Open Redirect Vulnerability in Substack
Summary Substack had a open redirect vulnerability in their login flow which would have allowed an […]
Speaking @Appsec_Village @DEFCON 29
Our talk titled “The Poisoned Diary: Supply Chain Attacks on Install Scripts” was accepted at this […]
Firebase CLI Installer Making Calls to Google Analytics
Firebase is a mobile and web application development platform provided by Google. One of the tools […]
New Tools for Addressing Supply Chain Attacks
In the recent codecov.io security incident, an attacker modified a shell script used by a common […]