XSS Auditors – Abuses, Updates and Protection
SameSite Cookies by Default in Chrome 76 and Above
Separating Subdomains From Third-Party Hosted WWW Domains
WordPress XSS Vulnerability Can Result in Remote Code Execution (RCE)
Transforming Self-XSS Into Exploitable XSS
The End of CoinHive and the Rise of Cryptojacking
Sound Hijacking – Abusing Missing XFO
Phishing by Open Graph Protocol
Remote Hardware Takeover via Vulnerable Admin Software
Using Session Puzzling to Bypass Two-Factor Authentication
Clickjacking Attack on Facebook: How a Tiny Attribute Can Save the Corporation
The Importance of the Content-Type Header in HTTP Requests
Tabnabbing Protection Bypass
Web Browser Address Bar Spoofing
PHP Wrappers, Streams & Local File Intrusion (LFI)
The Dangers of Open Git Folders
NoScript Vulnerability in Tor Browser
What the Reddit Hack Teaches Us About Web Security
