Post from 2025-02-12 18:57:55

OK I think this (via @cR0w) deserves some more attention ( #CrowdStrike CVE-2025-1146):

https://www.crowdstrike.com/security-advisories/cve-2025-1146/

In short, Crowd Strike agents on Linux can be MitM'd when they connect to their mothership (CS cloud).

My first Q is: what exactly is delivered to Falcon sensors from the CS cloud?

I present my second Q as a meme for higher reach:

permalink | main