PentesterLab's Blog: Insights, weekly research highlights, and deep dives into web security, code review, and pentesting.

Research Worth Reading - Week 18, 2026

🤖 AI threats in the wild: The current state of prompt injections on the web • 🪟 Persistence Atlas: 19 Techniques Nobody Talks About • 😳 Securing GitHub: Wiz Research uncovers RCE in GitHub.com

May 4, 2026

Filter: All Research APPSEC AuthZ CAREER Code Review Insight JWT PENTESTING

Insight

What you don't see

More and more, with the progress of coding agents, people are rewriting software.And honestly, it looks easy. You write a good ...

Louis Nyffenegger Mar 1, 2026 · 9 min read

Insight

What Dependency Management Can Learn from Certificate Management?

There was a time when certificate management was a constant source of outages. Not because TLS is complicated, and not because ...

Louis Nyffenegger Feb 10, 2026 · 15 min read

Insight

When Code Is Cheap, What Happens to AppSec?

With Anthropic's Opus 4.5, Ralph Wiggum Loop and GastOwn, a few people on the bleeding edge of AI-based software development are ...

Louis Nyffenegger Feb 10, 2026 · 6 min read

Insight

Need for Speed: AI, Security, and Productivity

Security and privacy have always been about doing the right thing while balancing it with staying productive. People do not work ...

Louis Nyffenegger Feb 3, 2026 · 5 min read