Rust rustles up fix for 10/10 critical command injection bug on Windows in std lib
BatBadBut hits Erlang, Go, Python, Ruby as well
Patches
10 Apr 2024 | 56
Hipster collaboration platform Slack has shuttered an access control bypass that allowed users to hijack any account. The flaws reported by security researcher David Viera-Kurz lay in twin path traversal and access control bypasses. Slack paid Viera-Kurz US$9000 for privately reporting two flaws under its bug bounty program …