Remember, remember the 22nd of Novemberhttps://t.co/k6prBQemLn

— argp (@_argp) November 22, 2024

“Within this assessment, the red team (also referred to as ‘the team’) gained initial access through a web shell left from a third party’s previous security assessment.” 💀

Yikes. https://t.co/diON5KJODj

— Andrew Oliveau (@AndrewOliveau) November 21, 2024

There's a good blog post from @CubicleApril about cookie parsing: https://t.co/50KOfLlS7j

And I guess it's time to dust off my broader, 2010 rant about the same: https://t.co/zLV0KC9DIp

Some things have improved, but cookies are still a bit of a design fail.

— lcamtuf (@lcamtuf) November 21, 2024

Its a GREAT day for a VULN RESEARCH NEWSLETTER 📰🏴‍☠️@pagedout_zine #5 Released!

Advanced fuzzing with LibAFL @domenuk

Back2Back @watchtowrcyber blogs about the usual suspects

iOS inactivity reboot RE from @naehrdine

+ Jobs and more 👇https://t.co/1iCW0Q285T

— exploits.club (@exploitsclub) November 21, 2024

Fortinet VPN design flaw hides successful brute-force attacks - @Ionut_Ilascuhttps://t.co/HMbjeCI6nehttps://t.co/HMbjeCI6ne

— BleepingComputer (@BleepinComputer) November 21, 2024

US charges five alleged Scattered Spider members. https://t.co/IqQkmdDtuu

— switched (@switch_d) November 21, 2024

An interesting overview of how the operations of Canada's Sigint agency #CSE have developed over time, by @NewmanRobinson https://t.co/CVrzJCSnRL

— Electrospaces (@electrospaces) November 21, 2024

Wait, Temu (the infamous online sale app) was abusing CVE-2023-20963 on Android devices until they caught the developer and removed it? I want full analysis for that case alone! https://t.co/DUc5qLC0Uz

— Hamid Kashfi (@hkashfi) November 22, 2024