https://nascompares.com/podcasts/weekly/week12-2025.wav 1. Synology DSM Vulnerability Patched After PWN2OWN 2024 Disclosure Synology has resolved a man-in-the-middle vulnerability (CVE-2024-10444) that was disclosed during PWN2OWN 2024. The flaw allowed attackers to hijack admin sessions through improper certificate validation in DSM’s LDAP utilities. Affected Versions: DSM 7.1, 7.2.1, and 7.2.2.Resolution: Fixed in updates 7.1.1-42962-8, 7.2.1-69057-7, and 7.2.2-72806-3.Severity: CVSS 7.5 […]