Hacker Newsnew | past | comments | ask | show | jobs | submit | albinowax_'s submissionslogin
1.
Drag and Pwnd: Exploiting VS Code with ASCII (portswigger.net)
1 point by albinowax_ 8 months ago | past
2.
Microsoft Copilot: From Prompt Injection to Exfiltration of Personal Information (embracethered.com)
4 points by albinowax_ on Aug 28, 2024 | past
3.
Chaining Three Bugs to Access All Your ServiceNow Data (assetnote.io)
2 points by albinowax_ on July 11, 2024 | past
4.
ORM Leak Vulnerabilities (elttam.com)
1 point by albinowax_ on June 25, 2024 | past
5.
Hacking millions of modems and investigating who hacked my modem (samcurry.net)
838 points by albinowax_ on June 3, 2024 | past | 272 comments
6.
Getting XXE in Web Browsers Using ChatGPT (ptsecurity.com)
1 point by albinowax_ on May 22, 2024 | past
7.
Response Filter Denial of Service: shut down a website by triggering WAF rule (sicuranext.com)
95 points by albinowax_ on May 21, 2024 | past | 26 comments
8.
Source Code Disclosure in Asp.net via Cookieless Sessions (ptsecurity.com)
1 point by albinowax_ on March 7, 2024 | past
9.
ChatGPT Account Takeover via Wildcard Web Cache Deception (nokline.github.io)
4 points by albinowax_ on Feb 12, 2024 | past
10.
Detection and Exploitation of Ivanti's Pulse Connect Secure RCE (assetnote.io)
1 point by albinowax_ on Jan 19, 2024 | past
11.
The curl quirk that exposed Burp Suite and Google Chrome (portswigger.net)
1 point by albinowax_ on March 28, 2023 | past | 1 comment
12.
Remote code execution in Homebrew by compromising the official Cask repository (ryotak.me)
4 points by albinowax_ on April 21, 2021 | past
13.
Brave browser’s Tor feature found to leak .onion queries to ISPs (portswigger.net)
2 points by albinowax_ on Feb 19, 2021 | past
14.
Cracking reCAPTCHA, Turbo Intruder Style (portswigger.net)
1 point by albinowax_ on Nov 21, 2019 | past
15.
The age of browser XSS filters is over (portswigger.net)
3 points by albinowax_ on July 16, 2019 | past
16.
Significant new web hacking techniques from 2018 (portswigger.net)
1 point by albinowax_ on Feb 28, 2019 | past
17.
Abusing Meta Programming for Unauthenticated RCE in Jenkins (blog.orange.tw)
1 point by albinowax_ on Feb 19, 2019 | past
18.
Turbo Intruder: Embracing the Billion-Request Attack (portswigger.net)
2 points by albinowax_ on Jan 28, 2019 | past
19.
An overview of the top web hacking techniques of 2017 (portswigger.net)
144 points by albinowax_ on Oct 11, 2018 | past | 11 comments
20.
Vulnerability in Hangouts Chat a.k.a. how Electron makes open redirects great (bentkowski.info)
2 points by albinowax_ on July 24, 2018 | past
21.
Exploiting Open-XChange with Blind XXE via Powerpoint Files (hackerone.com)
1 point by albinowax_ on July 23, 2018 | past
22.
Detecting Same-Origin Redirections with a Bug in Firefox's CSP Implementation (shift-js.info)
1 point by albinowax_ on July 23, 2018 | past
23.
Cloudflare, Fastly, Mozilla and Apple Working on SNI Encryption for TLS 1.3 (ietf.org)
3 points by albinowax_ on July 20, 2018 | past
24.
Evading CSP with DOM-based dangling markup (portswigger.net)
1 point by albinowax_ on July 20, 2018 | past
25.
XSS protection disappears from Microsoft Edge (portswigger.net)
1 point by albinowax_ on July 19, 2018 | past
26.
Server-Side Spreadsheet Injection – Formula Injection to Remote Code Execution (bishopfox.com)
2 points by albinowax_ on June 14, 2018 | past
27.
What website are you really on? Edge zero-day leaves users with no clue (portswigger.net)
2 points by albinowax_ on May 3, 2018 | past
28.
CSS-in-JS security issues (reactarmory.com)
2 points by albinowax_ on Sept 5, 2017 | past
29.
JSON hijacking for the modern web (portswigger.net)
3 points by albinowax_ on Nov 29, 2016 | past
30.
Exploiting CORS Misconfigurations for Bitcoins and Bounties (portswigger.net)
1 point by albinowax_ on Oct 18, 2016 | past

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: