This article presents a novel technique for dynamic analysis of Android applications written with the React Native framework, from a complete black-box perspective. It’s also a story of failure, as my original intention was to achieve full-blown debugging with breakpoints and live-editing in Chrome. Eventually I proved why this is not possible and settled half-way with just live-editing from any editor
Read more…
Several vulnerabilities were discovered by F-Secure Consulting in the Cisco Integrated Management Controller (IMC) web application. The vulnerabilities combined can be leveraged to enumerate users and bypass authorisation controls.
Read more…