Announcing Gluon, a new framework I started a week ago
IPC allowlist bypass allowing to arbitary IPC calls setting a malicious update endpoint
Path traversal in an Electron app leading to NodeJS execution from browser
Small write-up about getting Discord running with Electron 20.
I recently accidentally discovered a new technique for bad actors to promote malware.