Oct 15, 2025 · 2 min read · SQL injection (SQLi) is a code injection technique used to attack data-driven applications. It involves an attacker inserting malicious SQL statements into an entry field for execution by a application's database. ❌ Unsafe Example 1: Hacker can drop ...
Join discussionJul 16, 2025 · 8 min read · The world of open-source development comes with various cyber threats. GitHub is still facing a type of attack that is ongoing since last year where attackers mirrored a huge number of repositories. So as it turns out…the clone wars are not over! If ...
Join discussion
May 26, 2025 · 4 min read · A developer's guide to resolving false positive security detection during VS Code Marketplace submission As-salamu ‘alaykum wa rahmatullahi wa barakaatuh! The Problem If you're a VS Code extension developer, you may have encountered the frustrating "...
BBilal commented
May 13, 2025 · 3 min read · Summary Socket uncovered a highly destructive supply-chain attack targeting Go developers through malicious Go modules. The attackers exploited Go's decentralized and open module ecosystem to distribute obfuscated modules that ultimately delivered a ...
Join discussion
Mar 26, 2025 · 4 min read · Summary Bitdefender researchers have uncovered a large-scale ad fraud campaign involving at least 331 malicious apps on the Google Play Store, which have amassed over 60 million downloads. These apps primarily serve out-of-context ads but also engage...
Join discussion
Feb 20, 2025 · 3 min read · Summary Cyble Research Intelligence Lab (CRIL) came across a recent campaign observed by TrendMicro involving the BadIIS malware, which targeted vulnerable Internet Information Services (IIS) servers across Asia. This campaign impacted countries such...
Join discussion
Jan 9, 2025 · 5 min read · Tổng quan Trong thời gian gần đây đã ghi nhận một chiến dịch tấn công liên quan tới phần mềm độc hại FireScam Android giả dạng Telegram Premium để đánh cắp dữ liệu và thiết bị điều khiển. Các Attacker sẽ sử dụng một phần mềm giả mạo là “Telegram Prem...
Join discussion
Nov 2, 2024 · 4 min read · The Comprehensive Guide to Malicious Use of OAuth Applications: Understanding Parameters, Charts, and Case Studies OAuth (Open Authorization) is essential in today's interconnected digital landscape, facilitating secure access to user data across var...
Join discussion
Sep 26, 2024 · 5 min read · Photo by Ariel on Unsplash I recently shared a story about a scam job posting on Codementor where the goal was to trick developers into running malicious code on their machines. Fortunately, I discovered the issue before executing the code, and the a...
Join discussion
Sep 19, 2024 · 5 min read · Photo by FlyD on Unsplash I’ve been doing mentoring and freelancing on Codementor for a while now. Recently, I applied for a project titled “Front-end Design Developer (React.js, Three.js)”. The client asked me to install their code locally and “fix ...
Join discussion
