Apache Airflow is the #1 starred open-source workflows application on GitHub.

A common problem in programming language design is the question of what the type of integral literals should be, and if they are untyped, what the rules for implicitly converting them to regular integer types should be. This is part of the more general problem…

Certego has always been strongly involved in researching new ways to analyze malware. We have been working for some time on new projects aimed to...

attack on Internet routing infrastructure

Download Signal for Android, iOS, Linux, macOS, and Windows.

A new ransomware operator uses stealthy techniques, but borrows heavily from other players.

Learn about fuzzing testing, including who should fuzz, what types of fuzzers exist, how to write a good harness to perform blackbox analysis on a given program.

Semgrep rules for GitHub Actions

It’s widely reported worldwide that Facebook, WhatsApp, and Instagram are down at the moment.

Techniques for pentesting and exploiting file read conditions in web applications, also with a pinch of recommendations for…

IoT Inspector identified security vulnerabilities affecting the UPnP implementation of Broadcom’s SDK that affect vendors such as Cisco or Linksys.

A tool to extract the IdP cert from vCenter backups and log in as Administrator - horizon3ai/vcenter_saml_login

Yamale, schema validator for YAML files. Attackers can bypass security and run arbitrary code. See the details, fix and recommendations from the JFrog security team.

Posted in r/netsec by u/mateusnr • 237 points and 14 comments

Tool to decrypt iOS apps using r2frida. Contribute to as0ler/r2flutch development by creating an account on GitHub.

Welcome to the magical world of proactive SIMs.

This post attempts to explore the security and privacy concerns related with vaccine credential systems, by way of threat modelling and exploring the various risks and attacks conceivable against such systems.... Furthermore, we'll look at these concerns…