Here's an interesting article on some non-JavaScript Cross-Site Scripting vectors. https://x-c3ll.gi...

Here is a good writeup on the overflow error found in libssh2 https://blog.semmle.com/libssh2-intege...

Portswigger has some good research on a new angle for criss-site leak attacks: https://portswigger.n...

This is a blog entirely dedicated to security analysis of mobine apps.  No idea who writes it b...