TGTGInsighttelegram intelligenceLIVE / telegram public index
← The Hacker News
View original
The Hacker News avatar

TGINSIGHT POST

Post #8290

@thehackernews

The Hacker News

Views9,350Post view count
PostedJan 2701/27/2026, 02:13 PM
Post content

Post content

⚠️ Update: Alma Security calls CVE-2026-1245 ParserPoison. binary-parser drops unvalidated field names and encodings into new Function(). Untrusted schemas = JavaScript execution. 🔗 How ParserPoison works under the hood → https://thehackernews.com/2026/01/certcc-warns-binary-parser-bug-allows.html