Acquiring Data with CSS Selectors and Javascript on Time Based Attacks

Why Framework Choice Matters in Web Application Security

Using Session Puzzling to Bypass Two-Factor Authentication

DNSFS: Is it possible to use DNS as a file system?

Clickjacking Attack on Facebook: How a Tiny Attribute Can Save the Corporation

Discovering and hacking IoT devices using web-based attacks

The Importance of the Content-Type Header in HTTP Requests

Sven Morgenroth Talks About PHP Object Injection Vulnerabilities on Paul's Security Weekly Podcast