Securing Laravel → Special Laracon US 25% Discount!
I'm on the plane headed to Laracon US, speaking on Thursday, which means it's time for my traditional "I'm speaking at Laracon" discount! 🥳
Read more
In Depth: Version Numbers Are Vanity Labels
[In Depth #40] We trust version numbers to mean a specific, fixed release - but they're really just labels pointing at a commit, and an attacker can quietly move them. Let's dig into tag hijacking, the attack behind tj-actions and Laravel-Lang. 😈
Security Tip: Secure Your Repositories with Laravel Moat
[Tip #130] Laravel Moat is a new tool that assesses the security posture of your GitHub repositories and recommends ways to tighten the controls protecting them.
Security Tip: The Signed URL Trap
[Tip #129] I love Signed URLs, but there is one very subtle trap you can accidentally fall into...
In Depth: Don't Trust Public Livewire Properties
[In Depth #39] Public Properties may look like PHP class properties, but they're really hidden form fields, just waiting for your input... 😈