It's starting to look a lot like Christ^WHackMas
🔐 Another JWT Algorithm Confusion Vulnerability: CVE-2024-54150
Why shouldn't I share my own content? Here's a shameless plug for my article on the JWT Algorithm Confusion Vulnerability I found in a C library.
🐘 How an Obscure PHP Footgun Led to RCE in Craft CMS
Check out this excellent write-up by the Assenote team on how an obscure PHP footgun led to RCE in Craft CMS.
📚 AppSec eZine #566
The latest edition of AppSec eZine is here! Read issue #566.
Want to build these skills hands-on?
PentesterLab has 700+ real-world labs on web hacking, code review, and vulnerability analysis. Start with a free account.
