bug bounty program graphic in light blue with bug, money and laptop icon
Bug bounty programs: Can you rely on them 100%?
Application Security
It’s tempting to view bug bounty programs as a cheat code – an enticing shortcut to uncover vulnerabilities by tapping...
Outpost24 logo
CVE-2024-58248: Race condition vulnerability leaves nopCommerce at risk of...
Application Security
I recently discovered an interesting race condition vulnerability in the eCommerce software nopCommerce, during a manual pen test as part...
Graphic for blog on OAuth vulnerabilities
Tokens & traps: Seven common OAuth vulnerabilities (plus mitigations)
Application Security
In the world of modern web applications, the OAuth flow is our trusty gatekeeper, enabling seamless logins and secure data...
Thumbnail for CyberFlex (EASM + PTaaS)
How external attack surface analysis enhances pen testing 
Application Security
Despite advancements in security, web applications are still a problem. Attackers target web applications because they’re exposed, complex, and not...
Blue open lock as symbol for authentification
6 common authentication vulnerabilities in web apps  
Application Security
Authentication is used by most web applications. Both for letting users have access to individual accounts, but also for protecting...