Loading...

Tag trends are in beta. Feedback? Thoughts? Email me at [email protected]

Listen to the whispers: web timing attacks that work

Implementing Tic Tac Toe with 170mb of HTML – No JavaScript or CSS

Smashing the state machine: the true potential of web race conditions

Implementing Tic Tac Toe with 170mb of HTML - no JS or CSS

Belgium launches nationwide safe harbor for ethical hackers

Researcher drops Lexmark RCE zero-day rather than sell vuln ‘for peanuts’

Serious Security Hole Plugged in Infosec Tool "binwalk"

Hijacking service workers via DOM Clobbering

Stealing passwords from infosec Mastodon - without bypassing CSP

Security Certification Body (ISC)2 Defends Proposed Bylaw Changes

API security: Broken access controls, injection attacks plague the enterprise

Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling

JWT attacks | Web Security Academy

Dozens of high-traffic websites vulnerable to ‘account pre-hijacking’, study

WordPress sites getting hacked ‘within seconds’ of TLS certificates being issued

Socket: New tool takes a proactive approach to prevent OSS supply chain attacks

Internal AWS credentials swiped by researcher via SQL payload

Cross-Site Scripting (XSS) Cheat Sheet - 2022 Edition | Web Security Academy

SQL injection vulnerability in e-learning platform Moodle could enable database takeover

Top web hacking techniques used in 2021

HTTP/3: Everything you need to know about the next-generation web protocol

SnapFuzz: New fuzzing tool speeds up testing of network applications

Google Project Zero hails dramatic acceleration in security bug remediation

DNA data of sexual assault victims exposed in breach at US laboratory

Critical vulnerabilities in Zabbix Web Front end allow authentication bypass

Bittersweet Symfony: Devs accidentally turn off CSRF protection in PHP framework

Critical Samba flaw presents code execution threat

Chain of vulnerabilities led to RCE on Cisco Prime servers

Vote for the Top 10 web hacking techniques of 2021

Same-origin violation vulnerability in Safari 15 could leak a user’s website

More →