@foursignalsdev.bsky.social on Bluesky

JavaScript RequiredThis is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is. Learn more about Bluesky at bsky.social and atproto.com.

Post

Gene Conroy-Jones

foursignalsdev.bsky.social

did:plc:446o4dvplp6vhhjayeapiuxt

BadHost (CVE-2026-48710) bypasses Starlette auth via malformed Host headers. Affects 325M weekly downloads, exposing AI agents, LLM gateways, and MCP servers. Patch Starlette and enforce Host validation at edge. https://www.foursignals.dev/wire/2026-06-01/badhost-vulnerability-exposes-ai-agents-evaluators-and-llm-d5413f

2026-06-01T15:00:13.680Z