1 views collected around this technical thread.
Chrome DevTools now shows a Self‑XSS warning when an inexperienced user tries to paste code, using a simple heuristic that checks for at least five console‑history entries, requiring the user to type “allow pasting” before execution, to protect against social‑engineered attacks that could steal data or hijack accounts.
The article explains how C‑suite executives become prime targets for hackers through data broker profiles, insecure home networks, personal accounts, ransomware, and family members, and provides practical steps to reduce their personal attack surface and improve overall security.
This article demonstrates a practical OSINT workflow that combines social‑engineering clues, railway route research, terrain assessment, and feature‑based image analysis to pinpoint the exact shooting spot of a travel photograph taken on a train in northern China.
The article provides a comprehensive overview of phishing as a social‑engineering attack, detailing its various techniques—including email deception, spear‑phishing, whaling, malware‑based lures, domain spoofing, vishing, SMS and QR‑code scams—and offers practical defense measures such as anti‑phishing tools, multi‑factor authentication, content filtering, and security standards.
The author recounts a step‑by‑step penetration test against a fraudulent reseller, detailing OSINT gathering, port scanning, FTP brute‑forcing, JavaScript injection, location tracking, domain hijacking, and the deployment of custom Python scripts for each stage.