Explore >> Select a destination

You are here

 httptoolkit.com
HTTPS certificate non-validation vulnerability in Node.js
| | bvisness.me
Micro-libraries need to die already | Ben Visness
14.8 parsecs away

Travel
| | Somehow people are still putting tiny libraries on npm, and it really needs to stop.
| | www.datadoghq.com
The Log4j Log4Shell vulnerability: Overview, detection, and remediation | Datadog Security Labs
11.3 parsecs away

Travel
| | Learn how the Log4Shell vulnerability works, how to detect it, and how Datadog can help you secure your systems.
| | positive.security
Windows 10 RCE: The exploit is in the link | Positive Security
13.3 parsecs away

Travel
| | Chaining a misconfiguration in IE11/Edge Legacy with an argument injection in a Windows 10/11 default URI handler and a bypass for a previous Electron patch, we developed a drive-by RCE exploit for Windows 10. The main vulnerability in the ms-officecmd URI handler has not been patched yet and can also be triggered through other browsers (requires confirmation of an inconspicuous dialog) and desktop applications that allow URI opening.
| | www.nodejs-security.com
The XZ backdoor CVE-2024-3094: a JavaScript perspective
70.8 parsecs away

Travel
| The XZ backdoor CVE-2024-3094 already happened in JavaScript 5 years ago but now the xz and liblzma malware bundled onto Linux distributions is bringing forth a world-wide threatening event in cybersecurity that jeopardizes the trust, sustainability and security concerns in the open-source ecosystem.