Skip to content
The Nexus
DossierENTITY

Strix

Coverage of Strix in the Nexus archive.

Earliest in view: May 4 · 17:46 UTCMost recent: May 6 · 21:15 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYMay 6 · 21:15 UTCCYBERSCOOP
    A DOD contractor’s API flaw exposed military course data and service member records

    A defense technology company exposed user records and military training materials through API endpoints lacking authorization checks. The issue affected Schemata, a virtual training platform used in military settings, and included sensitive information such as user listings and course information. The vulnerability was disclosed by Strix, an open-source security testing project.

  • SECURITYMay 4 · 17:46 UTCHACKER NEWS
    Securing a DoD Contractor: Finding a Multi-Tenant Authorization Vulnerability

    A DoD contractor was found to have a multi-tenant authorization vulnerability by Strix, a startup backed by the Department of Defense. The vulnerability is described as a zero-auth vulnerability. The discovery was made public through an article on the Strix blog.

Strix · Dossier · The Nexus