Best Css 3 Podcasts (2025)

1
SANS Stormcast Tuesday, April 29th: SRUM-DUMP 3; Policy Puppetry; Choice Jacking; @sansinstitute at #RSAC 7:37

7h ago7:37

7:37

SRUM-DUMP Version 3: Uncovering Malware Activity in Forensics Mark Baggett released SRUM-DUMP Version 3. The tool simplifies data extraction from Widnows System Resource Usage Monitor (SRUM). This database logs how much resources software used for 30 days, and is invaluable to find out what software was executed when and if it sent or received netw…

1
662: Alternative Browsers, Discord vs Circle, and AI in the Browser 1:03:00

1d ago1:03:00

1:03:00

Show Description We're talking browsers and discussing alternative options like Vivaldi and Brave, the implications of Chrome's potential sale to OpenAI, the impact of AI on browser functionality, Discord vs Circle, and building with Hotwire. Listen on Website → Links Newfangled Browser Alternatives – Frontend Masters Blog Zen Browser Horse Browser…

1
SANS Stormcast Monday, April 28th: Image Steganography; SAP Netweaver Exploited 7:55

1d ago7:55

7:55

Example of a Payload Delivered Through Steganography Xavier and Didier published two diaries this weekend, building on each other. First, Xavier showed an example of an image being used to smuggle an executable past network defenses, and second, Didier showed how to use his tools to extract the binary. https://isc.sans.edu/diary/Example%20of%20a%20…

1
Make JavaScript Art with p5.js 2.0, new React 19 Features, Solid.js just turned 10, and more EP32 JavaScript News 3:31

2d ago3:31

3:31

Today, we'll be talking about some p5.js 2.0's latest update and overhaul, new experimental React 19 features, and 10 years of Solid.js and the revolutions that came along with it. Visit ThisWeekinJavaScript.com to subscribe to our Newsletter. Make sure you subscribe to the podcast for weekly updates and share this podcast with your friends!…

1
Apache Storm, Disruptor, JCTools and Linearizability 1:06:51

2d ago1:06:51

1:06:51

An airhacks.fm conversation with Francesco Nigro (@forked_franz) about: JCTools as a Java concurrency utility library created by Nitsan Wakart,the history of JCTools and how Cliff Click donated his non-blocking HashMap algorithm to the project,contributions to JCTools including weight-free queue implementations,Apache Storm vs. Apache Kafka,explana…

1
SANS Stormcast Friday, April 25th: SMS Gateway Scans; Comvault Exploit; Patch Window Shrinkage; More inetpub issues; 6:38

4d ago6:38

6:38

Attacks against Teltonika Networks SMS Gateways Attackers are actively scanning for SMS Gateways. These attacks take advantage of default passwords and other commonly used passwords. https://isc.sans.edu/diary/Attacks%20against%20Teltonika%20Networks%20SMS%20Gateways/31888 Commvault Vulnerability CVE-2205-34028 Commvault, about a week ago, publishe…

1
SANS Stormcast Thursday, April 24th: Honeypot iptables Maintenance; XRPL.js Compromise; Erlang/OTP SSH Vuln affecting Cisco 5:44

5d ago5:44

5:44

Honeypot Iptables Maintenance and DShield-SIEM Logging In this diary, Jesse is talking about some of the tasks to maintain a honeypot, like keeping filebeats up to date and adjusting configurations in case your dynamic IP address changes https://isc.sans.edu/diary/Honeypot%20Iptables%20Maintenance%20and%20DShield-SIEM%20Logging/31876 XRPL.js Compro…

1
SANS Stormcast Wednesday, April 23rd: More xorsearch Updates; DKIM Replay Attack; SSL.com Vulnerability Fixed 6:18

6d ago6:18

6:18

xorsearch.py: Ad Hoc YARA Rules Adhoc YARA rules allow for easy searches using command line arguments without having to write complete YARA rules for simple use cases like string and regex searches https://isc.sans.edu/diary/xorsearch.py%3A%20%22Ad%20Hoc%20YARA%20Rules%22/31856 Google Spoofed via DKIM Replay Attack DKIM replay attacks are a known i…

1
SANS Stormcast Tuesday, April 22nd: Phishing via Google; ChatGPT Fingerprint; Asus AI Cloud Vuln; PyTorch RCE 5:35

7d ago5:35

5:35

It's 2025, so why are malicious advertising URLs still going strong? Phishing attacks continue to take advantage of Google s advertising services. Sadly, this is still the case for obviously malicious links, even after various anti-phishing services flag the URL. https://isc.sans.edu/diary/It%27s%202025...%20so%20why%20are%20obviously%20malicious%2…

1
661: Working Vacations, Ripping Out JavaScript, and Non-US Cloud Service Options 58:56

8d ago58:56

58:56

Show Description What are the non-US cloud services options, falling off the blogging train and trying to get back on, working on vacation, Chris recaps the Alaskan Folk Festival experience, how often do you go back and clean out JavaScript, and the idea of gilding just one lily on a new project. Listen on Website → Links European Alternatives A la…

1
Opensource and JVM Ports 1:00:01

8d ago1:00:01

1:00:01

An airhacks.fm conversation with Volker Simonis (@volker_simonis) about: discussion about carnivorous plants,explanation of how different carnivorous plants capture prey through movement,glue,or digestive fluids,Utricularia uses vacuum to catch prey underwater,SAP's interest in developing their own JVM around Java 1.4/1.5 era,challenges with SAP's …

1
SANS Stormcast Monday, April 21st: MSFT Entra Lockouts; Erlang/OTP SSH Exploit; Sonicwall Exploit; bubble.io bug 7:31

8d ago7:31

7:31

Microsoft Entra User Lockout Multiple organizations reported widespread alerts and account lockouts this weekend from Microsoft Entra. The issue is caused by a new feature Microsoft enabled. This feature will lock accounts if Microsoft believes that the password for the account was compromised. https://www.bleepingcomputer.com/news/microsoft/widesp…

1
GPT 4.1, o3 and o4-mini are OpenAI's smartest, RIP JavaScript Records and Tuples, a new 800KB JavaScript runtime, and more EP31 JavaScript News 3:33

9d ago3:33

3:33

Today, we'll be talking about some OpenAI's newest GPT 4.1, o3 and o4-mini models, their Codex CLI Programming AI Agent, Updates from the TC39 Conference, and Hako, a new 800KB JavaScript runtime. Visit ThisWeekinJavaScript.com to subscribe to our Newsletter. Make sure you subscribe to the podcast for weekly updates and share this podcast with your…

1
SANS Stormcast Friday, April 18th: Remnux Cloud Environment; Erlang/OTP SSH Vuln; Brickstorm Backdoor Analysis; GPT 4.1 Safety Controversy 6:18

11d ago6:18

6:18

RedTail: Remnux and Malware Management A description showing how to set up a malware analysis in the cloud with Remnux and Kasm. RedTail is a sample to illustrate how the environment can be used. https://isc.sans.edu/diary/RedTail%2C%20Remnux%20and%20Malware%20Management%20%5BGuest%20Diary%5D/31868 Critical Erlang/OTP SSH Vulnerability Researchers …

1
SANS Stormcast Thursday April 17th: Apple Updates; Oracle Updates; Google Chrome Updates; CVE News; 6:04

12d ago6:04

6:04

Apple Updates Apple released updates for iOS, iPadOS, macOS, and VisionOS. The updates fix two vulnerabilities which had already been exploited against iOS. https://isc.sans.edu/diary/Apple%20Patches%20Exploited%20Vulnerability/31866 Oracle Updates Oracle released it quarterly critical patch update. The update addresses 378 security vulnerabilities…

1
SANS Stormcast Wednesday Apr 16th: File Upload Service Abuse; OpenSSH 10.0 Released; Apache Roller Vuln; Possible CVE Changes 5:54

13d ago5:54

5:54

Online Services Again Abused to Exfiltrate Data Attackers like to abuse free online services that can be used to exfiltrate data. From the originals , like pastebin, to past favorites like anonfiles.com. The latest example is gofile.io. As a defender, it is important to track these services to detect exfiltration early https://isc.sans.edu/diary/On…

1
SANS Stormcast Tuesday April 15th: xorsearch Update; Short Lived Certificates; New USB Malware 5:35

15d ago5:35

5:35

xorsearch Update Diedier updated his "xorsearch" tool. It is now a python script, not a compiled binary, and supports Yara signatures. With Yara support also comes support for regular expressions. https://isc.sans.edu/diary/xorsearch.py%3A%20Searching%20With%20Regexes/31854 Shorter Lived Certificates The CA/Brower Forum passed an update to reduce t…

1
660: Teaching CSS, Conferences, and Masonry Updates 58:48

15d ago58:48

58:48

Show Description Follow up on thoughts about teaching CSS from scratch, questions about conferences to attend as well as a way to kickstart a conference idea, some Balatro thoughts, and our thoughts on the recent Grid vs Masonry debate. Listen on Website → Links The Homebrewery - NaturalCrit SmashingConf in-person Conferences 2025 — Friendly, inclu…

1
SANS Stormcast Monday April 14th: Langlow AI Attacks; Fortinet Attack Cleanup; MSFT Inetpub; 7:07

16d ago7:07

7:07

Exploit Attempts for Recent Langflow AI Vulnerability (CVE-2025-3248) After spotting individaul attempts to exploit the recent Langflow vulnerability late last weeks, we now see more systematic internet wide scans attempting to verify the vulnerability. https://isc.sans.edu/forums/diary/Exploit+Attempts+for+Recent+Langflow+AI+Vulnerability+CVE20253…

1
MUST KNOW JavaScript features in 2025, Google Firebase Studio, amazing Node.js playbook, and more EP30 JavaScript News 3:45

16d ago3:45

3:45

Today, we'll be talking about some must-know JavaScript features in 2025, Google's vibe coding platform, Firebase Studio, and more! Visit ThisWeekinJavaScript.com to subscribe to our Newsletter. Make sure you subscribe to the podcast for weekly updates and share this podcast with your friends!By Jam.dev

1
Pure Java Blockchain 1:01:11

18d ago1:01:11

1:01:11

An airhacks.fm conversation with Richard Bair (@RichardBair) about: discussion about Hedera public ledger and its underlying technology,explanation of Hashgraph algorithm for consensus and transaction ordering,comparison to other blockchain technologies like Bitcoin and ethereum,Hedera's democratic approach to block production versus leader-based s…

1
SANS Stormcast Friday April 11th: Network Infraxploit; Windows Hello Broken; Dell Update; Langflow Exploit 5:34

18d ago5:34

5:34

Network Infraxploit Our undergraduate intern, Matthew Gorman, wrote up a walk through of CVE-2018-0171, an older Cisco vulnerability, that is still actively being exploited. For example, VOLT TYPHOON recently exploited this problem. https://isc.sans.edu/diary/Network+Infraxploit+Guest+Diary/31844 Windows Update Issues / Windows 10 Update Microsoft …

1
SANS Stormcast ThursdayApril 10th: Getting Past PyArmor; CenterStack RCE; Android 0-Day Patch; VMware Tanzu Patches; Odd Win11 Directory; WhatsApp File Confusion; SANS AI Guide; 6:35

20d ago6:35

6:35

Getting Past PyArmor PyArmor is a python obfuscation tool used for malicious and non-malicious software. Xavier is taking a look at a sample to show what can be learned from these obfuscated samples with not too much work. https://isc.sans.edu/diary/Obfuscated%20Malicious%20Python%20Scripts%20with%20PyArmor/31840 CenterStack RCE CVE-2025-30406 Glad…

1
SANS Stormcast Wednesday, April 10th: Microsoft Patch Tuesday; Adobe Patches; OpenSSL 3.5 with PQC; Fortinet 7:19

20d ago7:19

7:19

Microsoft Patch Tuesday Microsoft patched over 120 vulnerabilities this month. 11 of these were rated critical, and one vulnerability is already being exploited. https://isc.sans.edu/diary/Microsoft%20April%202025%20Patch%20Tuesday/31838 Adobe Updates Adobe released patches for 12 different products. In particular important are patches for Coldfusi…

