Application Security coaching

Flashing Your Lights: CVE-2025-7202

A CSRF vulnerability in Elgato Key Lights let websites flash your lights remotely. Here’s how CVE-2025-7202 was discovered and fixed.

Leaking Secrets with AI: The Hidden Risks of ChatGPT’s Share Feature

Learn how ChatGPT’s ‘Share’ feature can accidentally expose sensitive data to Google. Discover hidden risks and how to protect your AI conversations.

When Metadata Goes Rogue: Lessons from the Tea App Breach

The Tea app breach exposed thousands of user selfies with sensitive location metadata, revealing key lessons on protecting privacy by stripping metadata from uploads.

How a Toreon ski-trip led to a CVE in MikroTik’s Wi-Fi Hotspot

During Toreon’s annual ski trip, Robbe opted out of skiing and hiking to explore the hotel’s Wi-Fi login page for security flaws. While others hit…

CVE-2024-28088: How URI Traversal in LangChain Led to API Token Theft and potentially Remote Code Execution

This is the story of how Robbe discovered CVE-2024-28088, a URI traversal vulnerability in LangChain’s configuration loading mechanism that led to full API token leakage,…

Threat Modeling: 5 Strategies to Sell Leadership on Security

Get leadership buy-in for threat modeling with five proven strategies. Learn how to frame risk, show ROI, and use social proof to champion change.

How to Choose the Right Threat Modeling Training (Without Wasting Time)

Looking for the right threat modeling training? Here’s how to choose a practical, impactful course your team will actually use.

Threat Modeling: A Strategic, Cost-Effective Path to CRA Compliance and Security by Design

Discover how threat modeling can be a strategic approach to comply with the CRA while ensuring security by design across the product lifecycle.

How I Discovered vulnerability CVE-2024-2912: Unveiling BentoML Pickle-Based Serialization

This is the story of how I found a remote code execution vulnerability CVE-2024-2912, in BentoML and what it can teach you about securing your…

Making Threat Modeling Accessible: Top 10 Tools and Resources for Practitioners

Discover our Top 10 Threat Modeling Tips, featuring impactful insights and resources that resonate with our Threat Modeling Insider readers.

Start typing and press Enter to search

Shopping Cart