GitHub Security Lab
[#1301752 C#]: HttpOnly and Secure Cookies for .NET Core and .NET
#1301753 Java: Timing attacks while comparing results of cryptographic operations
Uber
#1145428 Chain of vulnerabilities in Uber for Business Vouchers program allows for attacker to perform arbitrary charges to victim's U4B payment account
Snapchat
#382678 Client IP Spoofing using "X-Forwarded-For: 127.0.0.1" on "studio-app.snapchat.com" exposing bucket details
#911606 Leaked JFrog Artifactory username and password exposed on GitHub - https://snapchat.jfrog.io
【今日最佳】现代API渗透技术
Tiny XSS Payloads
