What are the risks associated with overly permissive pod creation in Kubernetes? The answer varies based on which of the host’s namespaces and... continue reading
ADVISORY SUMMARY The Mautic application is affected by stored XSS vulnerabilities. Upon exploitation, these issues allow an authenticated attacker... continue reading
Jan 11, 2021 5:00:00 AM |
By Chris Davis, Joe DeMesy
ADVISORY SUMMARY The R programming language’s default package manager CRAN is affected by a path traversal vulnerability that can lead to server... continue reading
Not long ago, an innovative startup company reached out to us with a very specific request – they needed to create a scalable, lightweight program... continue reading
One thing is for sure about 2020: it’s a year that will stick out in our memory for the rest of our lives. Luckily, in spite of many on-site,... continue reading
FireEye made the news last week for responsibly disclosing an incident to the public in which they themselves were the victim. We wrote up an ... continue reading
I'm excited to announce some new features that have been added to RMIScout. RMIScout is a tool to perform wordlist and brute-force attacks against... continue reading
ADVISORY SUMMARY Four vulnerabilities were discovered in the OpenClinic application, the most severe of which allowed an unauthenticated attacker... continue reading
In this article, we are going to discuss a variety of security risks to GraphQL deployments and migrations that we’ve seen during our client... continue reading