Blog

Wardriving 2024: Using Electricity Meter Readers to Get In

Blog

The Akamai Origin Disclosure Non-vulnerability

Blog

Vulnerability Disclosure: Authentication Bypass in Auth0

Blog

Vulnerability Disclosure: Session Fixation in Auth0

Blog

Mobile Authenticator Apps Algorithm Support Review - 2023 Edition

Blog

Man-in-The-Middle Session Fixation in Securitas Direct My Pages

Blog

The Devise Extension That Peeled off One Layer of the Security Onion (CVE-2021-28680)

Blog

CSN Follow-Up: Another CAPTCHA Problem Hidden In Plain Sight

Blog

Brute-Forcing Borrowers' PINs at the Swedish Board of Student Finance (CSN)

Blog

PKI Is Hard - How Yubico Trusted OpenSSL And Got It Wrong