← Explore

Posts tagged with python

Security Briefing · ·5 min read

Revoke That Token and Your Home Directory Dies

The Hades campaign dropped a string into its payload that tells you everything about where supply chain attacks are heading: DontRevokeOrItGoesBoom.

supply-chainpypicredential-theft
Security Briefing · ·5 min read

A CVSS 9.1 Hiding in Python's gzip Module

Most Python developers haven't looked twice at the gzip module since they first imported it. It compresses, it decompresses, it ships with the language.

cvepythonuse-after-free
Security Briefing · ·5 min read

The Advisory Was the PoC

Most vulnerability disclosures follow a predictable rhythm.

cveai-securitywebsocket