This week again, we publish a list of research worth reading! Make sure you check it out!
❤️ We wrote the code, and the code won
Do you want to get some insights into the future of crypto(graphy), make sure you check out the latest blog post from Trail of Bits on SLH-DSA.
📖 Mixing watering hole attacks with history leak via CSS
Some fun with CSS and information leak in this article: Mixing watering hole attacks with history leak via CSS. Nothing new but it's always interesting to see how this kind of tricks can be used and modernized. I particularly loved that quote: Mark my words: CSS will bring you more shells than C
🎥 Walkthrough of CVE-2023-7028 - Account Takeover via Password Reset
The team at GitLab just published a video on CVE-2023-7028. This is actually one of the CVEs I use in my Security Code Review Training as I think it perfectly illustrates a common issue with modern and more specifically Rails applications: Walkthrough of CVE-2023-7028 - Account Takeover via Password Reset
👉 AppSec eZine #548
AppSec eZine is back with issue #548
