Broken Access Control in REST APIs – Shields Up 🛡️ !
Unfortunately, I have a long relationship with Broken Access Control (BAC) in most of its forms. As a research leader, I often encounter critical security flaws that have one thing in common – they are all the result of a bad access control design.
Prototype Pollution high vulnerability in ‘mixme’ NPM package
NPM (Node Package Manager) is a gigantic software registry that contains hundreds of thousands of open source Node.js projects in the form of packages.
DLL Injection Attack in Kerberos NPM package
For those who are not familiar with NPM (Node Package Manager), it is a gigantic software registry that contains hundreds of thousands of open source Node.js projects in the form of packages. As a matter of fact, if a developer wanted to share their code with the world, NPM would be a good way to do it.