Commit 9c3b742 1 parent 348cac6 commit 9c3b742 Copy full SHA for 9c3b742
File tree 1 file changed +12
-0
lines changed
1 file changed +12
-0
lines changed Original file line number Diff line number Diff line change @@ -126,3 +126,15 @@ Write-ups
126126 - Cool write-up of a bug where you can get the email of any YouTube user
127127 - YouTube leak a Google account identifier, an old Google service API takes ID
128128 as input and return the email of the ID
129+ - [ how to gain code execution on millions of people and hundreds of popular apps] ( https://kibty.town/blog/todesktop/ )
130+ ([ HN] ( https://news.ycombinator.com/item?id=43210858 ) )
131+ - [ ToDesktop vulnerability report] ( https://www.todesktop.com/blog/posts/security-incident-at-todesktop )
132+ - A build tool ToDesktop build app in container and publish release
133+ - The build pipeline is not isolated, while the key signing is done by
134+ ToDesktop within that build container, leaking the key that is applicable to
135+ push auto updates for all apps, meaning remote code execution on every
136+ computer installed those apps
137+ - The vulnerability technically allows releasing update to apps like Cursor,
138+ Linear and Notion
139+ - Also some advice and discussion in the HN thread from ToDesktop founder and
140+ Electron maintainer (Felix Riseberg)
You can’t perform that action at this time.
0 commit comments