CSOonline

Windows path conversion weirdness enables unprivileged rootkit behavior

Attackers can take advantage of how Windows converts file paths between the traditional DOS format to the more modern NT format in order to achieve rootkit-based capabilities such as hiding files and ...
CSOonline

Critical jsPDF vulnerability enables arbitrary file read in Node.js deployments

The path traversal bug allows attackers to include arbitrary filesystem content in generated PDFs when file paths are not properly validated. A now-fixed critical flaw in the jsPDF library could ...