OCTAL SECURITYBlog

Meteor JS Security Checklist The insecure or autopublish modes are not used API keys, secrets, and credentials are not in the code base…

0-click RCE in Electron Applications TL;DR If the Electron application is not configured with appropriate features any XSS vulnerability can…

TL;DR Links to third-party websites should be properly validated and checked before opening in the Electron JS applications. If the protocol…

TL;DR XSS can be particularly devastating to Electron apps, and can result in RCE and phishing that might not be viable in a browser…