ROSECURIFY

Seclog - #22

Advisory: Reflected Cross-Site Scripting in cPanel (CVE-2023-29489)

Git Arbitrary Configuration Injection (CVE-2023-29007)

A Beginner’s Guide To BSidesSF

AWS Codebuild - Token Leakage

Integrating DAST into DevSecOps

CVE-2022-0540 - Authentication bypass in Seraph

WebSockets are a Pain

#1651429 Bypass parsing of transaction data, users on the phishing site will transfer/approve ERC20 tokens without being alerted

Privilege escalation in AWS Elastic Kubernetes Service (EKS)

CVE Reference Rot

Supply Chain Security Jumps the Shark

LLMs and Phishing - Schneier on Security

#1710564 Possible to spoof Origin in "Connected Sites"

Argument Injection Vectors

Announcing the deps.dev API: critical dependency data for secure supply chains

Triple Threat: NSO Group’s Pegasus Spyware Returns in 2022 with a Trio of iOS 15 and iOS 16 Zero-Click Exploit Chains

Security best practices for Amazon S3 - Amazon Simple Storage Service

Mysk🇨🇦🇩🇪: "Google has just updated its 2F…" - DEF CON Social

secvideo #

Penetrating the Cloud: Uncovering Unknown Vulns

Coding with ChatGPT is so easy, a caveman could do it

secgit #

advanced-security/enterprise-security-team

AdguardTeam/cname-trackers

pufferffish/wireproxy

sametsazak/mergen

quarkslab/pastis

akto-api-security/30-API-security-tests

WesleyWong420/RedTeamOps-Havoc-101

GreyDGL/PentestGPT

stealthsploit/OneRuleToRuleThemStill

codingo/dorky

ethiack/CVE-2023-29007

hmgle/graftcp

RhinoSecurityLabs/ccat

Subscribe to Seclog

Weekly security analysis direct to your inbox.

Share
← All Seclogs

Press / to search, Esc to close