2025

• 11 Dec ReactOOPS – Exploiting CVE-2025-55182 in a Realistic Next.js Environment
• 13 Oct Bypassing Rate Limits via HTTP/2 Single-Packet Attack: A Race Condition Story

2024

• 24 Nov OAuth Account Takeover: Exploiting Email Change Without Re-authentication