Security Links
The OTP-less one tap Sign in plugin for WordPress is vulnerable to privilege escalation via account takeover in versions 2.0.14 to 2.0.59. This is due to the plugin not properly validating a user's identity prior to updating their details, like email. This makes it possible for unauthenticated attackers to change arbitrary users' email addresses, including administrators, and leverage that to reset the user's password and gain access to their account. Additionally, the plugin returns authentication cookies in the response, which can be used to access the account directly.
#HISTORY
Malicious Life

Malicious Life by Cybereason tells the unknown stories of the history of cybersecurity, with comments and reflections by real hackers, security experts, journalists, and politicians.

https://malicious.life/
Anarchy In Audio

A project that aims simplify the task of tracking down audiobooks for anarchist content by creating a single searchable repository of links to audiobooks, as well as expand the number of available audiobooks through the use of machine learning based text-to-speech software.

https://anarchyinaudio.github.io/
The Anarchist Library

An archive focusing on anarchism and anarchist texts.

https://theanarchistlibrary.org/