During a recent engagement, our AppSec team faced an interesting instance of limited Server Side Template Injection in Freemarker.
Our AppSec team has faced the SQLCipher library during some recent security audits of mobile applications. According to their GitHub README:
Etienne Stalmans (@_staaldraad) recently discovered a Remote Code Execution vulnerability in the version-control software Git (CVE-2018-11235).
Mathy Vanhoefm published a set of attacks against the Wi-Fi security protocol WPA2 with the name Key Reinstallation Attacks, or KRACKS.