after seeing @garethheyes's post about making tic-tac-toe in just css (no js, no html), i decided to give it a shot too!
i ended up using a different approach involving custom properties and animations for state and mouse input, and it works pretty well!
https://t.co/lTBOURGLmT
Beware the Cookie Monster! 🍪
We found a vulnerability in the Cyberhaven browser extension that allowed attackers to steal any cookie from their victim. Learn about the details in our latest blog post:
https://t.co/RlbvYQglCO
#appsec#security#vulnerability
Inspired by @PaulosYibelo, I thought about what improvements I could make to trick users into pressing buttons that perform sensitive actions. Finding some vulnerable targets along the way!
Read the details in my latest blog post below:
https://t.co/Bl7UxxZ4qV
Last year, I committed to uncovering critical vulnerabilities in Maven repositories. Now it’s time to share the findings: RCE in Sonatype Nexus, Cache Poisoning in JFrog Artifactory, and more! Read it all below 🧵
Candy Crush, Tinder, MyFitnessPal: See the thousands of apps hijacked to spy on your location
A hack of location data company Gravy Analytics has revealed which apps are—knowingly or not—being used to collect your information behind the scenes.
🔗 https://t.co/f3906gLVC0
What a year! We look back and summarize our security research highlights of 2024:
🪲 Vulnerabilities in Jenkins, SourceForge, Joomla, and much more
🎙️ 7 talks, including DEF CON and Hexacon
🏆 5 nominations and 1 award
https://t.co/EYfGfOn9ni
#research#vulnerability#appsec
have you been using webshells recently? we've been watching you hack govts and more.
join us on our latest ill-advised adventure...
until next time.. :-)
https://t.co/Cnh524hb7h
After quite some CTFs and challenges solved, this awesome challenge from hxp 38C3 CTF is the first one I ever did a writeup for. Check it out:
https://t.co/s4poL3TvaC
#38C3#ctf#hxpctf
🚨 Try your hand at our latest XSS Challenge! 🚨
Can you get alert(origin) executed in each problem?
This challenge features 3 problems crafted by our security experts @hamayanhamayan , @ryotkak , and @kinugawamasato .
Ready to dive in? 🧠
https://t.co/qyOZTfGcV0