This week, we are going on a TLS adventure with a side of supply chain attack...
🤯 GymTok: Breaking TLS Using the Alt-Svc Header
A mind-blowing write-up for a CTF challenge. The challenge may be a bit unrealistic, but the write-up is definitely worth reading. A chain of small issues and multiple TLS attacks: GymTok: Breaking TLS Using the Alt-Svc Header.
🔗 How We Hacked a Software Supply Chain for $50K
From DockerHub to NPM, an excellent example of a supply chain attack: How We Hacked a Software Supply Chain for $50K.
