Cheers to 11 years of AppSec Ezine! 🎉 Huge thanks to the security community for sharing and the supporters who made this journey possible. Here's to another year of knowledge-sharing! 🚀 572nd Edition: pathonproject.com/zb/?871f09… Repo: github.com/Simpsonpt/AppSecE… #AppSec #Security

youtube.com/watch?v=dhh21crS… Life's a bitch... I'm off!

AppSec Ezine - 612th pathonproject.com/zb/?2aa664… #AppSec #Security

AppSec Ezine - 611th pathonproject.com/zb/?7a6539… #AppSec #Security

AppSec Ezine - 610th 🎃 pathonproject.com/zb/?fac2c8… #AppSec #Security

thanks to everyone who attended my #TheSAS2025 talk "Typographic hit job: when fonts pull the trigger". 🙏 I've written an accompanying blogpost that goes over all the details: haxx.in/posts/2025-09-23-can…

AppSec Ezine - 609th pathonproject.com/zb/?520397… #AppSec #Security

HTTP is supposed to be stateless, but sometimes... it isn't! Some servers create invisible vulnerabilities by only validating the first request on each TCP/TLS connection. I've just published a Custom Action to help you detect & exploit this - here's a narrated demo:

AppSec Ezine - 608th pathonproject.com/zb/?1347bc… #AppSec #Security

If you want to learn how to construct epic payloads like this? You need JavaScript for Hackers. Requires this hash: #<img/src/onerror=alert(1)> amazon.com/JavaScript-hacker…

AppSec Ezine - 607th pathonproject.com/zb/?53e6a0… #AppSec #Security

pagedout.institute/ ← we've just released Paged Out! zine Issue #7 pagedout.institute/download/… ← direct link lulu.com/search?page=1&pageS… ← prints for zine collectors pagedout.institute/download/… ← issue wallpaper Enjoy! Please please please RT to spread the news - thank you!

AppSec Ezine - 606th pathonproject.com/zb/?eaf342… #AppSec #Security

AppSec Ezine - 605th pathonproject.com/zb/?1e18fe… #AppSec #Security

ChatControl wants to scan all your private messages metalhearf.fr/posts/chatcont…

AppSec Ezine - 604th pathonproject.com/zb/?50916f… #AppSec #Security

Ok guys, and that's it for this year! PraSec "11"th edition concluded yesterday. We hope you had a great time. Again, we thank our speakers and attendees for super atmosphere. See you in a year!

AppSec Ezine - 603rd pathonproject.com/zb/?accf07… #AppSec #Security

AppSec Ezine - 602nd pathonproject.com/zb/?23b81b… #AppSec #Security

So… I was hacked. Pwned. Big time. And I’m not kidding. It turned out to be the very same malware used in massive DDoS campaigns against DeepSeek and Twitter (erm… X). It was RapperBot... I was angry with me and with the malware. Honestly, more with me than with the malware. This is my story of how I dove deep into its guts, from infrastructure mapping to binary analysis, and what I uncovered along the way. Buckle up and grab some IOCs: bitsight.com/blog/rapperbot-…

AppSec Ezine - 601st pathonproject.com/zb/?17cc8a… #AppSec #Security