Injection attack can manifest themselves in many different ways within your application. You’ve probably heard stories of SQL injection, a far too common issue in web applications or RCE (Remote Code Execution), which actually refers to memory corruption and executing arbitrary code, but often is used generically to mean “execution…

Just a quick clarification to make as these should really be called “Bug Weeksly” as we probably won’t be pushing them out every single week, but every couple to few weeks to maintain quality content. …

If your code uses libraries that you didn’t write and you don’t own, you inherit that code’s risks. It’s bugs become your bugs. You have extended your attack surface from what it was to what it is now with these new additional lines. You know the other day when you…

Here at Block Audit, we’re all about finding and fixing those security bugs. …