Tor Hidden-Service Passive De-Cloaking
Top 3 Proxy Issues That No One Ever Told You
Gravatar Email Enumeration in JavaScript
Pixel Perfect Timing Attacks with HTML5
Million Browser Botnet Video Briefing
Slideshare
Auto-Complete Hack by Hiding Filled in Input Fields with CSS
Site Plagiarizes Blog Posts, Then Files DMCA Takedown on Originals
The Case of the Unconventional CSRF Attack in Firefox
Ruby on Rails Session Termination Design Flaw
HTML5 Hard Disk Filler™ API
Aaron Patterson -- Serialized YAML Remote Code Execution
Fireeye -- Arbitrary reading and writing of the JVM process
Timothy Morgan -- What You Didn't Know About XML External Entity Attacks
Angelo Prado, Neal Harris, Yoel Gluck -- BREACH
James Bennett -- Django DOS
Phil Purviance -- Don't Use Linksys Routers
Mario Heiderich -- Mutation XSS
Timur Yunusov and Alexey Osipov -- XML Out of Band Data Retrieval
Carlos Munoz -- Bypassing Internet Explorer's Anti-XSS Filter
Zach Cutlip -- Remote Code Execution in Netgear routers
Cody Collier -- Exposing Verizon Wireless SMS History
Compromising an unreachable Solr Serve
Finding Weak Rails Security Tokens
Ashar Javad Attack against Facebook's password reset process.
Father/Daughter Team Finds Valuable Facebook Bug
Hacker scans the internet
Eradicating DNS Rebinding with the Extended Same-Origin Policy
Large Scale Detection of DOM based XSS
Struts 2 OGNL Double Evaluation RCE
Lucky 13 Attack
Weaknesses in RC4