Tagged articles

2152 articles

Page 8 of 22

Aug 7, 2024 · Artificial Intelligence

Detecting Time‑Series Anomalies in Embedding Space: A Practical AI Approach

This article presents an embedding‑based method for time‑series anomaly detection in security and anti‑cheat scenarios, explains how to vectorise logs, sample and compute distribution features, details implementation code, and validates the approach with four synthetic experiments showing precision‑recall improvements at day and hour granularity.

EmbeddingTime Seriesanomaly detection

0 likes · 12 min read

Detecting Time‑Series Anomalies in Embedding Space: A Practical AI Approach

php Courses

Aug 7, 2024 · Backend Development

Using PHP 7.4+ Foreign Function Interface (FFI) to Call C Libraries

This article introduces PHP 7.4's Foreign Function Interface (FFI), explains how to enable it, demonstrates basic usage and advanced examples for calling C functions, discusses performance considerations, security best practices, troubleshooting, and future directions for PHP developers.

BackendC integrationFFI

0 likes · 8 min read

Using PHP 7.4+ Foreign Function Interface (FFI) to Call C Libraries

Wukong Talks Architecture

Aug 5, 2024 · Operations

Comprehensive Case Study of Large‑Scale Desktop IT Management and Automated Fault Detection at Ctrip

This article presents a detailed case study of Ctrip's large‑scale desktop IT management solution, describing the challenges of handling tens of thousands of office PCs, the full‑link architecture built with Rust, Tauri, SpringBoot and Django, automated health monitoring, fault detection, remediation workflows, security measures, performance optimizations, and the measurable operational improvements achieved.

Desktop ManagementIT OperationsRust

0 likes · 16 min read

Comprehensive Case Study of Large‑Scale Desktop IT Management and Automated Fault Detection at Ctrip

IT Services Circle

Aug 3, 2024 · Backend Development

Understanding API Gateways: Core Functions and Popular Products

This article explains what an API gateway is, outlines its core functions such as routing, load balancing, security, rate limiting, aggregation and caching, and reviews ten popular gateway solutions—including Amazon API Gateway, Kong, Apigee, NGINX, Tyk, MuleSoft Anypoint, Azure API Management, IBM API Connect, Kubernetes‑native options, and Traefik—highlighting their key features and typical use cases.

KubernetesMicroservicesapi-gateway

0 likes · 5 min read

Understanding API Gateways: Core Functions and Popular Products

Ops Development & AI Practice

Aug 2, 2024 · Information Security

Mastering GPG Public-Key Signatures: From Key Generation to Password‑less Use

This guide explains GPG's public‑key signature technology, walks through generating and managing ED25519 keys, shows how to sign and verify files, and provides configuration steps to use GPG without passphrase prompts, ensuring data integrity and authenticity.

Ed25519GPGdigital signatures

0 likes · 9 min read

Mastering GPG Public-Key Signatures: From Key Generation to Password‑less Use

IT Services Circle

Aug 1, 2024 · Information Security

Cross Fork Object Reference (CFOR) Vulnerability: Access to Deleted and Private GitHub Repository Data

Researchers from Truffle Security revealed that GitHub's delete function often fails to truly remove data, exposing a new Cross Fork Object Reference (CFOR) vulnerability that allows anyone with a commit hash to access deleted or private repository data, posing serious security risks.

CFORCommit HashGitHub

0 likes · 11 min read

Cross Fork Object Reference (CFOR) Vulnerability: Access to Deleted and Private GitHub Repository Data

php Courses

Aug 1, 2024 · Information Security

Common PHP Pitfalls and Effective Prevention Strategies

This article examines frequent security and quality pitfalls in PHP development—such as deprecated functions, SQL injection, XSS, insecure file inclusion, poor error handling, session hijacking, hard‑coded credentials, insufficient input validation, outdated versions, and low code quality—and provides concrete best‑practice recommendations to avoid them.

