All articles

• Never Trust the Output: Data Pollution in AI Agents and MCP Jan 7, 2026
• Make Self-XSS Great Again Jun 13, 2025
• Why Protocol Matters: Evil PWA Attack on Casdoor Feb 5, 2025
• DOM Purify - dirty namespace bypass Dec 9, 2024
• Old new email attacks May 23, 2024
• Exploring IPv6 Zone Identifier Apr 6, 2024
• MySQL2: Dangers of User-Defined Database Connections Mar 26, 2024
• DOM Purify - untrusted Node bypass Mar 19, 2024
• CVE-2023-5480: Chrome new XSS Vector Jan 25, 2024
• Who Am I Jan 25, 2024