Cryptographic Payload Injection: A Novel Jailbreak Technique Against Gemini11 March 2026·10 minsSecurity Research AI Security Jailbreak Prompt Injection LLM Gemini Red Teaming
The Ghost in the Tenant: Chaining SVG UI Redressing and Persistent Authorization for Stealth Account Takeover5 February 2026·4 minsSecurity Research SVG Injection Broken Access Control Account Takeover UI Redressing Web Security
Predictable Voucher Identifier Enumeration in Cibus (Victory Integration)28 January 2026·6 minsSecurity Research Security Research Enumeration Weak Identifiers Business Logic Supply-Chain Risk Luhn Algorithm
Exploiting Layout Logic for DOM-Based XSS in react-show-more-text20 January 2026·6 minsSecurity Research React XSS Supply Chain
The Trust Fall: Bypassing a City-Wide Payment Ecosystem12 January 2026·8 minsSecurity Research Web Vulnerabilities Logic Flaws Phishing Fintech
How an Unpatched XSS vulnerability in a React Library Exposed Corporate Data, Employee Credentials, and Financial Assets28 December 2025·10 minsSecurity Research XSS Supply Chain Credential Harvesting Red Teaming
Exposing Top Secret IDF Documents: The Danger of Improper Digital Redaction5 November 2025·2 minsSecurity Research Data Leak Redaction Failure IDF Responsible Disclosure Information Security
The 1-Shekel Ticket: Broken Access Control, Mass PII Exposure, and Price Manipulation in a Concert Ticketing Platform17 September 2024·4 minsSecurity Research IDOR Broken Access Control Business Logic PII Exposure Web Security
