teal lock on blue background with network
Business logic: The silent future of cyberattacks
Application Security
04 Sep 2025
Future hacks won’t trigger alarms or leave traces. No security measures will be violated. The systems are functioning normally –...

Featured Posts
Research & Threat Intel
02 Jan 2024
How to monitor your organization’s presence on the dark web
Application Security
15 Nov 2023
Can traditional pen testing keep up with modern AppSec? Ask the pen tester 
Application Security
10 Jan 2023
A pen tester’s guide to Content Security Policy

Topics

Will AI replace human pen testers?
Application Security
12 Aug 2025
It’s become pretty standard to expect the help of AI with automating tasks, with penetration testing being no exception. As...
bug bounty program graphic in light blue with bug, money and laptop icon
Bug bounty programs: Can you rely on them 100%?
Application Security
08 Jul 2025
It’s tempting to view bug bounty programs as a cheat code – an enticing shortcut to uncover vulnerabilities by tapping...
Outpost24 logo
CVE-2024-58248: Race condition vulnerability leaves nopCommerce at risk of...
Application Security
01 Jul 2025
I recently discovered an interesting race condition vulnerability in the eCommerce software nopCommerce, during a manual pen test as part...
Graphic for blog on OAuth vulnerabilities
Tokens & traps: Seven common OAuth vulnerabilities (plus mitigations)
Application Security
18 Jun 2025
In the world of modern web applications, the OAuth flow is our trusty gatekeeper, enabling seamless logins and secure data...