This article highlights key findings from 2024 reports on AI and GenAI technologies, focusing on their potential and major challenges.| Help Net Security
Earlier this year I spent some time delving into Atlassian Confluence to see if I could dig up any bugs that had slipped through the cracks. I wasn't really expecting to turn up much, but I was super excited and surprised when I managed to find an issue within the RSS feed plugin leading to Cross-Site Scripting (XSS) (Twitter: 1, 2; LinkedIn: 1, 2; BugCrowd: 1, 2).| /dev/alias – Hack. Dev. Transcend.
Earlier this year I had an opportunity to spend some time looking at Squiz Matrix, a Content Management System (CMS) used across a number of sectors including higher eduction, media and publishing, goverment, finance, health, and utilities. With a huge number of features, a massive PHP codebase, and a numbr of high profile sectors as clients, I set out to see if I could find any interesting little bugs hidden away.| /dev/alias – Hack. Dev. Transcend.