#CSRFVulnerability

What’s Bugging the NSA? A Vuln in Its ‘SkillTree’ Training Platform

by

July 10, 2024 at 09:06AM The NSA patched a CSRF vulnerability in its SkillTree platform, designed to modernize software practices within the agency and shared on GitHub in 2020. The fix addressed potential manipulation by hackers, and users were urged to apply the update. This incident highlights the inherent difficulty in identifying and addressing CSRF … Read more

Tor Code Audit Finds 17 Vulnerabilities

by

January 31, 2024 at 12:36PM A recent code security audit of the Tor network by Radically Open Security revealed 17 vulnerabilities, including a high-risk CSRF bug in the Onion Bandwidth Scanner. The issues can lead to DoS attacks, security bypass, and unauthorized access. This audit followed another by Cure53 that focused on user interface changes … Read more