Spotlight: Websocket Pentesting with wsrepl, SVG Security Risks, New techniques Race conditions, XboxOneDirectoryTraversal, websocket_fuzzer etc.

Spotlight: Backdoor in TETRA Police Radios, How is Akamai blocking?, Find bugs with route-detect, LLM vulnerability scanner, saas-attacks etc.

Spotlight: How CodeQL works, Bundle Your Own Stealer, ShareFile RCE, RCE in Google Cloud Build, ORMs and Prepared Statements, etc.

Spotlight: remote execution vulnerability in math.js, Art of hacking LLM apps, aCropalypse vulnerability

Spotlight: How I Hacked CASIO F-91W digital watch, RCE in GitLab's CLI tool, Hacking Google Search Appliance, Prompt Injection (Prevent), etc.

Don't npm install https, Securing the AI Pipeline, SSO Gadgets II, bug at npm ecosystem, route-detect, etc.

IDOR in Microsoft Teams, VPN app is a DDOS botnet, EJS Vulnerabilities, container security, Data Falsificada: "Clusterfake", DNS Analyzer, etc.

Spotlight: Pre-authenticated RCE in VMware, Google’s Secure AI Framework, Pentesting Xamarin Android, Finding Vulnerabilities in Nuxt 3, etc.

Infecting SSH, bug chain: postMessage, JSONP, WAF bypass, DOM-based XSS, CORS, CSRF, Building a Tor Hidden, etc.