DevSec Blog DevSec Blog
DevSec Blog
  • Home
  • About Me
  • Blog
  • DevSec Selection
  • Contact
Input your search keywords and press Enter.

Your biweekly dose of AppSec Materials and Researches
to Develop Secure Applications and Deliver Secure Products

DevSec Selection is no longer active – subscribe for projects updates and recent articles

DevSec Selection Logo
April 6, 2025

DevSec Selection #28 – Auth Bypass in Next.js, IngressNightmare K8s RCE, TRAIL Threat Modeling

DevSec Selection Logo
March 19, 2025

DevSec Selection #27 – Wiz Acquired, tj-actions/changed-files GitHub Action Compromised, Useful Open-Source Tools

DevSec Selection Logo
March 4, 2025

DevSec Selection #26 – Identifying Security Bugs with AI, Semgrep Rules for Detecting Malicious Code and WhoAMI

DevSec Selection Logo
February 15, 2025

DevSec Selection #25 – Top 10 Web Hacking Techniques of 2024, Secure by Design in Google, All PortSwigger Solutions

DevSec Selection Logo
January 31, 2025

DevSec Selection #24 – DeepSeek Database Leak, OSV-Scanner v2, Opengrep

DevSec Selection Logo
January 15, 2025

DevSec Selection #23 – Security AI Agent, Malicious NPM Packages Targeting Cursor, 2024 CVE Review

DevSec Selection Logo
December 13, 2024

DevSec Selection #22 – Google Password Heist, Supply-Chain Firewall, Vanir and Kubernetes Goat

DevSec Selection Logo
December 1, 2024

DevSec Selection #21 – WordPress Critical Authentication Bypass, Comparison of Enterprise SAST/DAST and Google Dorks for Bug Bounty

DevSec Selection Logo
November 14, 2024

DevSec Selection #20 – Top Routinely Exploited Vulnerabilities in 2023 and Promising Open-source Tools

DevSec Selection Logo
November 3, 2024

DevSec Selection #19 – Swiss Army Knife for DevSecOps, DEF CON 32 Talks, Okta Authentication Vulnerability

DevSec Selection Logo
October 18, 2024

DevSec Selection #18 – Bug Bounty Hunting Resources, Vulnerability Prioritization, Time-to-Exploit Trends

DevSec Selection Logo
October 2, 2024

DevSec Selection #17 – Worst Place to Leave Your Secrets, Hacking Kia, DevSec Selection Insights

DevSec Selection Logo
September 18, 2024

DevSec Selection #16 – PyPI Revival Hijack, DORA, GitLab Critical Patch

DevSec Selection Logo
September 5, 2024

DevSec Selection #15 – Fake GitHub Stars, SQL Injection at Airport, and Worst Workplace Security Practices

DevSec Selection Logo
August 18, 2024

DevSec Selection #14 – CORS, ArtiPACKED Race Condition, 1Password CVE

DevSec Selection Logo
August 1, 2024

DevSec Selection #13 – Malicious Packages Distributed, Security Automation and Prompt Airlines

DevSec Selection Logo
July 20, 2024

DevSec Selection #12 – CrowdStrike Global BSOD, Worst Supply Chain Attack Prevented

DevSec Selection Logo
July 4, 2024

DevSec Selection #11 – RegreSSHion, API Rate Limiting, OWASP Quiz

DevSec Selection Logo
June 21, 2024

DevSec Selection #10 – Mandiant Snowflake Research, 10 Years of GitHub BugBounty

DevSec Selection Logo
June 9, 2024

DevSec Selection #9 – API Security Champion, LLM TOP 10, Santander Breach

DevSec Selection Logo
May 22, 2024

DevSec Selection #8 – SAST with AI, Git RCE, Semgrep for K8s

DevSec Selection Logo
May 8, 2024

DevSec Selection #7 – EPSS, Dependency Confusion, GitLab Security Notes

DevSec Selection Logo
April 25, 2024

DevSec Selection #6 – State of DevSecOps, OpenAI Security Bots

DevSec Selection Logo
April 11, 2024

DevSec Selection #5 – XZ Backdoor, Damn Vulnerable RESTaurant

DevSec Selection Logo
March 28, 2024

DevSec Selection #4 – SCA Comparison, Nuclei, Python for Security

DevSec Blog ©2024   •   Privacy Policy  •   RSS Feed