Location, Memory, Cosmos, Exchange, PAC
Robert Heaton disclosed the location tracking attack over Bumble.
Linux kernel 5.14 is released. The new syscall memfd_secret is included, which creates an anonymous file to access secret memory regions.
Wiz discovered an exploit, termed ChaosDB, that could take over Microsoft Azure Cosmos DB. About 30% of Cosmos DB customers are notified of the potential breach.
Trend Micro discussed ProxyToken vulnerability over Microsoft Exchange Server that could be used to forward emails to attackers.
Pac-Resolver, an NPM module that has 3 million downloads per week, has an RCE vulnerability as it used the NodeJS vm module as a sandbox.