DEV Community

Security

Hopefully not just an afterthought!

Posts

đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.
Your AI Coding Agent Has Access to Your SSH Keys Right Now
connectengine profile

Your AI Coding Agent Has Access to Your SSH Keys Right Now

#security #claudecode #promptinjection #aiagents
Comments
3 min read
Find Plaintext Secrets Hiding in Your .env Files
ustun profile

Find Plaintext Secrets Hiding in Your .env Files

#cybersecurity #devops #security #tooling
Comments
4 min read
The Foom Cash Exploit: How a Skipped CLI Step in a Groth16 Trusted Setup Turned a $2.3M Privacy Protocol Into an ATM
ohmygod profile

The Foom Cash Exploit: How a Skipped CLI Step in a Groth16 Trusted Setup Turned a $2.3M Privacy Protocol Into an ATM

#security #defi #ethereum #web3
1
Comments
5 min read
Calldata Injection: The $17M Vulnerability Pattern Hiding in Every DeFi Router
ohmygod profile

Calldata Injection: The $17M Vulnerability Pattern Hiding in Every DeFi Router

#security #blockchain #defi #solidity
Comments
6 min read
The Phantom Challenge: How a Missing Hash Input in Solana's ZK Proofs Could Have Minted Unlimited Tokens
ohmygod profile

The Phantom Challenge: How a Missing Hash Input in Solana's ZK Proofs Could Have Minted Unlimited Tokens

#solana #security #blockchain #defi
Comments
5 min read
The Step Finance Autopsy: Why $27M in Audited Contracts Died From a Phishing Email
ohmygod profile

The Step Finance Autopsy: Why $27M in Audited Contracts Died From a Phishing Email

#security #blockchain #defi #solana
Comments
7 min read
How to Scan File Uploads in Express
sonotommy profile

How to Scan File Uploads in Express

#node #express #security #tutorial
1
Comments
6 min read
I Built a Clipboard Manager for Linux with AES-256 Encryption — DotGhostBoard v1.4.0 Eclipse
freerave profile

I Built a Clipboard Manager for Linux with AES-256 Encryption — DotGhostBoard v1.4.0 Eclipse

#python #linux #security #opensource
3
Comments
9 min read
The Litellm Supply Chain Attack: What Developers Need to Know About Package Security
_a1084658c738d4804957c profile

The Litellm Supply Chain Attack: What Developers Need to Know About Package Security

#security #python #devops #tutorial
Comments
3 min read
We Stopped Bolting Security onto MCP. We Built It In.
mistaike_ai profile

We Stopped Bolting Security onto MCP. We Built It In.

#mcp #sandbox #security #launch
Comments
5 min read
NH:STA S01E01 Sequoia-PGP
moremaddy profile

NH:STA S01E01 Sequoia-PGP

#opensource #rust #security #ux
1
Comments
3 min read
How to Implement HMAC Request Signing for Secure API Authentication in Node.js (2026 Guide)
1xapi profile

How to Implement HMAC Request Signing for Secure API Authentication in Node.js (2026 Guide)

#node #security #webdev #api
Comments
8 min read
The LiteLLM Attack Exposed a Bigger Problem: Your Vibe-Coded App Probably Has the Same Vulnerabilities
solobillions profile

The LiteLLM Attack Exposed a Bigger Problem: Your Vibe-Coded App Probably Has the Same Vulnerabilities

#vibecoding #security #webdev #ai
Comments
4 min read
I scanned Google.com for quantum vulnerabilities — they're already deploying post-quantum crypto (but it's not enough)
pvishwakar77301 profile

I scanned Google.com for quantum vulnerabilities — they're already deploying post-quantum crypto (but it's not enough)

#opensource #security #go #quantum
1
Comments
1 min read
EVMbench: OpenAI and Paradigm's New Benchmark Proves AI Agents Can Exploit 71% of Smart Contract Vulns
ohmygod profile

EVMbench: OpenAI and Paradigm's New Benchmark Proves AI Agents Can Exploit 71% of Smart Contract Vulns

#security #web3 #defi #smartcontracts
Comments
3 min read
đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.