Frenchie's Avatar

Frenchie

@fre.bsky.social

InfoSec geek for Cloud/Clusters/Containers/Credentials/CI/CD/things-starting-with-C working on something new… Honk the planet. Twitter: @nfFrenchie

540 Followers  |  263 Following  |  49 Posts  |  Joined: 24.04.2023  |  2.0426

Latest posts by fre.bsky.social on Bluesky

Video thumbnail

Day two at #Kawaiicon :D

(watch the livestream here: kawaiicon.org/livestream/)

08.11.2025 00:54 — 👍 6    🔁 1    💬 0    📌 0
Preview
a man wearing headphones is standing in front of a computer with the word live on the bottom ALT: a man wearing headphones is standing in front of a computer with the word live on the bottom
07.11.2025 22:43 — 👍 2    🔁 0    💬 0    📌 0
Preview
KawaiiconNZ - Twitch New Zealand's cute infosec con (& book publishers) ✨The weirdness returns: November 6-8, 2025

Here's the link to the #Kawaiicon livestream if anyone wants to attend remotely, starting soon: www.twitch.tv/kawaiiconnz

06.11.2025 19:49 — 👍 12    🔁 9    💬 0    📌 1

Oh wow! I’ve missed Danner megathreads!

07.11.2025 22:35 — 👍 0    🔁 0    💬 0    📌 0
Preview
milk is poured into a glass with the words milk it does a body good ALT: milk is poured into a glass with the words milk it does a body good
07.11.2025 22:27 — 👍 1    🔁 0    💬 0    📌 0
Preview
a glass of milk is on a table with a sign that says please drink some milk and lock your doors . ALT: a glass of milk is on a table with a sign that says please drink some milk and lock your doors .
07.11.2025 22:25 — 👍 2    🔁 0    💬 0    📌 0
Preview
A Retrospective Survey of 2024/2025 Open Source Supply Chain Compromises Project compromises have common root causes we can mitigate: phishing, control handoff, and unsafe GitHub Actions triggers.

To implement robust mitigations across Geomys, I did a survey of open source project compromises in 2024/2025.

Three root causes dominate: phishing, control handoff, and unsafe GitHub Actions triggers. All three can be systematically avoided.

words.filippo.io/compromise-s...

10.10.2025 14:34 — 👍 63    🔁 21    💬 4    📌 2
Preview
Trusted publishing for npm packages | npm Docs Documentation for the npm registry, website, and command-line interface

> Long-lived credential exfiltration

OpenSSF's Trusted Publishing is a partial solution here. repos.openssf.org/trusted-publ...

i.e. NPM recommends disabling long-lived credential publishing once Trusted Publishing is activated
docs.npmjs.com/trusted-publ...

14.10.2025 04:19 — 👍 0    🔁 0    💬 0    📌 0
Post image

Special 40th edition of @phrack.org at @bsidescbr.bsky.social #bsidesCBR

25.09.2025 01:35 — 👍 18    🔁 3    💬 2    📌 0

$9!! That’s an expensive visit 😝

07.06.2025 00:20 — 👍 0    🔁 0    💬 0    📌 0
Preview
a man in a suit and tie is talking to someone and saying hey . ALT: a man in a suit and tie is talking to someone and saying hey .
03.12.2024 01:00 — 👍 5    🔁 0    💬 0    📌 0
Preview
Blank Stare Sad GIF ALT: Blank Stare Sad GIF
28.11.2024 08:58 — 👍 0    🔁 0    💬 0    📌 0
Preview
a man is swimming in a pool with the words `` welcome to the party , pal '' written on it . ALT: a man is swimming in a pool with the words `` welcome to the party , pal '' written on it .
28.11.2024 08:55 — 👍 2    🔁 0    💬 0    📌 0
Preview
Ruxmon November, Fri, Nov 29, 2024, 6:00 PM | Meetup Author: Danielle Rosenfeld-Lovell Title: Unraveling GraphQL Abstract Did you know that not all APIs are RESTful? Me neither at some point in the relatively recent past! Th

For those in Melbourne, Ruxmon is on tomorrow:

www.meetup.com/ruxmon/event...

28.11.2024 01:48 — 👍 3    🔁 1    💬 0    📌 1
Preview
a drawing of a person playing drums with the words `` ba dum tsss '' . ALT: a drawing of a person playing drums with the words `` ba dum tsss '' .
28.11.2024 00:29 — 👍 1    🔁 0    💬 0    📌 0

Excuse me. How have I missed the grimace-posting?!

28.11.2024 00:29 — 👍 1    🔁 0    💬 0    📌 0

@berduck.deepfates.com

27.11.2024 22:53 — 👍 0    🔁 0    💬 0    📌 0

_
<(o )___
( ._> /
`----'

27.11.2024 22:52 — 👍 0    🔁 0    💬 1    📌 0
Post image Post image

Genuinely quite cool: github.com/threatcl/thr... + LLM to automatically generate threat models as code @xntrik.wtf

27.11.2024 05:28 — 👍 2    🔁 1    💬 0    📌 0

I know right!! Also, only 10% of the audience was permanently blinded by the lasers. Big improvement from last year!

27.11.2024 05:20 — 👍 2    🔁 0    💬 0    📌 0
Post image

A+ Dad Joke game:

“It’s only officially called Formal Threat Modelling if you’re wearing a tuxedo” - the Tao of @xntrik.wtf

27.11.2024 05:10 — 👍 1    🔁 1    💬 0    📌 0

When the vuvuzela harmonies joined in… truly sublime. Brought a tear to my eye

27.11.2024 05:01 — 👍 1    🔁 0    💬 0    📌 0

Back due to popular demand! For those that missed yesterday’s talk… bsky.app/profile/fre....

27.11.2024 04:58 — 👍 1    🔁 0    💬 0    📌 0
Xntrik on stage at CyberCon

Xntrik on stage at CyberCon

@xntrik.wtf on stage once again for an interpretive dance/drum solo encore!

You need an updated profile pic however mate…

27.11.2024 04:56 — 👍 3    🔁 1    💬 3    📌 1

Will there be an encore to the drum solo?

27.11.2024 00:56 — 👍 0    🔁 0    💬 1    📌 0

Truly inspirational drum solo mate, thank you

bsky.app/profile/fre....

26.11.2024 05:52 — 👍 1    🔁 1    💬 1    📌 0

I’m still wrapping my head around his metaphor of:

“Extra extra small spandex bike shorts: 3 lessons this taught me about B2B sales & post-breach incident response at a large professional social media tech company”

26.11.2024 05:46 — 👍 3    🔁 0    💬 0    📌 0
Xntrik on stage

Xntrik on stage

Front row seats for @xntrik.wtf’s CyberCon Keynote!

It was a pleasure to hear about his long & illustrious career.

The 17-minute avant-garde- jazz drum solo certainly was… certainly unique!

26.11.2024 05:19 — 👍 14    🔁 1    💬 3    📌 1
Screenshot of decoding a Kubernetes service account token using the jwt utility described in the skeet.

Screenshot of decoding a Kubernetes service account token using the jwt utility described in the skeet.

Very handy tool I came across today github.com/mike-engel/j... from @mike-engel.com , useful for viewing k8s service account tokens!

25.11.2024 09:39 — 👍 24    🔁 8    💬 3    📌 0
Preview
a man in a suit and tie is screaming with his mouth open and the words `` loud noises '' written on his face . ALT: a man in a suit and tie is screaming with his mouth open and the words `` loud noises '' written on his face .
23.11.2024 02:12 — 👍 1    🔁 0    💬 0    📌 0

@fre is following 20 prominent accounts