PHPcode qualityinput validation

0 likes · 8 min read

Common PHP Pitfalls and Effective Prevention Strategies

Efficient Ops

Jul 29, 2024 · Operations

Top 19 Essential Linux & Sysadmin Interview Questions with Answers

This article compiles 19 practical Linux, security, networking, and Python interview questions covering command‑line techniques, system monitoring, load‑balancing, HTTP protocols, common vulnerabilities, TCP handshakes, TIME_WAIT optimization, and code snippets to help candidates prepare for sysadmin roles.

LinuxPythonShell

0 likes · 15 min read

Top 19 Essential Linux & Sysadmin Interview Questions with Answers

JD Tech Talk

Jul 29, 2024 · Backend Development

Best Practices for Service Design and API Development in Enterprise Systems

This article presents comprehensive guidelines for designing robust, secure, and maintainable enterprise services, covering API path conventions, request handling, input/output parameter design, business logic recommendations, exception handling, dependency management, monitoring, degradation strategies, encryption, and system admission practices.

Error HandlingMicroservicesService Architecture

0 likes · 19 min read

Best Practices for Service Design and API Development in Enterprise Systems

JD Cloud Developers

Jul 29, 2024 · Backend Development

Designing Robust Backend Services: Path Standards, Security, Monitoring, and Degradation Strategies

This article outlines comprehensive best‑practice guidelines for designing robust, secure, and maintainable backend services—covering API path conventions, request handling, parameter design, error codes, dependency management, monitoring, degradation strategies, legacy service handling, encryption, access control, and tamper‑proof mechanisms, with practical code examples.

BackendService Architectureapi-design

0 likes · 18 min read

Designing Robust Backend Services: Path Standards, Security, Monitoring, and Degradation Strategies

Linux Code Review Hub

Jul 29, 2024 · Industry Insights

Zephyr RTOS 3.7.0 LTS Launch – New HW Models, Enhanced Networking, and Security Fixes

Zephyr RTOS 3.7.0 LTS was released on July 26, 2024, introducing over 650 contributors, new hardware models, expanded POSIX and Bluetooth support, numerous API changes, extensive driver updates, enhanced networking features, and a series of security patches covering multiple CVEs.

HardwareLTSNetworking

0 likes · 20 min read

Zephyr RTOS 3.7.0 LTS Launch – New HW Models, Enhanced Networking, and Security Fixes

Liangxu Linux

Jul 28, 2024 · Cloud Native

Avoid These 10 Common Kubernetes Mistakes to Boost Reliability

This article outlines the most frequent Kubernetes pitfalls—such as missing resource requests, omitted health checks, using the :latest tag, over‑privileged containers, insufficient monitoring, default namespace misuse, weak security settings, absent PodDisruptionBudgets, lack of pod anti‑affinity, and improper load‑balancing—and provides concrete commands, YAML examples, and best‑practice recommendations to prevent them.

KubernetesResource Managementautoscaling

0 likes · 13 min read

Avoid These 10 Common Kubernetes Mistakes to Boost Reliability

Architect's Guide

Jul 28, 2024 · Fundamentals

Why Software Quality Is Worse Than a Decade Ago: Causes and Reflections

The article argues that despite advances in tools and practices, modern software quality has declined over the past ten years due to factors such as increasing complexity, lack of focus, superficial engineering culture, and inadequate attention to reliability, usability, and security.

Software qualitydevelopment practicessecurity

0 likes · 9 min read

Why Software Quality Is Worse Than a Decade Ago: Causes and Reflections

Architect's Guide

Jul 27, 2024 · Information Security

Understanding OAuth 2.0: Principles, Architecture, and Implementation

This article explains the OAuth 2.0 authorization framework, its core concepts, architecture, key roles, and implementation patterns for web, user‑agent, and native applications, helping readers grasp how delegated access works without sharing user credentials.

AuthenticationAuthorizationOAuth2

0 likes · 9 min read

Understanding OAuth 2.0: Principles, Architecture, and Implementation

Ctrip Technology

Jul 25, 2024 · Operations

Ctrip's Full‑Chain Desktop Operations Platform for Managing Tens of Thousands of PCs

The article presents a comprehensive case study of Ctrip's full‑chain desktop operations system, detailing its architecture, cross‑platform Rust/Tauri agents, SpringBoot server, security measures, operational challenges, performance optimizations, and the measurable improvements in fault detection and repair across a massive corporate PC fleet.

