🛡️ Security Headers - buckman

Discussed on Hacker News

⚠️XSS reddit.com·

/u/johnmu on Security header review - which are the most important

Discussed on r/TechSEO

🔌APIs GitHub·

PenTest Toolkit V2 – Open-Source Penetration Testing Toolkit

Discussed on Hacker News

🍪Session Management Latest Hacking News·

Man in the Middle Attack: Techniques, Real Examples, and Defences

Less-relevant results

🔒Security seclists.org·

SEC Consult SA-20260615-0 :: Multiple Critical Vulnerabilities in Wertheim SafeController Software for VAULT ROOMS (Safe Deposit Locker System)

🛡️Defensive Coding medium.com

The Hidden Risks of Misconfiguration: HSTS, Cross-Domain Policies, and File Permissions

🎭Anthropic Claude 4sysops·

Anthropic launches Claude Code Artifacts for real-time team review of AI coding

🔒Security TechRadar

Microsoft 365 Copilot can be turned into a one-click data theft tool — inbox, OneDrive, and SharePoint data all at risk, so patch now

Covers New attack turned Microsoft 365 Copilot into 1-click data theft tool

🏠Selfhosting GitHub·

fix(control-ui): rewrite manifest hrefs for configured base path (#94…

🐧Linux Bboysoul's Blog·

Random Thoughts - 20260616

Covers Building from Zero After Addiction, Prison, and a Felony

🔍Binary Diffing GitHub·

fix(qa): reject coerced evidence artifact indexes

🛡️AI Security CSO Online·

M365 Copilot SearchLeak: Your prompt injection attack surface just got bigger

Covers SearchLeak: We Turned M365 Copilot into a One-Click Data Exfiltration Weapon

🧩Browser Extensions fosterelli.co·

Developers don't understand CORS (2019)

Covered by 3 sources including Hacker News, daemonology.net

Discussed on Hacker News

🚧Execution Guardrails GitHub·

refactor(copilot): drop unused permission policy helpers

🎯Threat Modeling Help Net Security·

Reachability makes AI threat modeling worth the trust

🔒Information Security Mashable·

This Copilot vulnerability could expose emails, 2FA codes, and other sensitive data

🛡️Content Security Policy medium.com

HSTS and Cross-Domain Policy Misconfigurations

⚠️XSS GitHub·

Datasette-apps: Apps that live inside Datasette

Covered by Simon Willison's Newsletter, Simon Willison’s Weblog

Discussed on Hacker News

📱Android GitHub·

GrapheneOS PDF Viewer

Discussed on Hacker News

Google Says X-Frame-Options Matters For SEO via @sejournal, @martinibuster

Automated Web Security Audit

/u/johnmu on Security header review - which are the most important

PenTest Toolkit V2 – Open-Source Penetration Testing Toolkit

Man in the Middle Attack: Techniques, Real Examples, and Defences

SEC Consult SA-20260615-0 :: Multiple Critical Vulnerabilities in Wertheim SafeController Software for VAULT ROOMS (Safe Deposit Locker System)

The Hidden Risks of Misconfiguration: HSTS, Cross-Domain Policies, and File Permissions

Anthropic launches Claude Code Artifacts for real-time team review of AI coding

Microsoft 365 Copilot can be turned into a one-click data theft tool — inbox, OneDrive, and SharePoint data all at risk, so patch now

fix(control-ui): rewrite manifest hrefs for configured base path (#94…

Random Thoughts - 20260616

fix(qa): reject coerced evidence artifact indexes

M365 Copilot SearchLeak: Your prompt injection attack surface just got bigger

Developers don't understand CORS (2019)

refactor(copilot): drop unused permission policy helpers

Reachability makes AI threat modeling worth the trust

This Copilot vulnerability could expose emails, 2FA codes, and other sensitive data

HSTS and Cross-Domain Policy Misconfigurations

Datasette-apps: Apps that live inside Datasette

GrapheneOS PDF Viewer