The Trojan horse of cybercrime: Weaponizing SaaS notification pipelines

By Diana Brown Cisco Talos has recently observed an increase in activity that is leveraging notification pipelines in popular collaboration platforms to deliver spam and phishing emails. These emails are transmitted using the legitimate mail delivery infrastructure associated with GitHub and Jira...

EUVD-2021-19580

Malware in sbrugna...

Design/Logic Flaw

Octobox is software for managing GitHub notifications. Prior to pull request PR 2807, a user of the system can provide a specifically crafted search query string that will trigger a ReDoS vulnerability. This issue is fixed in PR 2807...

Octobox 安全漏洞

Octobox is a tool for managing GitHub notifications. A security vulnerability exists in Octobox PR versions prior to 2807, which originates from a ReDoS vulnerability that can be triggered by a system user providing a specially crafted search query string...

CVE-2021-32848 Octobox ReDoS vulnerability

Octobox is software for managing GitHub notifications. Prior to pull request PR 2807, a user of the system can provide a specifically crafted search query string that will trigger a ReDoS vulnerability. This issue is fixed in PR 2807...