Ostorlab: Mobile App Security Testing for Android and iOS

Tag

vulnerability

Uncovering a Second-Order Data Exfiltration Chain in Modern SPAs

How a second-order client-side data exfiltration chain was discovered in a modern SPA, transforming a simple open redirect into a multi-stage data theft vulnerability through JavaScript analysis and exploit chain validation.

Mouad Ait Ougrram


            Wed 10 December 2025

Security

Assessing the Large-Scale Exposure of CUPS Vulnerabilities: Chained CVEs Leading to Remote Code Execution

This article assesses the large-scale exposure of systems to multiple CVEs affecting the CUPS pri...

Youssef Badaoui, Saad Mazouzi


                  Wed 16 October 2024

Security

ZIP Exploitation: Critical Vulnerabilities Found in Popular Zip Libraries in Swift and Flutter

Recent in-depth investigations reveal serious vulnerabilities discovered in widely-used zip packa...

Ostorlab Team


                  Fri 04 August 2023

Engineering

Life of a Scan: how OXO's open-source vulnerability scanner works

This article talks about how OXO works under the hood.

Rabson Phiri


                  Tue 02 August 2022

vulnerability

Uncovering a Second-Order Data Exfiltration Chain in Modern SPAs

Assessing the Large-Scale Exposure of CUPS Vulnerabilities: Chained CVEs Leading to Remote Code Execution

ZIP Exploitation: Critical Vulnerabilities Found in Popular Zip Libraries in Swift and Flutter

Life of a Scan: how OXO's open-source vulnerability scanner works

Subscribe to the Ostorlab Newsletter