Resources

This article explores how insecure default configurations in Auth0, particularly the enabled by default Implicit Grant Flow, can be exploited in combination with an XSS vulnerability to access unintended APIs and escalate privileges. It demonstrates real-world attack paths, including token leakage and account linking abuse, and provides practical recommendations for hardening Auth0 environments.

Three critical vulnerabilities in Jupyter Enterprise Gateway allow a notebook user to escalate privileges and fully compromise the underlying Kubernetes cluster.

Second part in a series of blog posts exploring dangerous patterns in Golang.

A follow-up article in our ORM Leaks series covering newly susceptible ORMs, techniques for bypassing ORM Leak protections, and demonstrating how ORM Leaks can exist in any web application that uses one.

This writeup goes through the various primitives in Jakarta Mail that could lead to high impact bugs if developers are unaware of the library's quirks. Primitives discussed here can be applied to other mail parsing libraries.

This blog article documents a new unsafe reflection gadget in the sqlite3 gem, that can also be used in a deserialisation gadget chain to achieve RCE and is installed by default in new Rails applications.

This post provides an overview of Talkback Chronicles for viewing snapshots of trending infosec resources for points in time, and also how to subscribe to a new weekly Newsletter feature.

This blog post covers a DUCTF 2024 pwn challenge called 'ESPecially Secure Boot', which required writing an exploit for CVE-2018-18558.

Part two of our ORM Leak series about attacking the Prisma ORM and leaking sensitive data in a time-based attack.