Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite

This is such a significant week for us, to finally have Stefan join us as a proper employee at HIBP. When you start out as a pet project, you never really consider yourself a "proper" employee because, well, it's just you mucking around. And then when Charlotte started "officially" working for HIBP a few years ago, well, that's my wife helping me out. To have someone whose sole purpose it is to write code that makes this thing tick and build all sorts of amazing new features expands our capacity to actually produce stuff many times over. I use that term "actually produce stuff" because it was precious little time I had to do this, given all the things involved in running HIBP. It's an exciting time for all three of us now 😊

References

1. Sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device.
2. Finally, we have a proper employee at HIBP! (we announced Stefan joining us a few months ago, and now he's finally here)
3. FlokiNET gave mSpy's takedown request the finger (I get them not wanting to cow-tow to an organisation of that nature, but I also don't like seeing troves of personal info floating around)
4. Meanwhile, mSpy has stuck with their existing blog post about how safe the service is (c'mon guys, seriously...)
5. Tracki: You don't spy software when you have spy hardware (but they're pretty much cut from the same cloth as mSpy)
6. Bounty begger 1: you have no XFO header (and then his PoC didn't work... because there's a frame ancestors CSP)
7. Bounty begger 2: can't consistently spell his own name, but has found a "dangerous vulnerability" (which he almost certainly hasn't)