Numerous vulnerabilities have been found this week in Spring, a popular Java Web app development framework from VMware. Detectify Surface Monitoring and Application Scanning customers…
A tour of brace expansion, shell parameter expansions, and playing with substrings in Bash. It’s that time of year again! When stores start putting up…
Hello world, we are the Mediation Team. For those who don’t know what we do – we are here to help the ethical hacking community…
TL/DR: The past six months have brought some herculean security issues such as Log4j and the more recent Spring4Shell. It’s now not uncommon to hear…
Why IoT devices are, basically, puppies, and whether or not you should give somebody one for Christmas. Giving someone a puppy for Christmas might work…
Did you know HackerOne has had a Make It Right fund for years? Often, programs and hackers come to agreeable solutions on reports according to…
TL/DR: Users now get additional insights on what is discovered on the attack surface. This includes information such as when an asset was last seen…
Your guide to string interpolation quirks that confound the best of us. Surprisingly, getting computers to give humans readable output is no easy feat. With the…
Intro to Hacker Success Managers Earlier this year, we released a blog that shared foundational changes on our Community Team. One of our goals pointed…
TL/DR: The Hack Yourself London event gathered leading ethical hackers, industry thought leaders, and IT security experts to discuss several topics around Attack Surface expansion,…
Exploring the intersection of security, technology, and society—and what might be coming next… Standard Web Edition | January 30, 2023 🎙️If you’re not subscribed to…
How to design secure web forms: validate, sanitize, and control. While cybersecurity is often thought of in terms of databases and architecture, much of a…
