🛠️Gitxray: a security X-Ray for GitHub repositories

Bad actors in your Github? Worry no more, the awesome team at Kulkan has you covered with the new tool they just released: gitxray. They detail some of the use cases in their blog post: Gitxray: a security X-Ray for GitHub repositories.

❤️ ARVO: Atlas of Reproducible Vulnerabilities for Open Source Software

If you are looking for reproducible vulnerabilities in C/C++ based Open Source Software, look no further: read the paper and download the dataset: n132/ARVO-Meta/.

👉 Splitting the email atom: exploiting parsers to bypass access controls and Listen to the whispers: web timing attacks that actually work

It’s BlackHat and Defcon time! The research team at PortSwigger published some new research on email parsing and web timing attacks.