How We Exploited Qodo: From a PR Comment to RCE and AWS Admin Key – Leaked Twicekudelskisecurity.com1 points·by spiridow·há 6 meses·0 comments
How we exploited CodeRabbit: From simple PR to RCE and write access on 1M reposresearch.kudelskisecurity.com687 points·by spiridow·há 11 meses·227 comments