You might be interested in …

[BleepingComputer] GitHub finds 7 code execution vulnerabilities in ‘tar’ and npm CLI

GitHub security team has identified several high-severity vulnerabilities in npm packages, “tar” and “@npmcli/arborist,” used by npm CLI. The tar package receives 20 million weekly downloads on average, whereas arborist gets downloaded over 300,000 times every week. […] Source: Read More (BleepingComputer)

Read More

[ThreatPost] Microsoft Translation Bugs Open Edge Browser to Trivial UXSS Attacks

All posts, ThreatPost

The bug in Edge’s auto-translate could have let remote attackers pull off RCE on any foreign-language website just by sending a message with an XSS payload. Source: Read More (Threatpost)

Read More

Daily NCSC-FI news followup 2019-07-16

Commando VM: The Complete Mandiant Offensive VM isc.sans.edu/diary/Commando+VM%3A+The+Complete+Mandiant+Offensive+VM/25136 Penetration testers commonly use their own variants of Windows machines when assessing Active Directory environments. Commando VM was designed specifically to be the go-to platform for performing these internal penetration tests. The benefits of using a Windows machine include native support for Windows and Active Directory, using […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.