Show threadJiqiang Feng | Innora AI Security45m ago

When the signature verifier is itself remotely replaceable...

PatchProxy controls 146,173 methods in Alipay, including verifyApk() — the trust anchor recursively under attacker control. Turtles all the way down.

Batch-3 filed (10 new, 28 total):
- PatchProxy RCE: CVSS 9.8
- Lua VM RCE: CVSS 9.8
- Payment auth bypass: CVSS 9.1

Details: innora.ai/zfb/

#AndroidSecurity #RCE #ReverseEngineering

hbrpgm4h ago

L'Érosion Calculée du Contrôle Territorial

https://peer.adalta.social/w/nbaS8arJgtHDgK5mS6Emie

L'Érosion Calculée du Contrôle Territorial

PeerTube
hbrpgm4h ago

The Settler Escalation: A New Frontline Emerges

https://peer.adalta.social/w/d5NteQ1tnwEqVwKRVuinr4

The Settler Escalation: A New Frontline Emerges

PeerTube
hbrpgm4h ago

Eskalation im Westjordanland

https://peer.adalta.social/w/qFAdkRiULet1FAAeN5Q34L

Eskalation im Westjordanland

PeerTube
hbrpgm4h ago

L'économie politique des flux maritimes

https://peer.adalta.social/w/5ZJzrFJSqXQmbaRzweQZTo

L'économie politique des flux maritimes

PeerTube
hbrpgm4h ago

The Hidden Cost of Global Flow

https://peer.adalta.social/w/sn9RJt6sWcXqUJABDhmsyR

The Hidden Cost of Global Flow

PeerTube
hbrpgm5h ago

Die unsichtbaren Kosten der globalen Logistik

https://peer.adalta.social/w/6DvmvQ7PjaezbrsgJbdVUe

Die unsichtbaren Kosten der globalen Logistik

PeerTube
hbrpgm8h ago

La Concentration Stratégique du Pouvoir Sportif

https://peer.adalta.social/w/6YPjPjCZtNhRu9wu9JmcRh

La Concentration Stratégique du Pouvoir Sportif

PeerTube
hbrpgm8h ago

Leipzig Secures Germany's New Sports Agency

https://peer.adalta.social/w/vtk4zxSjn1TwfEQqRekeZP

Leipzig Secures Germany's New Sports Agency

PeerTube
hbrpgm9h ago

Leipzig als neues Zentrum der Spitzensportförderung

https://peer.adalta.social/w/ijNNts6KHDurvHk3nnc3CR

Leipzig als neues Zentrum der Spitzensportförderung

PeerTube