Sherlock Scenario You were contacted early this morning to handle a high‑priority incident involving a suspected compromised server. The host, mongodbsync, is a secondary MongoDB server. According ...

CVE-2025-30208 is an arbitrary file read vulnerability in Vite development servers caused by improper handling of the @fs feature and malformed query parameters. When the dev server is exposed usin...

Vulnerability summary CVE‑2021‑32803 – Arbitrary File Creation/Overwrite in node‑tar (npm tar package) This vulnerability affects the npm package “tar” (also known as node‑tar) in versions before ...