DEV Community

Security

Hopefully not just an afterthought!

Posts

đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.
Linux Process Evasion: ptrace & prctl

Linux Process Evasion: ptrace & prctl

Comments
3 min read
Understanding OWASP Mobile Top 10 (2025): A Guide for Android & iOS Developers

Understanding OWASP Mobile Top 10 (2025): A Guide for Android & iOS Developers

Comments
4 min read
A PHP login form that won't get you owned

A PHP login form that won't get you owned

Comments
3 min read
Samsung vs LG vs Roku vs Fire TV vs Apple TV: Which One Tracks You the Least?

Samsung vs LG vs Roku vs Fire TV vs Apple TV: Which One Tracks You the Least?

Comments
4 min read
The latestRoundData() Footgun That Drained Two DeFi Protocols for $19.5M

The latestRoundData() Footgun That Drained Two DeFi Protocols for $19.5M

7
Comments
6 min read
Stop Using GlobalAlloc: How to Build Constant-Time Memory in Rust

Stop Using GlobalAlloc: How to Build Constant-Time Memory in Rust

Comments
2 min read
Read your own GitHub Actions secret back (when base64 gets masked too)

Read your own GitHub Actions secret back (when base64 gets masked too)

Comments
2 min read
Your AI agent's leak risk depends more on the model than the prompt

Your AI agent's leak risk depends more on the model than the prompt

Comments
5 min read
Firebase PWA Security Audit: XSS via innerHTML, Hardcoded Credentials and a Custom Token Migration

Firebase PWA Security Audit: XSS via innerHTML, Hardcoded Credentials and a Custom Token Migration

2
Comments 3
7 min read
Reading a Verified Contract You Didn't Write: A Systematic Approach

Reading a Verified Contract You Didn't Write: A Systematic Approach

1
Comments
3 min read
Securing Apps: Password Hashing, RBAC, OAuth, and OpenID Connect

Securing Apps: Password Hashing, RBAC, OAuth, and OpenID Connect

Comments
17 min read
Someone dumped 20 zero-days on open source tools with no warning. The fuzzing was run by AI.

Someone dumped 20 zero-days on open source tools with no warning. The fuzzing was run by AI.

Comments
8 min read
crookcrypto.xyz Scammed Me $2,890.35 — Malicious Interface Used

crookcrypto.xyz Scammed Me $2,890.35 — Malicious Interface Used

Comments
5 min read
HighLevel webhooks flip X-WH-Signature X-GHL-Signature on July 1, 2026 — three silent failure modes

HighLevel webhooks flip X-WH-Signature X-GHL-Signature on July 1, 2026 — three silent failure modes

Comments
5 min read
Custom e-commerce on Firebase: catalog, atomic orders and admin panel

Custom e-commerce on Firebase: catalog, atomic orders and admin panel

1
Comments 2
6 min read
đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.