Desktop ManagementIT OperationsRust

0 likes · 18 min read

Ctrip's Full‑Chain Desktop Operations Platform for Managing Tens of Thousands of PCs

21CTO

Jul 24, 2024 · Information Security

Can Rust Replace C/C++ to Prevent the Next CrowdStrike‑Induced BSOD?

The article examines the recent Windows BSOD crisis caused by a faulty CrowdStrike update, argues that memory‑unsafe languages like C/C++ contributed to the failure, and explains how Microsoft and the industry are turning to the memory‑safe Rust language for system, firmware, and cloud components to improve reliability and security.

AzureMemory SafetySystem Programming

0 likes · 8 min read

Can Rust Replace C/C++ to Prevent the Next CrowdStrike‑Induced BSOD?

Open Source Linux

Jul 24, 2024 · Operations

Linux Emergency Handbook v1.2: Key Updates & New Incident Response Practices

Version 1.2 of the Linux Emergency Handbook introduces critical updates such as SSH key backdoor checks, detailed command timestamp logs, new journalctl log viewing techniques, enhanced password checks, added data USB guidance, and revamped post‑incident stages including routine security checks, loss assessment, and targeted investigations.

Linuxemergency responseincident management

0 likes · 3 min read

Linux Emergency Handbook v1.2: Key Updates & New Incident Response Practices

Architect

Jul 23, 2024 · Databases

How to Perform Fuzzy Searches on Encrypted Data: Methods, Pros & Cons

This article examines three categories of techniques—naïve, conventional, and advanced—for enabling fuzzy queries on encrypted data, comparing their implementation steps, performance impact, storage overhead, and security trade‑offs, and provides practical examples and reference links for further study.

databaseencrypted datafuzzy-search

0 likes · 11 min read

How to Perform Fuzzy Searches on Encrypted Data: Methods, Pros & Cons

Linux Cloud Computing Practice

Jul 23, 2024 · Information Security

How to Harden RHEL7: Essential Linux Security Hardening Steps

This guide walks through practical Linux security hardening on RHEL7, covering account control, password policies, SELinux configuration, SSH restrictions, firewall rules, file attribute protections, and other measures to elevate the system to a B1 security level.

RHEL7SELinuxsecurity

0 likes · 12 min read

How to Harden RHEL7: Essential Linux Security Hardening Steps

OPPO Amber Lab

Jul 22, 2024 · Information Security

Exploiting AIDL and Parcelable Mismatches in Android IPC

This article examines how mismatched read/write implementations in Android's Parcelable and AIDL mechanisms create exploitable IPC vulnerabilities, outlines several historical bug patterns, and discusses potential attack vectors and mitigation strategies.

AIDLAndroidIPC

0 likes · 11 min read

Exploiting AIDL and Parcelable Mismatches in Android IPC

Architecture Development Notes

Jul 21, 2024 · Backend Development

Rust vs PHP: Which Language Wins for Your Next Project?

This article compares the emerging system language Rust with the veteran web language PHP, examining their core features, performance, safety, learning curves, ecosystems, and deployment considerations to help developers choose the right tool for their specific project needs.

PHPRustlanguage comparison

0 likes · 14 min read

Rust vs PHP: Which Language Wins for Your Next Project?

Continuous Delivery 2.0

Jul 19, 2024 · Operations

Strategic Enhancements for CI/CD Pipelines: Performance, Security, Blue‑Green Deployment, and Infrastructure as Code

This article outlines six practical strategies to upgrade CI/CD pipelines, including performance and device‑compatibility testing, visual regression and accessibility checks, automated security scans with Dependabot, blue‑green deployments, phased testing, infrastructure‑as‑code integration, and automated rollback checkpoints, helping teams deliver higher‑quality software faster.

