vercel Breach: OAuth Supply Chain Attack Exposes the Hidden Risk in Platform Environment Variables

CommunityNews

The Vercel Breach: OAuth Supply Chain Attack Exposes the Hidden Risk in Platform Environment Variables

Where Next?

Popular General Dev topics

Wearable Microphone Jamming

A career ending mistake

8 Reasons to ditch Chrome and use Firefox

Writing a Python SQL engine from scratch

Why Python keeps growing, explained

Building GitHub with Ruby on Rails

Declarative GNOME configuration with NixOS

SLUM: The Shadow Library Uptime Monitor

To avoid being replaced by LLMs, do what they can't

Self-Hosting a Firefox Sync Server

Other popular topics

Which keyboard do you have?

Planck vs Preonic vs Subatomic (Keyboards)

How fast do you type? Check your WPM here!

My thoughts on macOS vs Linux

Roc Language - a new purely functional programming language built for speed and ergonomics

Spotlight: Dmitry Zinoviev (Author) Interview and AMA!

X can’t stop spread of explicit, fake AI Taylor Swift images

Agile Web Development with Rails 8

Ash Framework

Simplicity

Sponsor Spotlight

General Dev>In The News

Latest on Devtalk

We ❤️ helpful members!

Devtalk Sponsors

Categories:

Sub Categories:

Popular Portals

Devtalk Sponsors

We're in Beta