Cyber Security News Aggregator
.Cyber Tzar
provide acyber security risk management
platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.
First slide label
Some representative placeholder content for the first slide.
Second slide label
Some representative placeholder content for the second slide.
Third slide label
Some representative placeholder content for the third slide.
Can you break our pickle sandbox? Blog + exploit challenge inside
published on 2025-10-30 17:47:29 UTC by /u/valmareloxContent:
I've been working on a different approach to pickle security with a friend.
We wrote up a blog post about it and built a challenge to test if it actually holds up. The basic idea: we intercept and block the dangerous operations at the interpreter level during deserialization (RCE, file access, network calls, etc.). Still experimental, but we tested it against 32+ real vulnerabilities and got <0.8% performance overhead.
Blog post with all the technical details: https://iyehuda.substack.com/p/we-may-have-finally-fixed-pythons
Challenge site (try to escape): https://pickleescape.xyz
Curious what you all think - especially interested in feedback if you've dealt with pickle issues before or know of edge cases we might have missed.
[link] [comments]
https://www.reddit.com/r/netsec/comments/1ok6iot/can_you_break_our_pickle_sandbox_blog_exploit/
Published: 2025 10 30 17:47:29
Received: 2025 10 30 18:06:02
Feed: /r/netsec - Information Security News and Discussion
Source: /r/netsec - Information Security News and Discussion
Category: Cyber Security
Topic: Cyber Security
Views: 4
