16 min read/3 views
OAuth 2.0 Explained Like You're Building It From Scratch
A step-by-step breakdown of OAuth 2.0 by building every piece from scratch: flows, tokens, PKCE, security mistakes, and what to use in 2026.
Tag
Security
6 articles
15 min read/2 views
OWASP Top 10 for LLM Applications: The Attacks Your AI App Isn't Ready For
77% of businesses had AI security incidents in 2024. The OWASP Top 10 for LLM Applications catalogs the attacks most AI apps can't defend against — and the practical defenses that actually work.
13 min read/1 views
The xz-utils Backdoor Was a Preview — Software Supply Chain Security Is Broken
xz-utils, Log4j, event-stream — the pattern is clear. 60% of maintainers work unpaid. Supply chain attacks doubled in 2025. Here's what's actually broken.
15 min read/1 views
Graph Fraud Models for Banking: What Works, What Fails, and What Nobody Tells You
How PayPal cut false positives 30x with graph databases, why most GNN fraud projects die in integration, and a practical path for any team size.
16 min read/1 views
Python 3.14 T-Strings Will Change How You Write Python Forever
T-strings return a Template object, not a string. That one change enables SQL injection prevention, XSS-safe HTML, and shell safety built into the language.
17 min read/1 views
API Security Mistakes Every Junior Dev Makes
Seven API security mistakes I see junior devs make constantly, with TypeScript code showing what is wrong and how to fix it.