You won’t hear an alarm.

On April 23rd I watched Uber lock us out of the account again.

Android applications are no longer just front-end interfaces. They contain business logic, authentication flows, API communication, local…

How a Forgotten OAuth Permission Gave Attackers a Path Straight Into Vercel’s Infrastructure

Botium Toys: Scope, goals, and risk assessment report

How supply chain vectors affect AI systems and their behaviour

How to secure AI supply chains and reduce system risks

Explore how AI’s dependency on external models, datasets, and packages creates attack surfaces.

TryTrainMe’s production code review model is phoning home. Investigate the breach.

🔗Room Link : https://tryhackme.com/room/ice

I once watched a senior developer demo his “secure” admin panel to a room full of stakeholders. He proudly showed how regular users…

Welcome to this blog, I’m Sandeep Singh Rajput and I’ll define all the methods, tactics and techniques I used to find IDOR in a website…

You have spent millions on firewalls, antivirus software, and employee training. Your perimeter is locked down tight. But what if an…

TryHackMe “Directory” Lab — Writeup

This is part of an ongoing series where I document my journey into AWS penetration testing — from setting up the environment to identifying…

Hey everyone Today I solved the Footprinting (Medium) lab on Hack The Box Academy The goal was to find the password for a user called HTB.

Infiltrate Recruit’s new portal. Map the site, hunt for flaws, and gain unauthorized access

Write-up for Linux Privilege Escalation (TryHackMe)

This is a write-up for the ItsyBitsy room. I will explain how to complete the room and the reasons behind each step.

Published: April 2026 | Research conducted: February 2026

Meet Aarav. He’s 14. He lives in a Tier-2 city in India. He’s average in school, spends most of his time on Discord, and his parents think…