The Cost Of Security Headers

Misconfigured CORS, Stealing User Data From The Alexa 1M

Crashing Safari

Abusing Your Browser: Infinitely Large Favicons

The Web Is Dangerous: Phishing Edition

Handling Go: An Auth Design Pattern

Golang HTMLTemplates

CSP On Mobile is Broken

Bruteforcing with CSRF

How I Accidentally Hacked GNC

Why I Break Startups

Keybase.io vulnerability