Tag feed

#security

11,891 posts2,286 followers

Trending tags this week

PPPrajapati Pareshsmarttechdevs.hashnode.dev

Stop Fake Webhooks: HMAC Signatures in Laravel

1h ago · 3 min read · The Webhook Spoofing Vulnerability When engineering a B2B SaaS platform at Smart Tech Devs, relying on external services like Stripe, Shopify, or GitHub is inevitable. These services communicate with

Join discussion

AAhmedsqli-project-blog1.hashnode.dev

0

SQLi Demonstration

1h ago · 4 min read · Introduction A great way to get a full understanding of any particular cybersecurity topic is actually to implement it. Rather than learning only theoretically how SQL Injection (SQLi) works, I've bui

Join discussion

AHAlex Heklavex.hashnode.dev

0

How to stop AI coding agents from reading your `.env` secrets

3h ago · 4 min read · I was working in Claude Code when it opened my .env to "understand the configuration" — and then, helpfully, suggested I rotate the keys, since they were now exposed. The thing that exposed them was t

Join discussion

KSKaustav Sarkarblogs.kaustavsarkar.dev

0

Service Mesh Zero-Trust Architecture

10h ago · 14 min read · Zero-trust is a property that emerges when several independent checks each verify a request on their own, without assuming the layers around them already did the work. It often gets described as a pro

Join discussion

JCJoseph Chimeziejc-coder.hashnode.dev

1

Why GitHub 2FA Won't Save You From Infostealers

10h ago · 17 min read · Imagine this: it is 3:00 AM. Your laptop is closed, your computer is off, and you are asleep. Suddenly, your phone buzzes with an email notification from GitHub: “Security Alert: Force-push detected o

SSamuel commented

HHelperXhelperx.hashnode.dev

0

CycleTLS v2: Why We Ditched Axios for TLS Fingerprint-Safe HTTP

22h ago · 6 min read · When you're automating requests against platforms that actively detect bots, your HTTP library is a liability. We learned this the hard way — Axios was getting our requests fingerprinted and blocked w

Join discussion

Vvictoraiattestation.hashnode.dev

0

Why AI-Generated Content Has No Cryptographic Provenance. And What Fixing It Actually Requires

23h ago · 9 min read · There is a question that no AI system in production today can answer with cryptographic certainty: "Prove to me that this content was generated by your AI system, at this specific time, without modifi

Join discussion

ODOlujimi David T.redis-simple-until-production.hashnode.dev

0

Redis ACLs: Why a Private Network Isn’t Enough

1d ago · 8 min read · Placing Redis inside a private network is a common first step, but it only controls who can reach Redis, not what they can do once they get there. By default, Redis requires no authentication and list

Join discussion

RRajugvaramaraju.hashnode.dev

0

Field-Level Encryption with Google Tink: A Staff Engineer’s Implementation Guide

1d ago · 3 min read · Field-Level Encryption (FLE) is a critical defensive layer that ensures sensitive data is encrypted before it reaches the database. While the implementation may seem straightforward, the architectural

Join discussion

HSHitesh Srivastavahitcaff.hashnode.dev

0

Mutable Database Rows Are Not Audit Trails

1d ago · 7 min read · This article was originally published on Jun 8, 2026. The library referenced is decision-provenance v1.1.1, available at github.com/hitcaff/decision_provenance. Every day, ML models make millions of

Join discussion

#security

Search Hashnode

#security

Trending tags this week

Stop Fake Webhooks: HMAC Signatures in Laravel

SQLi Demonstration

How to stop AI coding agents from reading your `.env` secrets

Service Mesh Zero-Trust Architecture

Why GitHub 2FA Won't Save You From Infostealers

CycleTLS v2: Why We Ditched Axios for TLS Fingerprint-Safe HTTP

Why AI-Generated Content Has No Cryptographic Provenance. And What Fixing It Actually Requires

Redis ACLs: Why a Private Network Isn’t Enough

Field-Level Encryption with Google Tink: A Staff Engineer’s Implementation Guide

Mutable Database Rows Are Not Audit Trails