❌

Reading view

Pickle in the Middle – Hijacking Vertex AI Model Uploads for Cross-Tenant RCE

Unit 42 discovered a Vertex AI Python SDK vulnerability that allows remote code execution via bucket squatting. Read the article for more.

The post Pickle in the Middle – Hijacking Vertex AI Model Uploads for Cross-Tenant RCE appeared first on Unit 42.

  •  
  •  
  •  
  •  

Google Cloud Authenticator: The Hidden Mechanisms of Passwordless Authentication

Explore Google’s synced passkey architecture. Unit 42 details its mechanisms, key management, and secure communication in passwordless systems."

The post Google Cloud Authenticator: The Hidden Mechanisms of Passwordless Authentication appeared first on Unit 42.

  •  
❌