1
SANS Stormcast Tuesday, April 8th: 6:18

22d ago6:18

6:18

XORsearch: Searching With Regexes Didier explains a workaround to use his tool XORsearch to search for regular expressions instead of simple strings. https://isc.sans.edu/diary/XORsearch%3A%20Searching%20With%20Regexes/31834 MCP Security Notification: Tool Poisoning Attacks Invariant labs summarized a critical weakness in the Model Context Protocol…

1
659: CSS Carousel Configurator Demos with Adam Argyle 1:10:29

22d ago1:10:29

1:10:29

Show Description Adam Argyle joins us to chat about new CSS features that are demo'd in a carousel configurator - a builder-like experience to help visualize the capabilities of a CSS only Carousel: buttons, markers, paging and inertness. Listen on Website → Guests Adam Argyle Guest's Main URL • Guest's Social CSS at Google. Links Chrome Canary Fea…

1
SANS Stormcast Monday April 7th 2025: New Username Report; Quickshell Vulnerability; Apache Traffic Director Request Smuggeling 6:14

23d ago6:14

6:14

New SSH Username Report A new ssh/telnet username reports makes it easier to identify new usernames attackers are using against our telnet and ssh honeypots https://isc.sans.edu/diary/New%20SSH%20Username%20Report/31830 Quickshell Sharing is Caring: About an RCE Attack Chain on Quick Share The Google Quick Share protocol is susceptible to several v…

1
React 19.1 is out, new JavaScript runtime better than Node.js, Safari 18.4 brings new WebKit features, and more EP29 JavaScript News 3:04

23d ago3:04

3:04

Today, we'll be talking about the React 19.1 update, Bare, a new JavaScript runtime, Safari's 18.4 update, and more. Visit ThisWeekinJavaScript.com to subscribe to our Newsletter. Make sure you subscribe to the podcast for weekly updates and share this podcast with your friends!By Jam.dev

1
High-Performance Load Testing 1:10:10

23d ago1:10:10

1:10:10

An airhacks.fm conversation with Francesco Nigro (@forked_franz) about: discussion about the importance of stress testing over System Tests and unit tests,Coordinated Omission Problem in load generators where they don't accurately measure server performance during slowdowns,introduction to HyperFoil as a high-performance load generator capable of g…

1
SANS Stormcast Friday, Apr 4th: URL Frequency Analysis; Ivanti Flaw Exploited; WinRAR MotW Vuln; Tax filing scams; Oracle Breach Update 6:16

26d ago6:16

6:16

Exploring Statistical Measures to Predict URLs as Legitimate or Intrusive Using frequency analysis, and training the model with honeypot data as well as log data from legitimate websites allows for a fairly simple and reliable triage of web server logs to identify possible malicious activity. https://isc.sans.edu/diary/Exploring%20Statistical%20Mea…

1
SANS Stormcast Thursday Apr 3rd: Juniper Password Scans; Hacking Call Records; End to End Encrypted GMail 9:23

27d ago9:23

9:23

Surge in Scans for Juniper t128 Default User Lasst week, we dedtect a significant surge in ssh scans for the username t128 . This user is used by Juniper s Session Smart Routing, a product they acquired from 128 Technologies which is the reason for the somewhat unusual username. https://isc.sans.edu/diary/Surge%20in%20Scans%20for%20Juniper%20%22t12…

1
SANS Stormcast Wednesday Apr 2nd: Apple Updates Everything; 7:16

28d ago7:16

7:16

Apple Patches Everything Apple released updates for all of its operating systems. Most were released on Monday with WatchOS patches released today on Tuesday. Two already exploited vulnerabilities, which were already patched in the latest iOS and macOS versions, are now patched for older operating systems as well. A total of 145 vulnerabilities wer…

1
SANS Stormcast Tuesday Apr 1st: Apache Camel Exploits; New Cert Authorities Requirements; Possible Oracle Breach 7:36

29d ago7:36

7:36

Apache Camel Exploit Attempt by Vulnerability Scans A recently patched vulnerability in Apache Camel has been integrated into some vulnerability scanners, like for example OpenVAS. We do see some exploit attempts in our honeypots, but they appear to be part of internal vulnerablity scans https://isc.sans.edu/diary/Apache%20Camel%20Exploit%20Attempt…

