Frenchie
@fre.bsky.social
InfoSec geek for Cloud/Clusters/Containers/Credentials/CI/CD/things-starting-with-C working on something new… Honk the planet. Twitter: @nfFrenchie
Oh wow! I’ve missed Danner megathreads!
November 7, 2025 at 10:35 PM
Oh wow! I’ve missed Danner megathreads!
> Long-lived credential exfiltration
OpenSSF's Trusted Publishing is a partial solution here. repos.openssf.org/trusted-publ...
i.e. NPM recommends disabling long-lived credential publishing once Trusted Publishing is activated
docs.npmjs.com/trusted-publ...
OpenSSF's Trusted Publishing is a partial solution here. repos.openssf.org/trusted-publ...
i.e. NPM recommends disabling long-lived credential publishing once Trusted Publishing is activated
docs.npmjs.com/trusted-publ...
Trusted publishing for npm packages | npm Docs
Documentation for the npm registry, website, and command-line interface
docs.npmjs.com
October 14, 2025 at 4:19 AM
> Long-lived credential exfiltration
OpenSSF's Trusted Publishing is a partial solution here. repos.openssf.org/trusted-publ...
i.e. NPM recommends disabling long-lived credential publishing once Trusted Publishing is activated
docs.npmjs.com/trusted-publ...
OpenSSF's Trusted Publishing is a partial solution here. repos.openssf.org/trusted-publ...
i.e. NPM recommends disabling long-lived credential publishing once Trusted Publishing is activated
docs.npmjs.com/trusted-publ...
$9!! That’s an expensive visit 😝
June 7, 2025 at 12:20 AM
$9!! That’s an expensive visit 😝
Excuse me. How have I missed the grimace-posting?!
November 28, 2024 at 12:29 AM
Excuse me. How have I missed the grimace-posting?!
November 27, 2024 at 10:53 PM
_
<(o )___
( ._> /
`----'
<(o )___
( ._> /
`----'
November 27, 2024 at 10:52 PM
_
<(o )___
( ._> /
`----'
<(o )___
( ._> /
`----'
Genuinely quite cool: github.com/threatcl/thr... + LLM to automatically generate threat models as code @xntrik.wtf
November 27, 2024 at 5:28 AM
Genuinely quite cool: github.com/threatcl/thr... + LLM to automatically generate threat models as code @xntrik.wtf
I know right!! Also, only 10% of the audience was permanently blinded by the lasers. Big improvement from last year!
November 27, 2024 at 5:20 AM
I know right!! Also, only 10% of the audience was permanently blinded by the lasers. Big improvement from last year!
A+ Dad Joke game:
“It’s only officially called Formal Threat Modelling if you’re wearing a tuxedo” - the Tao of @xntrik.wtf
“It’s only officially called Formal Threat Modelling if you’re wearing a tuxedo” - the Tao of @xntrik.wtf
November 27, 2024 at 5:10 AM
A+ Dad Joke game:
“It’s only officially called Formal Threat Modelling if you’re wearing a tuxedo” - the Tao of @xntrik.wtf
“It’s only officially called Formal Threat Modelling if you’re wearing a tuxedo” - the Tao of @xntrik.wtf
When the vuvuzela harmonies joined in… truly sublime. Brought a tear to my eye
November 27, 2024 at 5:01 AM
When the vuvuzela harmonies joined in… truly sublime. Brought a tear to my eye
Back due to popular demand! For those that missed yesterday’s talk… bsky.app/profile/fre....
@xntrik.wtf on stage once again for an interpretive dance/drum solo encore!
You need an updated profile pic however mate…
You need an updated profile pic however mate…
November 27, 2024 at 4:59 AM
Back due to popular demand! For those that missed yesterday’s talk… bsky.app/profile/fre....
Will there be an encore to the drum solo?
November 27, 2024 at 12:56 AM
Will there be an encore to the drum solo?