Take a private theater with you everywhere with the best price ever on our favorite AR glasses

May 2, 2025

The XREAL Air 2 and Air 2 Pro AR glasses can be obtained at their lowest price ever for a few more days, thanks to an Amazon deal on these excellent AR glasses.

Source: Read MoreÂ / Windows Central

Previous ArticleThat new Elden Ring Nightreign trailer has me more excited than ever for the roguelike RPG, but one thing has me worried

Next Article “You are a shining example of French audacity and creativity.” Clair Obscur: Expedition 33 praised by French President Emmanuel Macron

Highlights

CVE-2025-52477 – Octo-STS GitHub App SSRF Vulnerability

June 26, 2025

CVE ID : CVE-2025-52477

Published : June 26, 2025, 5:15 p.m. | 1 hour, 44 minutes ago

Description : Octo-STS is a GitHub App that acts like a Security Token Service (STS) for the GitHub API. Octo-STS versions before v0.5.3 are vulnerable to unauthenticated SSRF by abusing fields in OpenID Connect tokens. Malicious tokens were shown to trigger internal network requests which could reflect error logs with sensitive information. Upgrade to v0.5.3 to resolve this issue. This version includes patch sets to sanitize input and redact logging.

Severity: 8.6 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Representative Line: Brace Yourself

Beyond the Pilot: A Playbook for Enterprise-Scale Agentic AI

GitHub launches MCP Registry to provide central location for trusted servers

MongoDB brings Search and Vector Search to self-managed versions of database

Distribution Release: Security Onion 2.4.180

Distribution Release: Omarchy 3.0.1

Distribution Release: Mauna Linux 25

Distribution Release: SparkyLinux 2025.09

AI Momentum and Perficient’s Inclusion in Analyst Reports – Highlights From 2025 So Far

AI Momentum and Perficient’s Inclusion in Analyst Reports – Highlights From 2025 So Far

Shopping Portal using Python Django & MySQL

Perficient Earns Adobe’s Real-time CDP Specialization

Valve Survey Reveals Slight Retreat in Steam-on-Linux Share

Valve Survey Reveals Slight Retreat in Steam-on-Linux Share

Review: Elecrow’s All-in-one Starter Kit for Pico 2

FOSS Weekly #25.38: GNOME 49 Release, KDE Drama, sudo vs sudo-rs, Local AI on Android and More Linux Stuff

Take a private theater with you everywhere with the best price ever on our favorite AR glasses

Valve Survey Reveals Slight Retreat in Steam-on-Linux Share

Review: Elecrow’s All-in-one Starter Kit for Pico 2

Pins creates and edits app shortcuts

How I used ChatGPT to quickly fix a critical open-source plugin – without touching a line of code

CVE-2025-34047 – Leadsec SSL VPN Path Traversal Vulnerability

Samsung’s new rugged phone and tablet are built to last – but still have AI smarts

CVE-2025-52477 – Octo-STS GitHub App SSRF Vulnerability

CVE-2025-3636 – Moodle RSS Feed Access Vulnerability

How to Debug CI/CD Pipelines: A Handbook on Troubleshooting with Observability Tools

South Korea’s antitrust watchdog green lights Microsoft’s practice of bundling Copilot

Take a private theater with you everywhere with the best price ever on our favorite AR glasses

Related Posts