The Log4j vulnerability, commonly referred to as “Log4Shell”, lit all the internet on fire recently. Last week, the Cloudflare team shared on their blog, that they have the evidence that hackers tested the vulnerability “eight days before public disclosure.” The first attempt to exploit the hole in the framework came at nine minutes after the announcement.
The initial phases of exploitation, were “mostly about reconnaissance”, while we now see the attempts at data extraction. The scale of the attacks is mind-blowing. On December 13th, Cloudflare blocked a mean of “24,642” requests per minute.
We remind everybody, that the vulnerability is actively being exploited, and therefore you must take steps to protect yourself from the attackers. We wrote about how to do that in our previous blog post.
There are few websites more appreciated by developers than Stack Overflow. Some also wonder how was it to build software before the site went live. If you are one of these people, you’d be delighted to know, that because the company’s episode hit the 400th episode, the founders decided to tell the story of their beginnings as a startup.
The transcript of the podcast’s episode is available here.
TikTok, the platform from Chinese ByteDance, is testing out a new feature, where creators will be able to stream their gameplay the same way they can stream to Twitch.
Interestingly, it turns out that the solution from the Chinese company is violating OBS’s open-source license. OBS, the standard for live streaming from PCs is licensed under the GNU Public License (GPL), which is an incredibly permissive license with one restriction: one has to open source their code as well.
Ben Torell, one of the team members working on the broadcasting software, tweeted that they have already gotten in touch with the company to resolve the issue.
CSS — the Turing complete language that makes it often too hard to center a div—was at the center of attention of this year’s “State of CSS” survey.
Some interesting conclusions can be drawn.
Firstly, the awareness of all CSS features is rather poor. As you can see on the image above, around 40% of respondents know fewer than 50% of the features mentioned in the survey. This shows poor knowledge of the overall community.
Secondly, the only technology that was in the adopt quadrant, is… Sass. There were two other technologies that were close to reaching it – Bootstrap, and PostCSS.
The third and final highlight we are going to mention is the increasing popularity of the CSS Grid. CSS Grid is the way to effortlessly divide your layout, and style each portion of the page however you see fit. Used with flexbox, it is the default way to style websites. This year, over 80% of respondents admitted they have used the native grid, whilst only 0.7% admitted they have never heard about it.
For the full results, make sure to go to https://2021.stateofcss.com/en-US/.
As the end of the year is so close, you might have already received your Spotify Wrapped 2021 summary.
For programmers, it would have been cool to get a summary of your GitHub profile, right? Now you can. If you go to https://wrapped.run/, you can get a personal review of your coding habits.