Tag
5 articles
77% of businesses had AI security incidents in 2024. The OWASP Top 10 for LLM Applications catalogs the attacks most AI apps can't defend against — and the practical defenses that actually work.
xz-utils, Log4j, event-stream — the pattern is clear. 60% of maintainers work unpaid. Supply chain attacks doubled in 2025. Here's what's actually broken.
T-strings return a Template object, not a string. That one change enables SQL injection prevention, XSS-safe HTML, and shell safety built into the language.
A step-by-step breakdown of OAuth 2.0 by building every piece from scratch: flows, tokens, PKCE, security mistakes, and what to use in 2026.
Seven API security mistakes I see junior devs make constantly, with TypeScript code showing what is wrong and how to fix it.