Let’s talk about MCPs. You’ve probably heard of them, and maybe you’ve read the security risks associated with them. Sure, they sound worrying, but when you put them into a real-world context, they can quickly become far more concerning than you can ever imagine. Just last week, our system flagged a suspicious Chrome extension. It sent messages to a port on localhost — nothing too odd at first gla
By ading2210 on 10/16/24 Introduction This blog post details how I found CVE-2024-6778 and CVE-2024-5836, which are vulnerabilities within the Chromium web browser which allowed for a sandbox escape from a browser extension (with a tiny bit of user interaction). Eventually, Google paid me $20,000 for this bug report. In short, these bugs allowed a malicious Chrome extension to run any shell comman
1
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
処理を実行中です
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
