From Security Weekly WikiJump to navigationJump to search
- Vulnerability Spotlight: Two vulnerabilities in Zoom could lead to code execution, but only one leads to my favorite: path traversal within their Giphy support.
- Zero-day in Sign in with Apple and The Real Cause of the Sign In with Apple Zero-Day explain how a privacy-protecting step in an authentication flow and a mistaken assumption exposed users to account takeover.
- Apple pushes fix across ALL devices for “unc0ver” jailbreak flaw
- Why abandoned domain names are so dangerous, especially in a world of cookie-based authentication, dependencies, and user-generated content.
- Focus on Speed Doesn’t Mean Focus on Automation, but it shouldn't mean forgetting about testing and security, either.
- Who’s Responsible for Security? Apparently, It Depends on how you read the Mapping the DevSecOps Landscape 2020 Survey Results from GitLab.