CVE-2025-32445 - Full Cluster Compromise via Argo Events CustomResource Templating (Explained and Exploited)
---
Argo Events is a powerful event-driven automation platform for Kubernetes — but until recently, it contained a severe security vulnerability (CVE-2025-32445) that lets attackers break
CVE-2025-24358 - Critical CSRF Protection Bypass in gorilla/csrf (Go)
gorilla/csrf is a popular middleware library that prevents Cross Site Request Forgery (CSRF) attacks in Go web apps and services. If you’re using
CVE-2023-5616 - How GNOME Control Center’s SSH Status Bug Exposed Ubuntu Users
In late 2023, a subtle but important security flaw, CVE-2023-5616, was found in Ubuntu’s GNOME Control Center—the graphical application that lets you adjust
CVE-2025-33028 - WinZip Mark-of-the-Web Bypass Exploit – What You Need to Know
In June 2024, a fresh vulnerability was discovered affecting one of the world’s most popular archiving tools, WinZip. The flaw, now tracked as CVE-2025-33028,
CVE-2025-29817 - Uncontrolled Search Path Element in Power Automate Exposes Sensitive Data
On June 7, 2024, Microsoft disclosed a security bug tracked as CVE-2025-29817, relating to “Uncontrolled Search Path Element” in the Power Automate desktop application. This
Episode
00:00:00
00:00:00