Seclog - #41

Post Account Takeover? Account Takeover of Internal Tesla Accounts

Getting RCE in Chrome with incorrect side effect in the JIT compiler

Critical JetBrains TeamCity Flaw Could Expose Source Code and Build Pipelines to Attackers

CVE-2023-34040 Spring Kafka Deserialization Remote Code Execution

I hacked macOS! (CVE-2022-32947)

38TB of data accidentally exposed by Microsoft AI researchers

Orange: From 2013 to 2023: Web Security Ten Years of Evolution and Trends!

A Deep Dive into DNS Debugging

A tale about a Red Team exercise and the Forcepoint Endpoint One DLP client

CODE WHITE - Finest Hacking

Attacking an EDR - Part 1

The massive bug at the heart of the npm ecosystem

SocketSleuth: Improving security testing for WebSocket applications

AppSec: SecDevOps or DevSecOps? Do We Need to Choose? Guide to the What and the Why

10x Your AppSec Program with this One Simple Trick

Introducing Session Hijacking Visual Exploitation (SHVE): An Innovative Open-Source Tool for XSS Exploitation

irsl/curlshell

vulncheck-oss/go-exploit

godaddy/tartufo

yeswehack/vulnerable-code-snippets

certsio/certsio

challenge writeup content-type shenanigans

g0h4n/REC2

laiyer-ai/llm-guard

jamf/aftermath

g0ldencybersec/CloudRecon

Suggestions & Feedback

Enjoyed this post? Subscribe to Seclog for more in-depth security analysis and updates.

For any suggestions or feedback, please contact us at: [email protected]

Enjoyed this post? Subscribe for more in-depth security analysis and updates direct to your inbox.

No spam. Only high-security insights. Unsubscribe at any time.

Share this Seclog: