Draft:Lenin Alevski
| Submission declined on 30 April 2025 by BuySomeApples (talk). This submission's references do not show that the subject qualifies for a Wikipedia article—that is, they do not show significant coverage (not just passing mentions) about the subject in published, reliable, secondary sources that are independent of the subject (see the guidelines on the notability of people). Before any resubmission, additional references meeting these criteria should be added (see technical help and learn about mistakes to avoid when addressing this issue). If no additional references exist, the subject is not suitable for Wikipedia.
Where to get help
How to improve a draft
You can also browse Wikipedia:Featured articles and Wikipedia:Good articles to find examples of Wikipedia's best writing on topics similar to your proposed article. Improving your odds of a speedy review To improve your odds of a faster review, tag your draft with relevant WikiProject tags using the button below. This will let reviewers know a new draft has been submitted in their area of interest. For instance, if you wrote about a female astronomer, you would want to add the Biography, Astronomy, and Women scientists tags. Editor resources
|  |
| Submission declined on 28 April 2025 by Greenman (talk). This submission's references do not show that the subject qualifies for a Wikipedia article—that is, they do not show significant coverage (not just passing mentions) about the subject in published, reliable, secondary sources that are independent of the subject (see the guidelines on the notability of people). Before any resubmission, additional references meeting these criteria should be added (see technical help and learn about mistakes to avoid when addressing this issue). If no additional references exist, the subject is not suitable for Wikipedia. Declined by Greenman 11 days ago. | |
| Submission declined on 12 April 2025 by Gheus (talk). This submission's references do not show that the subject qualifies for a Wikipedia article—that is, they do not show significant coverage (not just passing mentions) about the subject in published, reliable, secondary sources that are independent of the subject (see the guidelines on the notability of people). Before any resubmission, additional references meeting these criteria should be added (see technical help and learn about mistakes to avoid when addressing this issue). If no additional references exist, the subject is not suitable for Wikipedia. Declined by Gheus 28 days ago. | |
Comment: The notability issues still haven't been fixed. BuySomeApples (talk) 20:27, 30 April 2025 (UTC)
- Comment: No substantial changes since the previous decline. Greenman (talk) 08:33, 28 April 2025 (UTC)
Lenin Alevski | |
|---|---|
 alevski in 2022 | |
| Occupation(s) | Computer security specialist, hacker, and public speaker |
| Employer | Google[1] |
Lenin Alevski is a Mexican security engineer and independent security researcher. He is known for discovering vulnerabilities in cloud-native technologies and has presented at international cybersecurity conferences.[2] As of 2025, he works as a security engineer at Google.[1]
Career
[edit]Alevski began working at Google as a security engineer in late 2022.[1] He has contributed to vulnerability research across various open-source and enterprise platforms, as evidenced by his disclosed CVEs.
Security Research
[edit]Alevski has identified several security vulnerabilities in widely used software, leading to the assignment of Common Vulnerabilities and Exposures (CVEs). Some of his notable discoveries include:
- CVE-2023-39059 – A vulnerability in Ansible Semaphore that allows remote code execution through crafted payloads in the extra variables parameter.[3][4]
- CVE-2022-35919 – A path traversal vulnerability in MinIO’s admin API that could expose arbitrary files.[5][6]
- CVE-2021-41266 – An authentication bypass issue in MinIO’s Operator Console affecting external IDP configurations.[7][8]
Talks and Conferences
[edit]Alevski has spoken at numerous cybersecurity conferences, including DEF CON, RSA Conference, and BSides events, focusing primarily on Kubernetes security, application security, and cloud security. Some of his notable talks include DEF CON 32 (2024) in Las Vegas, NV, US, where he covered topics such as Chatbots for Cybersecurity[9], Recon MindMap[10], Kubernetes Security[11], and Red Team Kubernetes Attacks[12]. At the RSA Conference (2024, 2023, 2022) in San Francisco, CA, US, he presented on Kubernetes Security and Chatbots for Cybersecurity. He also conducted hands-on Kubernetes Security sessions at BSidesSF (2024[13], 2023, 2022) in San Francisco, CA, US. Additionally, he spoke about Kubernetes Security at the DragonJAR Security Conference (2024)[14] in Bogotá, Colombia, and at HACKMIAMI XI (2024)[15] in Sunny Isles Beach, FL, US.
Media Coverage
[edit]Alevski’s research has gained significant attention from multiple cybersecurity news outlets, particularly for his work on security vulnerabilities in Mastodon. His findings have been featured in renowned publications such as Forbes[16], which highlighted security issues in the Twitter alternative, TechRadar[17], where experts analyzed Mastodon’s flaws, Dark Reading[18], which examined the platform’s vulnerabilities under scrutiny, SC Media[19], discussing the increasing security concerns as Mastodon’s popularity grows, and SecurityWeek[20], which covered researchers' growing interest in the platform’s security as its user base expands.
External links
[edit]References
[edit]- ^ a b c @Alevsk (30 November 2023). "Hoy cumplí 1 año en Google, que rápido pasa el tiempo 🤯" (Tweet) (in Spanish). Retrieved 17 April 2025 – via Twitter.
{{cite web}}: CS1 maint: url-status (link) - ^ "Lenin Alevski Huerta Arias". RSA Conference. RSA Conference LLC. 9 May 2024. Retrieved 17 April 2025.
- ^ "CVE-2023-39059". Retrieved 6 February 2025.
- ^ "Security Advisory for CVE-2023-39059". Retrieved 6 February 2025.
- ^ "CVE-2022-35919". Retrieved 6 February 2025.
- ^ "MinIO Security Advisory". GitHub. Retrieved 6 February 2025.
- ^ "CVE-2021-41266". Retrieved 6 February 2025.
- ^ "MinIO Console Security Advisory". GitHub. Retrieved 6 February 2025.
- ^ "Chatbots - lavillahacker". Archived from the original on 11 January 2025.
- ^ "Recon MindMap - reconvillage". Archived from the original on 30 January 2025.
- ^ "Kubernetes Security: Hands-On Attack and Defense". Archived from the original on 7 December 2024.
- ^ "The Red Team Village - Introduction to Kubernetes common attack techniques". Archived from the original on 19 November 2024.
- ^ "BSidesSF 2024". Archived from the original on 19 November 2024.
- ^ "Dragonjar Security Conference 2024". Archived from the original on 10 September 2024.
- ^ "Kubernetes Insecurity - Attacking & Defending Modern Infrastructure". Archived from the original on 23 April 2024.
- ^ "Twitter Alternative Mastodon Has Security Issues". Forbes. Retrieved 6 February 2025.
- ^ "Security Experts Are Laying Mastodon's Flaws Bare". 23 November 2022. Retrieved 6 February 2025.
- ^ "Cybersecurity Pros Put Mastodon Flaws Under the Microscope". Retrieved 6 February 2025.
- ^ "Mastodon Security Increasingly Scrutinized Amid Growing Popularity". 22 November 2022. Retrieved 6 February 2025.
- ^ "Security Researchers Looking at Mastodon as Its Popularity Soars". 21 November 2022. Retrieved 6 February 2025.