I recently discovered an interesting race condition vulnerability in the eCommerce software nopCommerce, during a manual pen test as part...

In the world of modern web applications, the OAuth flow is our trusty gatekeeper, enabling seamless logins and secure data...

Despite advancements in security, web applications are still a problem. Attackers target web applications because they’re exposed, complex, and not...

Authentication is used by most web applications. Both for letting users have access to individual accounts, but also for protecting...

Outpost24 analysts recently discovered a critical authentication bypass vulnerability in CrushFTP, identified as CVE-2025-31161. The vulnerability has a CVSSv3.1 score...