I still have two pending disclosures for critical browser extension vulnerabilities. One was reported more than two months ago, the other slightly less. Just checked, neither has been resolved yet. I guess they want to cut it close to the deadline. Sending reminders… 🙄

· · Web · 1 · 0 · 1

One of the extensions managed to bring out five (5!) minor updates in the time, yet leave the vulnerable code completely unchanged. They have three weeks to go before disclosure, I should start writing the article…

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.