Cybersecurity 101: OWASP Top 10 for LLM Applications, updated for 2025
In an expected turn of events, OWASP has released the Top 10 for Large Language Models, updated for…
Cybersecurity
80 posts
Web Security 101: Understanding Cross-Origin Resource Sharing (CORS)
Continuing the web security headers series, after covering HSTS (Strict Transport Security), and CSP (Content Security Policy), now…
Critical Authentication Bypass Found in Really Simple Security: 4M WordPress Sites at Risk
Wordfence’s Threat Intelligence team has identified a critical authentication bypass vulnerability affecting over 4 million WordPress sites that…
Cyber Resilience Act: Security Requirements in Development
On October 10th, 2024, the EU Parliament mandated security standards for connected software with the enactment of the…
PostgreSQL PL/Perl Vulnerability: ENV Variable Exploit & Dev Notes
Researchers have discovered a high-severity vulnerability in PostgreSQL’s PL/Perl trusted language extension that could allow attackers to execute…
Web Security 101: Understanding Strict-Transport-Security Headers
In this series of evaluating web security headers, we are now diving in with HSTS, the HTTP Strict-Transport-Security…
Introduction to Offensive Security – The Ethics and Legality of Cybersecurity
Offensive security practices like penetration testing and red teaming are used to identify and address vulnerabilities before malicious…
Web Security 101: Understanding Content Security Policy Headers (CSP)
Content security policy (CSP) is a browser feature that can help minimize the risk of a multitude of…
OWASP Top 10: A Sign of Progress in Web Security
As sarcastic as it sounds, even with all the ever-increasing data breaches and various attacks, we are seeing…
Synology affected by a critical zero-click flaw. Another win for Pwn2Own Ireland 2024
In a weird sense, it feels good to point out security issues on competitors, even though we recommend…