Blue‑Green deploymentDevOpsInfrastructure as Code

0 likes · 10 min read

Strategic Enhancements for CI/CD Pipelines: Performance, Security, Blue‑Green Deployment, and Infrastructure as Code

Linux Ops Smart Journey

Jul 18, 2024 · Operations

How to Install and Secure Docker in Production Environments

Learn step-by-step how to prepare your Linux server, download and install Docker 20.10.24 manually, configure daemon settings, set up systemd service, start and verify the engine, and apply essential security and optimization practices for reliable production deployments.

ContainerDockerLinux

0 likes · 5 min read

How to Install and Secure Docker in Production Environments

Python Programming Learning Circle

Jul 18, 2024 · Fundamentals

Guide to Using Python's eval() Function

This article provides a comprehensive guide to Python's eval() function, covering its syntax, parameters, execution process, differences between globals and locals, dynamic versus static execution, common use cases, security risks, and alternatives such as ast.literal_eval() and exec().

Pythoncode evaluationdynamic execution

0 likes · 15 min read

Java Architect Essentials

Jul 17, 2024 · Information Security

Why Many Experts Advise Against Using JWT for Authentication

This article explains what JSON Web Tokens are, outlines their typical workflow, and critically examines their drawbacks—including size overhead, redundant signatures, revocation challenges, lack of encryption, and broader security concerns—before concluding with practical recommendations for their use.

AuthenticationJWTSession

0 likes · 8 min read

Why Many Experts Advise Against Using JWT for Authentication

Liangxu Linux

Jul 17, 2024 · Cloud Native

How Linux User Namespaces Secure Docker Containers and How to Configure Them

This guide explains the concept of Linux user namespaces, how they isolate UID/GID for Docker containers, the required subuid/subgid mappings, step‑by‑step daemon configuration, verification commands, and known limitations when using user namespace isolation.

DockerLinuxUser Isolation

0 likes · 9 min read

How Linux User Namespaces Secure Docker Containers and How to Configure Them

php Courses

Jul 16, 2024 · Backend Development

Using PHP password_hash Function for Secure Password Hashing

This article explains how to securely hash passwords in PHP using the password_hash function, covering the concept of hashing, code examples for creating and verifying hashes, automatic salting, and best practices for protecting user credentials.

backend-developmentpassword hashingpassword_hash

0 likes · 5 min read

Using PHP password_hash Function for Secure Password Hashing

Alibaba Cloud Native

Jul 15, 2024 · Cloud Native

How AI-Driven Gateways Are Evolving to Meet LLM Demands

The article examines how AI-era large language model (LLM) applications impose new traffic, security, and scalability requirements on gateways, and explains how the Envoy‑based open‑source Higress gateway addresses these challenges with hot configuration updates, token‑based rate limiting, streaming support, and multi‑tenant capabilities.

AIInfraLLM

0 likes · 19 min read

How AI-Driven Gateways Are Evolving to Meet LLM Demands

macrozheng

Jul 12, 2024 · Information Security

Understanding JWT: Secure Token-Based Authentication for Modern Apps

This article explains the evolution from traditional cookie‑session authentication to token‑based JWT, detailing its structure, security mechanisms, implementation steps, advantages, limitations, and practical Java code examples, while also comparing it with modern authentication challenges in web and mobile environments.

AuthenticationJWTToken

0 likes · 15 min read

Understanding JWT: Secure Token-Based Authentication for Modern Apps

JD Retail Technology

Jul 12, 2024 · Backend Development

Service Design Tips and Best Practices for Robust API Development

This article explores essential service design considerations beyond standard guidelines, covering API path structuring, request handling, parameter design, security measures, monitoring, degradation strategies, and code examples to help build flexible, secure, and maintainable backend services.

MicroservicesService Architectureapi-design

0 likes · 19 min read

Service Design Tips and Best Practices for Robust API Development

Top Architect

Jul 11, 2024 · Information Security

Why Many Developers Discourage Using JWT (JSON Web Token)

This article explains what JWT is, how it works in authentication flows, and details its major drawbacks—including large token size, redundant signatures, revocation difficulties, stale data risks, and lack of encryption—while concluding that JWT may be suitable only for short‑lived, single‑use scenarios.

