| | Vulnerabilities in the hidden magic of Lodash, Ramda and Underscore (positive.security) |
| 6 points by rook_line_sinkr 3 months ago | past |
|
| | BlinkenCity: From Art Project to Europe-Wide Blackout Scenario (positive.security) |
| 3 points by mckirk 4 months ago | past |
|
| | BlinkenCity: From Art Project to Europe-Wide Blackout Scenario (positive.security) |
| 16 points by breakingsystems 7 months ago | past | 2 comments |
|
| | Hacking Auto-GPT and escaping its Docker container (positive.security) |
| 2 points by 80x25 on July 7, 2023 | past |
|
| | Hacking Auto-GPT and escaping its Docker container (positive.security) |
| 4 points by tiarafawn on June 29, 2023 | past | 2 comments |
|
| | Send My: Arbitrary data transmission via Apple's Find My network (2021) (positive.security) |
| 2 points by serhack_ on May 7, 2023 | past |
|
| | Ransacking your password reset tokens (positive.security) |
| 2 points by Shank on Jan 31, 2023 | past |
|
| | Ransacking your password reset tokens (positive.security) |
| 8 points by kerm1t on Jan 26, 2023 | past |
|
| | Urlscan.io’s SOAR spot: Chatty security tools leaking private data (positive.security) |
| 65 points by kerm1t on Nov 2, 2022 | past | 7 comments |
|
| | From XSS to RCE – dompdf 0-day (positive.security) |
| 6 points by News-Dog on March 17, 2022 | past |
|
| | Find You: Building a stealth AirTag clone (positive.security) |
| 225 points by kerm1t on Feb 21, 2022 | past | 102 comments |
|
| | Recovering redacted information from pixelated videos (positive.security) |
| 203 points by kerm1t on Jan 25, 2022 | past | 66 comments |
|
| | Microsoft Teams: 1 feature, 4 vulnerabilities (positive.security) |
| 340 points by kerm1t on Dec 22, 2021 | past | 256 comments |
|
| | Windows 10 RCE: The exploit is in the link (positive.security) |
| 131 points by kerm1t on Dec 7, 2021 | past | 56 comments |
|
| | Linux marketplaces vulnerable to RCE and supply chain attacks (positive.security) |
| 1 point by ashitlerferad on June 23, 2021 | past |
|
| | Linux marketplaces vulnerable to RCE and supply chain attacks (positive.security) |
| 17 points by kerm1t on June 22, 2021 | past |
|
| | Emulating AirTags to upload arbitrary data via Apple's FindMy network (positive.security) |
| 490 points by kerm1t on May 12, 2021 | past | 129 comments |
|
| | Allow arbitrary URLs, expect arbitrary code execution (positive.security) |
| 1 point by simonpure on April 16, 2021 | past |
|
| | Allow arbitrary URLs, expect arbitrary code execution (positive.security) |
| 13 points by ruph123 on April 15, 2021 | past | 1 comment |
|
