More

ramimac · 2025-12-14T21:17:08 1765747028

Reach out if you'd like me to check - I did the same for the trigger.dev team in fact[1].

(personal site linked in bio, who links you onward to my linkedin)

[1] https://x.com/ramimacisabird/status/1994598075520749640?s=20

ramimac · 2025-11-17T16:13:41 1763396021

Probably, but you can check out a more robust list here: https://blog.cloudflare.com/tag/acquisitions/

* BastionZero

* Kivera

* Baselime

* PartyKit

* Area 1

* Vectrix

* Zaraz

* Linc

* S2 Systems Corporation

* Neumob

* Eager

* CryptoSeal

* StopTheHacker

captn3m0 · 2025-11-17T16:19:59 1763396399

Not everything seems to be tagged as acquisition. Dyte.io was acquired, and announced here: https://blog.cloudflare.com/introducing-cloudflare-realtime-...

ramimac · 2025-10-23T16:12:24 1761235944

Always a funny title, see previously: Announcing the New AWS Secret Region (2017) [1]

[1] https://news.ycombinator.com/item?id=15741108

ramimac · 2025-09-16T14:42:45 1758033765

It's not a coincidence - this attack is directly downstream of s1ngularity

ramimac · 2025-08-27T17:31:33 1756315893

Hi! Author here who added the VSCode stat :)

I thought it was useful to include because:

* it can inform triage, if you use the extension you're more likely to be impacted * because it was VSCode, Workplace Trust actually partially mitigated this in at least 38 cases

merb · 2025-08-27T18:04:43 1756317883

The vocoder extension does not contain any affected packages, it‘s just misleading

ramimac · 2025-08-27T17:10:13 1756314613

I have evidence of at least 250 successes for the prompt. Claude definitely appears to have a higher rejection rate. Q also rejects fairly consistently (based on Claude, so that makes sense).

Context: I've been responding to this all day, and wrote https://www.wiz.io/blog/s1ngularity-supply-chain-attack

ramimac · 2025-06-24T07:45:46 1750751146

In case it's helpful, I also collate quality blog posts in this genre over at https://rami.wiki/soc2/

dan-robertson · 2025-06-24T09:19:28 1750756768

I get a 404 currently, fwiw.

ramimac · 2025-06-24T09:36:52 1750757812

Fixed! Pages drops the custom domain whenever I push right now, have been putting off debugging it - apologies

justusthane · 2025-06-24T11:39:19 1750765159

If I understand the issue correctly, you just need a file called CNAME in the root of your repo containing your custom domain, like this: https://github.com/justusthane/justusthane.github.io/blob/ma...

ramimac · 2025-06-25T09:13:51 1750842831

Thanks! Unfortunately, I've somehow fallen off the paved road :) https://github.com/ramimac/wiki/blob/main/CNAME

justusthane · 2025-06-25T13:49:39 1750859379

GH Pages is particular about how your apex and www records are set up. I believe you need apex A records pointing to

185.199.108.153 185.199.109.153 185.199.110.153 185.199.111.153

which you already have. Your CNAME record at www.rami.wiki needs to point to "ramimac.github.io/wiki", and your CNAME file in the root of your repo needs to contain "www.rami.wiki" (www is necessary).

At this point, https://rami.wiki should automatically redirect to https://www.rami.wiki.

At least, that's more or less how mine is set up and it works for me :) I had the same issue as you until I got that all straightened out.

ramimac · on Oct 10, 2024

It's not available in this case, or every case. When available, you can search "The data was provided by" in https://haveibeenpwned.com/PwnedWebsites

Thorrez · on Oct 11, 2024

Thanks! Slight correction: only 2 breaches say "provided by" with a source, but a ton of breaches say "provided to" HIBP with a source.

ramimac · on Sept 12, 2024

https://github.com/juliocesarfort/public-pentesting-reports is a substantial collection of public reports

Off the top of my head, DoyenSec has some good reports in there targeting web apps

ramimac · on Aug 15, 2024

Press Release version in case anyone gets paywalled: https://www.prnewswire.com/news-releases/iverfiy-discovers-s...