Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
veganism.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Veganism Social is a welcoming space on the internet for vegans to connect and engage with the broader decentralized social media community.

Administered by:

Server stats:

271
active users

veganism.social: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.4.0-alpha.5

#middleware

2 posts2 participants0 posts today
Public
Tino Eberl

Ein Hackerangriff auf #Oracle sorgt für Aufsehen. Mehrere Unternehmen haben bestätigt, dass ihre #Kundendaten, die ein Angreifer online veröffentlicht hat, echt sind.

Laut #Sicherheitsforscher​n nutzte der Angreifer eine #Schwachstelle in der veralteten #Middleware Oracle Fusion Middleware 11g. #Oracle hatte den Vorfall zunächst abgestritten. Betroffen sind bis zu sechs Millionen #Datensätze.

#Cyberangriff#Datenleck#ITSecurity
Public
Suzanne Aldrich (she/her)

Critical Next.js Middleware Vulnerability (CVE-2025-29927)

A major auth bypass vulnerability in Next.js middleware (prior to v14.2.25 / v15.2.3) allows attackers to inject the x-middleware-subrequest header and bypass authorization entirely. Exploitable via simple HTTP requests—no user interaction, no special permissions.

Patch. Now. Or block the header manually.

GitHub scored this 9.1 CRITICAL, but the real issue? This flaw exposes a systemic weakness in middleware validation, and some vendors weren’t exactly upfront about the risks.

Details + POC: zeropath.com/blog/nextjs-middl
NVD: nvd.nist.gov/vuln/detail/CVE-2

Security theater is easy. Secure defaults and transparency are harder—but essential.

zeropath.comNext.js Middleware Exploit: Deep Dive into CVE-2025-29927 Authorization Bypass - ZeroPath BlogExplore the critical CVE-2025-29927 vulnerability in Next.js middleware, enabling attackers to bypass authorization checks and gain unauthorized access.
#infosec#AppSec#NextJS
Replied in thread
Public *
Kevin Karhan :verified:

@Fenreliania So I'd rather expect #W4Games to make that #SDK integration happening with a sort-of toolchain similar to #Unity: Thus they as a #Company can comply with all the #NDAs and #Gatekeeping the Platform Owners demand - just like Unity today.

Console manufacturers usually just provide #commercial #Engine #developers and #middleware providers with #devkits to make their stuff work, they rarely invest into that themselves outside 1st party / inhouse exclusives.
mastodon.gamedev.place/@Fenrel

Gamedev MastodonFenreliania, Many Gamedevs (@Fenreliania@mastodon.gamedev.place)@kkarhan@mstdn.social Console support is definitely lacking right now, mostly because it's an open source engine so including proprietary work ain't simple. But I reckon with more people using Godot, it won't be long before console manufacturers develop exporters for Godot, for use by developers in the same way as devkits.
Public
Ben Ptacek

I will do a quick #introduction...

Mainly a tech geek that is currently focused on tech such as #kubernetes #terraform #ansible and general #cicd technologies.

Love my #homelab, but would like to get into more of a minimal power homelab. Using #rancher with RKE2 and EKS (kubernetes) that is mostly automated. I also dabble in #vmware and #mikrotik, but previous backgrounds are in many #middleware technologies.

Excited to learn more about #fediverse as I go.

VegansExploreLive feeds
About