Jan 19, 2023
In this episode we talk about the spell check feature of the browser and how it could present a risk to sensitive data.
Link to article referenced: https://www.darkreading.com/application-security/spellchecking-google-chrome-microsoft-edge-browsers-leaks-passwords
For more info go to
Dec 19, 2021
Log4J has been the talk of the town recently and everyone is focused on the technical details of the specific vulnerabilities found. In this episode, James talks about the overarching ideas around dealing with vulnerable components. Are you vulnerable? If so, what needs to be done?
For more info go to
Feb 9, 2020
Chrome has announced a few changes that we need to watch out for in the near future. We previously talked about the default value for samesite that is coming up fast. I wrote about this here: https://www.jardinesoftware.net/2019/10/28/samesite-by-default-in-2020/
Also, they are getting ready to start blocking mixed...
Nov 15, 2019
It was recently announced that Chrome was dropping the XSS Auditor in Chrome 78. What does that mean and how does that change things for you as a developer?
https://www.chromium.org/developers/design-documents/xss-auditor
For more info go to https://www.developsec.com or follow us on twitter (@developsec).
Join the...
Nov 6, 2019
In 2020, Chrome will default the SameSite attribute to Lax on all cookies. SameSite helps mitigate CSRF, but does that mean CSRF is Dead?
For more info go to https://www.developsec.com or follow us on twitter (@developsec).
Join the conversations.. join our slack channel. Email james@developsec.com for an...