BackendJWTsecurity

0 likes · 9 min read

Why Many Developers Discourage Using JWT (JSON Web Token)

Architect

Jul 10, 2024 · Information Security

Evolution and Design of Login Authentication Systems

This article examines the historical evolution of login authentication technologies, from simple cookie‑based methods to token mechanisms, unified account centers, OAuth 2.0, and modern one‑click solutions, while discussing design considerations, security challenges, and future trends such as AI‑driven identity verification.

Identity ManagementOAuthToken

0 likes · 12 min read

Evolution and Design of Login Authentication Systems

Bilibili Tech

Jul 9, 2024 · Operations

Standardizing VOD CDN Backsource Architecture: Issues, Strategies, and Optimizations

The article outlines how a VOD provider standardized its multi‑vendor CDN back‑source architecture by classifying videos as hot or cold, prioritizing fragment‑level pulls, throttling full‑file transfers, implementing real‑time monitoring, decoupling storage buckets, and adding OSIG authentication to reduce latency, bandwidth pressure, and security risks.

BacksourceCDNVOD

0 likes · 7 min read

Standardizing VOD CDN Backsource Architecture: Issues, Strategies, and Optimizations

DevOps Operations Practice

Jul 7, 2024 · Operations

Top 6 Most Dangerous Linux Commands and How to Use Them Safely

This article lists the six most hazardous Linux commands, explains why they can cripple a system, and provides practical safeguards to prevent accidental system destruction while highlighting proper usage practices for each command.

command-linedangerous-commandssecurity

0 likes · 7 min read

Top 6 Most Dangerous Linux Commands and How to Use Them Safely

php Courses

Jul 4, 2024 · Information Security

Overview of Common PHP Encryption Algorithms

This article introduces several widely used PHP encryption algorithms—including MD5, SHA family, AES, RSA, and Base64 encoding—explaining their functions, security considerations, and PHP functions for implementation, while also mentioning additional algorithms like DES, RC4, and Blowfish for specific use cases.

AESHashingPHP

0 likes · 3 min read

Overview of Common PHP Encryption Algorithms

php Courses

Jul 4, 2024 · Backend Development

Why Build a Custom PHP Framework and What It Can Achieve

This article explains the motivations for creating a custom PHP framework—such as meeting specific project needs, deepening technical understanding, ensuring long‑term maintainability, optimizing performance, improving usability, and enhancing security—while outlining the curriculum of the accompanying tutorial series.

FrameworkMVCPHP

0 likes · 4 min read

Why Build a Custom PHP Framework and What It Can Achieve

OPPO Amber Lab

Jul 1, 2024 · Information Security

Exploiting LazyValue: How Use‑After‑Recycled Bugs Leak Android Parcel Data

This article analyzes a class of historical Android Parcelable vulnerabilities, explains the LazyValue mechanism and its use‑after‑recycled issue, demonstrates how negative length fields can rewind parcel pointers, and outlines exploitation steps and patch locations.

AndroidIPCLazyValue

0 likes · 13 min read

Exploiting LazyValue: How Use‑After‑Recycled Bugs Leak Android Parcel Data

Liangxu Linux

Jun 30, 2024 · Information Security

How a Git Submodule & Symlink Trick Triggers Remote Code Execution (CVE‑2024‑32002)

An RCE vulnerability (CVE‑2024‑32002) in Git allows attackers to embed malicious hooks via a recursive submodule and a case‑insensitive symlink, so that cloning the repository executes arbitrary code such as launching the calculator, affecting Git versions up to 2.45.0 unless patched.

CVE-2024-32002Git HooksRemote Code Execution

0 likes · 10 min read

How a Git Submodule & Symlink Trick Triggers Remote Code Execution (CVE‑2024‑32002)

Liangxu Linux

Jun 29, 2024 · Information Security

How to Block SSH Logins for Specific Users, Groups, and IPs on Linux

This guide explains multiple Linux techniques—including nologin shells, sshd_config allow/deny lists, and hosts.allow/hosts.deny rules—to prevent selected users, groups, or IP addresses from logging in via SSH, with practical commands, examples, and a ready‑to‑run script.

