CVE-2025-4035 - Libsoup Cookie Vulnerability Explained—with Exploit Example
A newly-disclosed security flaw, CVE-2025-4035, impacts the popular HTTP library libsoup. The bug lets attackers bypass cookie protection for public suffix domains (think: .com, .org)
CVE-2025-24252 - Understanding and Exploiting a Use-After-Free Vulnerability in Apple Operating Systems
In June 2024, Apple fixed a critical use-after-free (UAF) vulnerability registered as CVE-2025-24252 across several of its platforms. This bug affected a broad swath of
CVE-2025-46327 - TOCTOU Race Condition in gosnowflake Golang Driver Threatens Easy Logging Configurations
If your Go applications connect to Snowflake’s data platform using the popular gosnowflake driver, there is a recent critical security advisory you need to
CVE-2025-3224 - Privilege Escalation in Docker Desktop for Windows Update Process
Recent research has uncovered a privilege escalation vulnerability in Docker Desktop for Windows (CVE-2025-3224). If exploited, a local, low-privileged attacker could gain SYSTEM permissions by
CVE-2025-31651 - Exploiting Rewrite Rule Bypass in Apache Tomcat — Details, Demo, and Defense
Apache Tomcat is one of the world’s most popular Java web servers. This spring, security researchers found a serious flaw — CVE-2025-31651 — that affects how
Episode
00:00:00
00:00:00