Last Week in Security (LWiS) - 2025-11-18
Cloudflare takes down the internet, IDA Pro gets a TUI, Rust in Android, AI-orchestrated cyber espionage, and more!
SupaPwn: Hacking Our Way into Lovable's Office and Helping Secure Supabase
hacktron.aiWe hacked our way into Lovable's office by demoing SupaPwn — a chain that could potentially enable region-wide tenant takeover: event-trigger privilege window, DB superuser, host RCE, SUID escalation, exposed configs, orchestration takeover