Seclog - 5/6
Spotlight: 24 years old bug in ping, Nuclei's new version released, JSON Based SQL to Bypass, RCE \w CodeQL, Rust vulnerable, Visual Studio Code RCE.
I'm sorry I didn't post for last week because I've become a father for the second time. <3
seclinks
{JS-ON: Security-OFF}: Abusing JSON-Based SQL to Bypass WAF | Claroty
Scanning in the IDE: A Bad IDE(A) for Developers | securing.dev
Pre-Auth RCE with CodeQL in Under 20 Minutes | Frycos Security Diary
An open source SMS gateway for pentest projects | Pentagrid AG
Unauthenticated Remote Code Execution in Spotify’s Backstage #vulnerability
I've fuzzed a small part of the GitHub API. Here are my findings. · m's blog
Nebuchadnezzar | Practically-exploitable Cryptographic Vulnerabilities in Matrix
Common pitfalls of breaking up HTTPS connections | Almost Secure
Visual Studio Code: Remote Code Execution · Advisory · google/security-research
Novel Pipeline Vulnerability Discovered; Rust Found Vulnerable
Zero Day Initiative — Pwn2Own Toronto 2022 - Day Three Results
secgit
payloadartist/offensive-chatgpt: Offensive security use cases of ChatGPT
byt3bl33d3r/tailscalesd: Prometheus Service Discovery for Tailscale (Python Edition)
obiscr/ChatGPT: This project is a plugin that supports ChatGPT running on JetBrains series IDE.
P.S: Thanks a lot of Dogan Can Bakir.