Another great week! Enjoy!
💎 The Ruby on Rails _json Juggling Attack
Another fantastic article from Luke on The Ruby on Rails _json Juggling Attack. A must-read for Ruby on Rails enthusiasts!
🍊 Unveiling Hidden Transformers in Windows ANSI [PDF]
Don't miss out on the BlackHat Europe slides from DevCore Unveiling Hidden Transformers in Windows ANSI and some new fun with Windows Unicode.
🌨️ When Replicas Go Rogue - A Deep Dive into Cloudflared Replicas Exploitation Scenarios
A deep-dive into Cloudflare Replicas with multiple attack scenarios, well written and definitely worth a read if you are targeting applications leveraging Cloudflare.
🔍 DOMPurify 3.2.1 Bypass (Non-Default Config)
A great article on DOMPurify and how to leverage namespace confusion using is.
