Yakir Kadkoda | writeups.xyz

Title	Vulnerabilities	Programs	Authors
Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources	Cloud RCE DoS Account Takeover Information Disclosure	AWS	Yakir Kadkoda Ofek Itach Michael Katchinskiy
Phantom Secrets: Undetected Secrets Expose Major Corporations	Information Disclosure	Mozilla Cisco Git	Yakir Kadkoda Ilay Goldman (@GoldmanIlay)
CorePlague: Severe Vulnerabilities in Jenkins Server Lead to RCE	RCE XSS Security Code Review	Jenkins	Ilay Goldman (@GoldmanIlay) Yakir Kadkoda
Threat Alert: Private npm Packages Disclosed via Timing Attacks	Timing Attack Supply Chain Attack	GitHub	Yakir Kadkoda
CVE-2022-32223 Discovery: DLL Hijacking via npm CLI	DLL Hijacking Privilege Escalation	Node.js	Yakir Kadkoda
Package Planting: Are You [Unknowingly] Maintaining Poisoned Packages?	Logic Flaw	GitHub	Yakir Kadkoda
New npm Flaws Let Attackers Better Target Packages for Account Takeover	Information Disclosure	GitHub	Yakir Kadkoda

Page 1 of 1