LinuxSSHaccess control

0 likes · 11 min read

How to Block SSH Logins for Specific Users, Groups, and IPs on Linux

php Courses

Jun 27, 2024 · Information Security

How to Build an OAuth2 Authorization Code Server in PHP

This tutorial explains step‑by‑step how to set up a secure OAuth2 authorization‑code server in PHP, covering the OAuth flow, library installation, server code, database schema, and testing with curl.

APIAuthorization CodeOAuth2

0 likes · 6 min read

How to Build an OAuth2 Authorization Code Server in PHP

MaGe Linux Operations

Jun 24, 2024 · Information Security

How to Verify File Integrity with MD5 and SHA‑512 Checksums on Linux

This guide explains the principles of MD5 and SHA‑512 checksums, demonstrates how to generate and compare them using Linux commands such as md5sum and sha512sum, and shows how to automate integrity verification for files like calico.yaml during transfer or backup.

LinuxMD5SHA-512

0 likes · 7 min read

How to Verify File Integrity with MD5 and SHA‑512 Checksums on Linux

php Courses

Jun 21, 2024 · Backend Development

Overview of PHP 8 Features and Expected PHP 9 Enhancements

This article examines PHP 8’s major features such as JIT compilation, union types, attributes, match expressions, constructor property promotion, and null‑safe operator, then outlines anticipated PHP 9 improvements including enhanced JIT, native async/await, richer type system, standardized error handling, and stronger security.

AsyncJITPHP

0 likes · 11 min read

Overview of PHP 8 Features and Expected PHP 9 Enhancements

AntTech

Jun 21, 2024 · Artificial Intelligence

Ant Group’s Security Parallel Aspect Fusion AI: A Case Study Selected at the 2024 World Intelligent Industry Expo

The article details Ant Group’s security parallel aspect fusion AI solution, selected as an exemplary case at the 2024 World Intelligent Industry Expo, explaining its multi‑dimensional data collection, large‑model integration, baseline construction, knowledge‑graph generation, and superior threat‑detection performance.

AIAnt GroupLarge Model

0 likes · 4 min read

Ant Group’s Security Parallel Aspect Fusion AI: A Case Study Selected at the 2024 World Intelligent Industry Expo

Ops Development Stories

Jun 19, 2024 · Information Security

Mastering RBAC: Configure Jenkins Pipeline Permissions Step‑by‑Step

This guide explains role‑based access control (RBAC), shows how to map users to roles and permissions, and provides a complete Jenkins pipeline example—including role configuration, permission assignment, and validation—for admin, development, and operations teams.

DevOpsJenkinsPipeline

0 likes · 9 min read

Mastering RBAC: Configure Jenkins Pipeline Permissions Step‑by‑Step

360 Smart Cloud

Jun 18, 2024 · Cloud Native

Understanding eBPF: Principles, Applications, Development Process, and Sample Programs

This article introduces eBPF, explains its zero‑intrusion observability advantages, describes its architecture and runtime workflow, outlines development prerequisites and compilation steps, and provides concrete Go‑based examples for tracing bash commands and measuring TCP connection latency.

Performance MonitoringeBPFkernel

0 likes · 13 min read

Understanding eBPF: Principles, Applications, Development Process, and Sample Programs

Architecture & Thinking

Jun 18, 2024 · Fundamentals

4‑Layer vs 7‑Layer Gateways: Choosing the Right Solution for Your Network

This article explains the principles, core implementations, performance trade‑offs, and typical use cases of 4‑layer (transport‑level) and 7‑layer (application‑level) gateways, helping readers understand how each operates within the OSI/TCP‑IP models and choose the appropriate solution for their network architecture.

OSITCP/IPgateway

0 likes · 9 min read

4‑Layer vs 7‑Layer Gateways: Choosing the Right Solution for Your Network

Test Development Learning Exchange

Jun 17, 2024 · Backend Development

How to Unquote Strings in Python: eval, ast.literal_eval, and json.loads

This article explains three common methods—eval, ast.literal_eval, and json.loads—for converting quoted Python strings into executable code or data structures, outlining their advantages, disadvantages, and appropriate use cases.

