Overview On August 24th, 2022, we reported a vulnerability to Netlify affecting their Next.js “netlify-ipx” repository which would allow an attacker to achieve persistent cross-site…
ChiBrrCon 2020: Don’t Cross Me! Same Origin Policy and all the “cross” vulns Source link
During the process of testing GAE after reading this awesome blog post, I found a debug application in Google Cloud Platform Stackdriver, user can debug…
Microsoft to boost protection against malicious OneNote documentsMicrosoft has announced that, starting in April 2023, they will be adding enhanced protection when users open or…
FROM 0 to $$$$ – MY BIGGEST BUG BOUNTY LEARNINGS! Source link
In an exclusive interview with The Cyber Express, Holly Foxcroft, Head of Neurodiversity in Cyber Research and Consulting, discussed neurodiversity and the need to create…
I was recently invited to present at BountyCon 2020. This was supposed to early March in Singapore where flights and accomodations were all provided for.…
Recently, security analysts at SentinelOne got to know about an infamous IceFire ransomware that has been found attacking both Windows and Linux enterprise networks. An…
For a healthy person in a first world country, the number of things we could do is near infinite. And yet, everyone spends 90% of…
Include This In Your Hacking Workflow by Continuous Monitoring with AuthoGraphQL (How-to guide) Source link
31 January 2020 You have probably heard of the SameSite attribute addition to HTTP cookies since Chrome 51 (and a specification thereafter). It was advertised…
Introduction You probably have read about my recent swamp of CVEs affecting a WordPress plugin called Transposh Translation Filter, which resulted in more than $30,000…
