Security Vulnerability

how to gain code execution on millions of people and hundreds of popular apps - eva's site

A security researcher discovered vulnerabilities in ToDesktop's build pipeline that could enable malicious code deployment to major tech applications like Cursor, Linear, and Notion Calendar. Through Firebase exploration and CLI analysis, they found ways to hijack the deployment pipeline and access sensitive credentials, potentially affecting millions of users in tech environments.

Breaking into dozens of apartment buildings in five minutes on my phone

A security researcher discovered widespread vulnerabilities in MESH by Viscount access control systems, affecting numerous apartment buildings primarily in Canada. The investigation revealed that 43% of recently exposed systems use default credentials, allowing unauthorized access to resident data and building entry control. Despite notification, the vendor Hirsch has not adequately addressed the security concerns.