1
658: Andy Bell on Working with Clients, Writing, and Building Courses for Web Builders 1:02:22

29d ago1:02:22

1:02:22

Show Description We're joined by Andy Bell, the founder of Set Studio. They discuss the evolution of web design, the importance of client relationships, and the innovative approaches taken at Set Studio and Piccalilli. The conversation covers the shift from traditional design methods to a more browser-centric approach, the challenges of client work…

1
SANS Stormcast Monday, March 31st: Comparing Phishing Sites; DOH and MX Abuse Phishing; opkssh 7:15

30d ago7:15

7:15

A Tale of Two Phishing Sties Two phishing sites may use very different backends, even if the site itself appears to be visually very similar. Phishing kits are often copied and modified, leading to sites using similar visual tricks on the user facing site, but very different backends to host the sites and reporting data to the miscreant. https://is…

1
Your Next.js website might be hacked, ChatGPT-4o Image Generation, State of Vue.js 2025, and more EP28 JavaScript News 3:36

1M ago3:36

3:36

Today, we'll be talking about Next.js' security vulnerability, ChatGPT-4o's game-changing image generation features and how it can be used in JavaScript apps, and The State of Vue.js Report 2025! Visit ThisWeekinJavaScript.com to subscribe to our Newsletter. Make sure you subscribe to the podcast for weekly updates and share this podcast with your …

1
Enterprise LLM Integration: Bridging Java and AI in Business Applications 1:05:08

1M ago1:05:08

1:05:08

An airhacks.fm conversation with Burr Sutter (@burrsutter) about: discussion about integrating LLMs into enterprise Java applications,challenges with non-deterministic LLM outputs in deterministic code environments,limitations of chat interfaces for power users in enterprise settings,preference for form-based applications with prompts running behin…

1
SANS Stormcast Friday, March 28th: Sitecore Exploited; Blasting Past Webp; Splunk and Firefox Vulnerabilities 6:15

1M ago6:15

6:15

Sitecore "thumbnailsaccesstoken" Deserialization Scans (and some new reports) CVE-2025-27218 Our honeypots detected a deserialization attack against the CMS Sitecore using a thumnailaccesstoken header. The underlying vulnerability was patched in January, and security firm Searchlight Cyber revealed details about this vulnerability a couple of weeks…

1
SANS Stormcast Thursday Mar 27th: Classifying Malware with ML; Malicious NPM Packages; Google Chrome 0-day 4:50

1M ago4:50

4:50

Leveraging CNNs and Entropy-Based Feature Selection to Identify Potential Malware Artifacts of Interest This diary explores a novel methodology for classifying malware by integrating entropy-driven feature selection with a specialized Convolutional Neural Network (CNN). Motivated by the increasing obfuscation tactics used by modern malware authors,…

1
SANS Stormcast Wednesday Mar 26th: XWiki Exploit; File Converter Correction; VMWare Vulnerability; Draytek Router Reboots; MMC Exploit Details; 6:14

1M ago6:14

6:14

XWiki Search Vulnerablity Exploit Attempts (CVE-2024-3721) Our honeypot detected an increase in exploit attempts for an XWiki command injection vulnerablity. The vulnerability was patched last April, but appears to be exploited more these last couple days. The vulnerability affects the search feature and allows the attacker to inject Groovy code te…

1
SANS Stormcast Tuesday Mar 25th: Privacy Awware Bots; Ingress Nightmare; Malicious File Converters; VSCode Extension Leads to Ransomware 5:55

1M ago5:55

5:55

Privacy Aware Bots A botnet is using privacy as well as CSRF prevention headers to better blend in with normal browsers. However, in the process they may make it actually easier to spot them. https://isc.sans.edu/diary/Privacy%20Aware%20Bots/31796 Critical Ingress Nightmare Vulnerability ingress-nginx fixed four new vulnerabilities, one of which ma…

1
657: David Darnes on Web Components and Design Systems 1:04:51

1M ago1:04:51

1:04:51

Show Description David Darnes joins us to talk about his work on the Nord design system, writing web components, working with embeds and web components, thoughts on building a progress bar or notification component, keeping design systems and design tools in sync, and tricks for components and variables. Listen on Website → Guests David Darnes Gues…

