Research: When Trusted Tools Become Attack Primitives
Full Disclosuremailing list archivesFrom: Nir Yehoshua <nir () ciphersecuritylab 2026-4-29 17:35:42 Author: seclists.org(查看原文) 阅读量:17 收藏
Full Disclosuremailing list archivesFrom: Nir Yehoshua <nir () ciphersecuritylab 2026-4-29 17:35:42 Author: seclists.org(查看原文) 阅读量:17 收藏
Full Disclosure mailing list archives
From: Nir Yehoshua <nir () ciphersecuritylabs com>
Date: Sun, 26 Apr 2026 15:10:40 +0300
Hi Full Disclosure list, I published a technical research article titled: When Trusted Tools Become Attack Primitives The article examines how trusted local utilities can become security-relevant primitives when used inside automated processing pipelines. It covers two case studies: 1. macOS textutil resolving remote resources during HTML-to-text conversion. 2. KeePassXC KDBX-controlled KDF parameters creating significant resource-consumption differences. Article: https://ciphersecuritylabs.com/research/articles/when-trusted-tools-become-attack-primitives Author: Nir Yehoshua Cipher Security Labs Regards, -- Nir Yehoshua | Co-Founder +972 50 687 7216 Nir () CipherSecurityLabs com https://ciphersecuritylabs.com/ _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Current thread:
- Research: When Trusted Tools Become Attack Primitives Nir Yehoshua (Apr 29)
文章来源: https://seclists.org/fulldisclosure/2026/Apr/13
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh