Ostorlab: Mobile App Security Testing for Android and iOS

Tag

ai-pentest

That Time a Zero (could have) Broke the Internet's Plumbing (CVE-2026-0915)

An AI-assisted analysis uncovered a 30-year-old uninitialized buffer vulnerability in glibc's _nss_dns_getnetbyaddr_r function. This case study details how a zero-input edge case bypasses loop logic, causing the library to transmit raw stack memory to external DNS servers, and benchmarks how various AI models succeeded in identifying this subtle logic error where human review failed.

Ostorlab Team


            Wed 21 January 2026

Security

Javascript Interface Exposure

Ostorlab's Pentest Engine identified a JavaScript bridge exposure in an Android WebView, allowing...

Mohamed Nasser


                  Wed 07 January 2026

Product

AI Pentest Upgrades, ServiceNow Integration, Redesigned Email Notifications, and Enhanced Platform Controls

This release delivers major advancements across the Ostorlab platform, including a significant up...

Ostorlab Team


                  Wed 17 December 2025

ai-pentest

That Time a Zero (could have) Broke the Internet's Plumbing (CVE-2026-0915)

Javascript Interface Exposure

AI Pentest Upgrades, ServiceNow Integration, Redesigned Email Notifications, and Enhanced Platform Controls

Subscribe to the Ostorlab Newsletter