Change Other People's Avatars on a Retail Website 2024-04-06 Why you should ensure your endpoints' authorization and authentication have been thoroughly tested. Read more...
Your Order History: For All the World to See 2024-03-30 When buggy access controls can leak your personal information. Read more...
Encryption, Stacktraces, and Name Suppression 2024-03-18 What laws could be broken when best practices aren't followed? Read more...
A Pure JS Space Game 2024-02-22 Learning me some modern JavaScript without a compilation step. Read more...
Lifting PII from a News Website's Comment Section 2024-02-11 How a poorly implemented 3rd-party commenting system can leak your personal data. Read more...
