Ducks, dinosaurs, and XSS: A little knowledge is a dangerous thing in security

Security vulnerabilities are often misunderstood and underestimated. Based on superficial application security knowledge, you might say that cross-site scripting is people putting script tags in form fields. And that’s basically true—but only in the same way as saying ducks are basically dinosaurs. Allow me to explain.

Ducks, dinosaurs, and XSS: A little knowledge is a dangerous thing in security

Brainstorm tool release: Optimizing web fuzzing with local LLMs

System prompt exposure: How AI image generators may leak sensitive instructions

Cache bypass techniques for time-based SQL injection

Analyzing WordPress hack access logs with NotebookLM