Feb 3 · 4 min read · Pada kesempatan kali ini saya akan membahas kerentanan yang seringkali terlewat oleh mata telanjang tapi punya impact yang sangat fatal, yaitu Race Condition. Kerentanan ini saya temukan pada fitur Redeem Voucher di sebuah platform E-Commerce (mari k...
Join discussion
Jan 21 · 4 min read · The George Russell F1 suit represents precision, discipline, and modern Formula 1 performance. This article explains what makes it special, how replicas are crafted professionally, and why serious fans and racers choose custom-built versions from exp...
Join discussionJan 17 · 5 min read · Trong lập trình đa luồng, các luồng thuộc cùng môt tiến trình chia sẻ vùng nhớ Heap, biến toàn cục, Files. Do đó, sẽ xảy ra vấn đề tranh chấp nguồn tài nguyên giữa các luồng. 1. Race condition Race condition xảy ra khi kết quả của một chương trình ph...
Join discussionJan 16 · 4 min read · Up until now, we’ve looked at the backend as a straight line. A request comes in, the server thinks, the database updates, and a response goes out. But a production backend is never a straight line. It’s thousands of lines happening at the exact same...
Join discussion
Jan 5 · 9 min read · Modern software rarely runs one thing at a time. Web servers handle many requests at once, background jobs run alongside user actions, and multiple threads often need to read or update the same data. When this shared access isn’t carefully controlled...
Join discussion
Jan 4 · 3 min read · December 31st. The final countdown. While the rest of the world was preparing for parties, we were deep in the guts of the Generation UI, performing open-heart surgery on the Direction Selection system. Likely I will have PTSD from this day. heh. We...
Join discussionJan 4 · 4 min read · Previously: Built the generation infrastructure. Integration tests are passing. Flux.2 is generating beautiful, consistent assets. Now: The "confident amateur" phase ends. It's time for a professional security audit. The Reality Check (PR #8) On Dec ...
Join discussionDec 31, 2025 · 10 min read · Note: After I reported and investigated the issue described in this post, Apideck published a guide outlining the issue and recommended mitigation strategies. If you’re looking for a practical reference, you can find it here. Part 1: The Problem Cont...
Join discussion
Jan 1 · 3 min read · For Day 20, the investigation focused on a sophisticated web vulnerability that allowed attackers to disrupt the Best Festival Company's (TBFC) limited-edition toy launch. Although only 10 sleigh toys were in stock, hundreds of customers received con...
Join discussion
