Category: Mix

It’s no secret that complexity is the biggest rival of safe applications. As web apps become more sophisticated, they create…

The attack landscape has been dynamic following the disclosure of the React Server Components RCE vulnerability. New information has emerged…

As the year draws to a close, it’s worth pausing to look back on what has been an extraordinary year…

This is another brilliantly written and highly misguided essay by Cory Doctorow. It demonstrates a complete lack of understanding of…

I don’t mean the human labor that we do for ourselves, like washing our own dishes or cooking our own…

I’m not the type who brags, but I have to brag about this. I guess it’s not really bragging. It’s…

This blog explores the widespread and critical state of the React2Shell vulnerability. It provides a technical overview, suggested mitigations, and…

Tom Ryder | 05 December 2025 at 13:53 UTC Detecting React2Shell with Burp Suite React2Shell vulnerabilities in Next.js applications are…

A Critical Remote Code Execution (RCE) vulnerability, identified as CVE-2025-55182, has been discovered in Next.js applications utilizing React Server Components…

On December 3, 2025, React maintainers disclosed a critical unauthenticated remote code execution (RCE) vulnerability in React Server Components (RSC),…

The API supply chain is the new security blind spot. Attackers no longer need to breach your APIs directly; they…

Dr. Jonathan Slotkin, a neurosurgeon and co-founder of Scrub Capital, published an excellent piece in the NYT today about autonomous…