1
SANS Stormcast Monday Mar 24th: Critical Next.js Vulnerability; Microsoft Trust Signing Platform Abuse 7:10

1M ago7:10

7:10

Critical Next.js Vulnerability CVE-2025-29927 A critical vulnerability in how the x-middleware-subrequest header is verified may lead to bypassing authorization in Next.js applications. https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware https://github.com/vercel/next.js/security/advisories/GHSA-f82v-jwr5-mffw http…

1
From Predator Plants to Concordance with Java 1:04:15

1M ago1:04:15

1:04:15

An airhacks.fm conversation with Volker Simonis (@volker_simonis) about: early computing experiences with Schneider CPC (Amstrad in UK) with Z80 CPU,CP/M operating system as an add-on that provided a real file system,programming in Basic and Turbo Pascal on early computers,discussion about gaming versus programming interests,using a 9-pin needle pr…

1
Next.js vs. TanStack, rsdoctor for rspack, OpenAI o1's pricing problem, and more EP27 JavaScript News 3:25

1M ago3:25

3:25

Today, we'll be talking about the the Next.js vs. TanStack debate, and how TanStack might just be better and more pocket-friendly, rsdoctor for rspack and webpack, and OpenAI o1's huge pricing problem. Visit ThisWeekinJavaScript.com to subscribe to our Newsletter. Make sure you subscribe to the podcast for weekly updates and share this podcast with…

1
SANS Stormcast Friday Mar 21st: New Data Feeds; SEO Spam; Veeam Deserialization; IBM AIX RCE; 8:24

1M ago8:24

8:24

Some New Data Feeds and Little Incident We started offering additional data feeds, and an SEO spamer attempted to make us change a link from an old podcast episode. https://isc.sans.edu/diary/Some%20new%20Data%20Feeds%2C%20and%20a%20little%20%22incident%22./31786 Veeam Deserialization Vulnerability Veeam released details regarding the latest vulner…

1
SANS Stormcast Thursday Mar 20th: Cisco Smart Licensing Attacks; Vulnerable Drivers again; Synology Advisories Updated 7:09

1M ago7:09

7:09

Exploit Attempts for Cisco Smart Licensing Utility CVE-2024-20439 CVE-2024-20440 Attackers added last September's Cisco Smart Licensing Utility vulnerability to their toolset. These attacks orginate most likely from botnets and the same attackers are scanning for a wide range of additional vulnerabilities. The vulnerability is a static credential i…

1
SANS Stormcast Wednesday Mar 19th 2025: Python DLL Side Loading; Tomcast RCE Correction; SAML Roulette; Windows Shortcut 0-Day 7:18

1M ago7:18

7:18

Python Bot Delivered Through DLL Side-Loading A "normal", but vulnerable to DLL side-loading PDF reader may be used to launch additional exploit code https://isc.sans.edu/diary/Python%20Bot%20Delivered%20Through%20DLL%20Side-Loading/31778 Tomcat RCE Correction To exploit the Tomcat RCE I mentioned yesterday, two non-default configuration options mu…

1
SANS Stormcast Tuesday Mar 18th 2025: Analyzing GUID Encoded Shellcode; Node.js SAML Vuln; Tomcat RCE in the Wild; CSS e-mail obfuscation 7:03

1M ago7:03

7:03

Static Analysis of GUID Encoded Shellcode Didier explains how to decode shell code embeded as GUIDs in malware, and how to feed the result to his tool 1768.py which will extract Cobal Strike configuration information from the code. https://isc.sans.edu/diary/Static%20Analysis%20of%20GUID%20Encoded%20Shellcode/31774 SAMLStorm: Critical Authenticatio…

1
656: Onboarding Woes, Coloring Links, and AI Slop Theories 55:21

1M ago55:21

55:21

Show Description Onboarding users is a lot more difficult than you might think it is, how should links be coloured or styled, keeping web software up to date, why does some AI slop get created in the first place, getting context for why things happened or decisions were made, and our first bullet point dev career story (Steve's version). Listen on …

Podcasts Worth a Listen

Css 3 Podcasts

Podcasts Worth a Listen

Quick Reference Guide