Backdooring Electron apps, PRFs, PRPs and other fantastic things, testing a new encrypted messaging app's claims, inside Datadog’s $5M outage
Attack on JWT using ECDSA, catching cookie bugs, Google adopts passkeys for Google Accounts, SolarWinds supply-chain hack
Dependency confusion attack on Google, OAuth pains, Attacks on Cisco routers, Pegasus spyware, secure user data hosting
Browser extension for stealing crypto, mess in password-based cryptography, handling complexity, Post Quantum Cryptography energy consumption and more
Hacking D-Link, InjectGPT, brute-forcing Bitwarden PINs, inaudible voice attacks, etc.
Voice-based biometric security, CRA, intro to database cryptography, debugging features & techniques, etc.
RAT malware, fuzzing in IoT, reversing UK rail e-tickets, side-channel in Django, etc.
Password security, SSRF vulnerabilities in SNI proxies, Bitwarden design flaw, fuzzing cURL’s CLI, etc.
Email security, exploiting URL parsers, migration challenges, USB-based espionage, applied cryptography, etc.
ZKP failures, hacking auto, mobile app development frameworks, secure software supply chains, etc.