[The Invisible JavaScript Backdoor](https://css-tricks.com/the-invisible-javascript-backdoor/)

作者举了一个例子，通过不可见的 Unicode 绕过代码 review，实现任意可执行代码注入。

---

https://twitter.com/TheASF/status/1400875147163279374

> Did you know that Ingenuity, the Mars 2020 Helicopter mission, is powered by Apache Log4j?

Log4j 最近爆出的漏洞相信大家都有所耳闻，有趣的是 Apache 基金会今年早些时候发推宣传过火星飞船上也有 Log4j，这下好了。

---

https://m.okjike.com/originalPosts/5fd860b573cd6a0018f19a7f

> 推荐一个数字游民的参考性网站，针对地区城市有非常全面的信息
>
> 各项指标从天气，空气，医疗交通，到 LGBTQ 友好程度，安全性，再到当地网速，地区游民热度和远程工作岗位应有尽有
>
> [nomadlist.com](https://nomadlist.com/)

![image](https://user-images.githubusercontent.com/8287771/145707151-ca5e5a49-f104-4666-85a6-26a76d373008.png)

---

https://twitter.com/hundredrabbits/status/1469162746662948867

> Wrote a little tracker 🎹

https://user-images.githubusercontent.com/8287771/145706420-6e8d4095-364f-40cc-8c47-8e2f9c777dce.mp4

---

[SuperDMs](https://www.superdms.app/)

给回复推文的人批量发私信。

---

[Code Hike](https://codehike.org/)

一个专注于生成围绕代码的文档的工具。

---

[Cakebrew](https://www.cakebrew.com/)

Homebrew 的 GUI。


Weekly #40