Seclog - 7
Spotlight: Google Security Announcing OSV-Scanner, DACL abuse, Apple Patches iPhone Zero-Day, Meta's Bug Bounty Program in 2022, NahamCon EU, etc.
seclinks
How to build a secure Confidential Space | Google Cloud Blog
Tailscale for DevOps: Connect to any subnet in your tailnet with Connecti (by Pulumi) · Tailscale
Stories of reaching Staff-plus engineering roles - StaffEng | StaffEng
sectools
seccloud
secinterview
secvulns
#1787810 Electron CVE-2022-35954 Delimiter Injection Vulnerability in exportVariable
#1421345 Link-shortener bypass (regression on fix for #1032610)
#1724464 cd=false (DNSSEC) not respected in DNS over HTTPS JSON requests
About the security content of iOS 15.7.2 and iPadOS 15.7.2 - Apple Support
secvideo
RCE-as-a-Service: Lessons Learned from 5 Years of Real-World CI/CD Pipeline Compromise
NahamCon EU 2022: A Free Virtual Offensive Security Conference
Advent of Cyber 2022: Day 16 SQLi’s the king, the carolers sing (Walkthrough)
secgit
0xuf/DJRCE: Simple django rce exploitation with leaked SECRET_KEY variable
ax/apk.sh: apk.sh makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding and patching an APK.
4ra1n/super-xray: XRAY GUI Starter (Web Vulnerability Scanner)
gh0x0st/wanderer: An open-source process injection enumeration tool written in C#
CyberSecurityUP/Cloud-Security-Attacks: Azure and AWS Attacks