OCTAL SECURITYBlog

Angular is a versatile front-end framework that enables direct use of web APIs such as the Window, Document, and Node interfaces. It also…

Disclaimer: This work only covers Angular and related methods, classes, JavaScript libraries, and Web APIs. AngularJS is not included as it…

Ruby on Rails Rails is a web application development framework written in the Ruby programming language. Rendering HTML templates, updating…

Meteor JS Security Checklist The insecure or autopublish modes are not used API keys, secrets, and credentials are not in the code base…

0-click RCE in Electron Applications TL;DR If the Electron application is not configured with appropriate features any XSS vulnerability can…

TL;DR Links to third-party websites should be properly validated and checked before opening in the Electron JS applications. If the protocol…

TL;DR XSS can be particularly devastating to Electron apps, and can result in RCE and phishing that might not be viable in a browser…