Same as yesterday's blog post but as a high-level overview without the technical details: Kaspersky applications do not protect an internal API properly, allowing any website to send commands. Yes, websites can still do it, merely with less impact. #infosec #appsec
Just another bug hunter
A Mastodon instance for info/cyber security-minded people.