-
[Cloudflare Warp][1] can cause `tsh` logins to fail as follows (observed in Teleport v13.4.14 and v14):
[1]: https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/
``…
-
### Comment:
In light of recently added [backdoor in `xz`](https://tukaani.org/xz-backdoor/) (for versions **not** packaged by conda-forge!) there have been [concerns raised](https://github.com/libar…
-
In an effort to ensure [our risk identification and mitigation framework](https://github.com/finos/ai-readiness/issues/10) adheres to industry standards we intend to map our known risks and mitigation…
-
Excellent work! Thank you!
I realize NanaZip is a UWP app that needs to be installed as such to work correctly, but version 3.X can be extracted and launched as a regular non-UWP app. The only issu…
ghost updated
7 months ago
-
> Surfaced as a core discussion topic on the first call ([2023-10-04](https://github.com/WICG/identity-credential/wiki/2023-10-04-Meeting-Notes)).
Sub topics:
- Risks for persistent/global ident…
-
Yingchen Wang et al. recently released a [Hertzbleed: Turning Power Side-Channel Attacks Into Remote Timing Attacks on x86](https://www.hertzbleed.com/).
In essence, frequently boosting on *mainstr…
-
### Session description
This is an interactive session to understand how to mitigate a [number of specific threats](https://lists.w3.org/Archives/Public/public-review-comments/2024Sep/0017.html) iden…
-
**Question**
Does the library contain mitigations for the "ALBeast" vulnerability was made public todayt?
https://www.miggo.io/resources/uncovering-auth-vulnerability-in-aws-alb-albeast
-
There's a [Threat model](https://github.com/libp2p/specs/blob/master/ROADMAP.md#-attack-resistance-threat-models-and-security) item on the roadmap and would like to know if there's been any recent pub…
-
This is likely a long-term wish, but so it not gets entirely forgotten.
See https://go.dev/blog/supply-chain
Some ideas:
- We could add also transitive dependencies to the manifest to make them…