Extracting data from insecure Elasticsearch templates
Analysis of the recent Oracle WebLogic Server remote code execution vulnerability
Cross-site Scripting in React Web Applications
Goodbye XSS Auditor
The Problem of String Concatenation and Format String Vulnerabilities
DNSFS: Is it possible to use DNS as a file system?
Discovering and hacking IoT devices using web-based attacks
Bypassing disabled system functions
Using Google bots as an attack vector
The dangers of incorrect CSP implementations
