Topic: security
All the articles about "security".
-
The Axios Supply Chain Attack: What Laravel Developers Need to Know
A compromised npm account turned Axios into a RAT dropper for 3.5 hours. Here's what happened, why AI coding agents make supply chain attacks worse, and 10 protections every Laravel project should have.
-
I Asked AI to Audit My Laravel App's Security. It Found 4 Things I'd Never Have Caught.
A real security audit of a Laravel app found IDOR vulnerabilities in Livewire components, XSS through strip_tags(), mass assignment with $guarded = [], and predictable share tokens. Here's what was wrong and how I fixed each one.
-
How to Handle a Spam Vulnerability Report (And What to Actually Fix)
I received a scary-sounding security vulnerability report about my Laravel app. It was mostly spam — but it highlighted two real gaps worth fixing.