Research Worth Reading Week 33/2024

This week again, we publish a list of research worth reading! Make sure you check it out!

❤️ We wrote the code, and the code won

Do you want to get some insights into the future of crypto(graphy), make sure you check out the latest blog post from Trail of Bits on SLH-DSA.

📖 Mixing watering hole attacks with history leak via CSS

Some fun with CSS and information leak in this article: Mixing watering hole attacks with history leak via CSS. Nothing new but it's always interesting to see how this kind of tricks can be used and modernized. I particularly loved that quote: Mark my words: CSS will bring you more shells than C

🎥 Walkthrough of CVE-2023-7028 - Account Takeover via Password Reset

The team at GitLab just published a video on CVE-2023-7028. This is actually one of the CVEs I use in my Security Code Review Training as I think it perfectly illustrates a common issue with modern and more specifically Rails applications: Walkthrough of CVE-2023-7028 - Account Takeover via Password Reset

👉 AppSec eZine #548

AppSec eZine is back with issue #548

Photo of PentesterLab
Written by PentesterLab
The platform to learn web hacking and security code review
Related Blog Posts
☝️