CVSS v4.0 will be published on October 1, 2023, with major changes compared to CVSS v3.1. This blog posts discusses these changes in detail and provides example vulnerabilities to clarify the new concepts.
This blog post covers the basics of prompt injection and provides you with some common techniques to reveal the system prompt.
One-time passwords are much more likely to be guessed than you think. This blog post discusses the probability of brute-forcing them, how to do it effectively and how to defend against attacks.
Did you know the HSTS header can be used as a tracking mechanism? Or that Firefox caps the number of stored HSTS entries at 1024? Starting with the very basics, this blog post will cover all of the above topics.