String Parsingast.literal_evaldata serialization

0 likes · 5 min read

How to Unquote Strings in Python: eval, ast.literal_eval, and json.loads

Test Development Learning Exchange

Jun 17, 2024 · Fundamentals

Understanding Python's eval(): Usage, Risks, and Safer Alternatives

This article explains Python's eval() function, demonstrates basic and variable usage, highlights security risks, and presents safer alternatives such as ast.literal_eval and restricted eval implementations, providing code examples and practical recommendations for secure code execution.

Code ExecutionPythonast.literal_eval

0 likes · 5 min read

Understanding Python's eval(): Usage, Risks, and Safer Alternatives

Linux Code Review Hub

Jun 15, 2024 · Mobile Development

Scudo’s Evolution in Android 15: Optimizing Speed, Safety, and Memory Efficiency

The article examines how Android’s Scudo memory allocator has been refined over the past three years, detailing its four design goals, the cache and thread‑specific data mechanisms for fast allocation, strategies to balance safe memory release with performance, and the group‑based approach that reduces fragmentation while preserving security.

AndroidCacheMemory Allocator

0 likes · 11 min read

Scudo’s Evolution in Android 15: Optimizing Speed, Safety, and Memory Efficiency

Continuous Delivery 2.0

Jun 14, 2024 · Artificial Intelligence

AI Code Generation Tools: Benefits, Risks, and Top Choices

This article explains how AI-powered code generators create high‑quality code, outlines their capabilities such as language translation and documentation assistance, discusses safety and copyright concerns highlighted by research, and emphasizes that while popular, these tools should augment rather than replace developers.

AILLMSoftware Development

0 likes · 2 min read

AI Code Generation Tools: Benefits, Risks, and Top Choices

Open Source Tech Hub

Jun 11, 2024 · Information Security

How Windows “Best‑Fit Mapping” Enables PHP‑CGI Remote Code Execution and How to Fix It

This article explains how Windows’ Best‑Fit Mapping can cause PHP‑CGI to misinterpret query‑string characters, allowing attackers to inject malicious parameters and execute arbitrary code, and provides detailed mitigation steps including version upgrades and Apache rewrite rules.

CGIPHPVulnerability

0 likes · 7 min read

How Windows “Best‑Fit Mapping” Enables PHP‑CGI Remote Code Execution and How to Fix It

Java Tech Enthusiast

Jun 9, 2024 · Information Security

Exploring Hidden x86 CPU Instructions and Their Security Implications

The article investigates undocumented x86 opcodes, describing a depth‑first search that uses page‑faults to locate hidden instruction boundaries, and reports finding dozens of executable but undocumented instructions on Intel and AMD CPUs, highlighting potential security risks and the need for vigilant hardware analysis.

AssemblyCPUhidden instructions

0 likes · 9 min read

Exploring Hidden x86 CPU Instructions and Their Security Implications

21CTO

Jun 7, 2024 · Artificial Intelligence

Why AI Gateways Are the Next Evolution of API Gateways

AI gateways have emerged as essential infrastructure for modern AI applications, offering specialized security, load balancing, cost management, and observability that go beyond traditional API gateways, and understanding their differences and deployment considerations is crucial for developers and ops teams.

AI InfrastructureAI gatewayCost Management

0 likes · 10 min read

Why AI Gateways Are the Next Evolution of API Gateways

Architecture Digest

Jun 7, 2024 · Information Security

Implementing RSA Encryption and Decryption in Spring Boot APIs

This article explains how to secure Spring Boot API responses using RSA asymmetric encryption and digital signatures, covering RSA fundamentals, project setup, Maven configuration, key management, annotation‑driven encryption/decryption, front‑end JavaScript encryption with JSEncrypt, and practical testing steps.

RSASpring Bootapi-encryption

0 likes · 10 min read

Implementing RSA Encryption and Decryption in Spring Boot APIs

Spring Full-Stack Practical Cases

Jun 7, 2024 · Backend Development

Secure Spring Boot Actuator: Prevent Sensitive Data Exposure

This article explains how Spring Boot Actuator can unintentionally expose sensitive endpoints like /env, /configprops, and /threaddump, and provides detailed configuration and custom sanitizing techniques to protect confidential information in production environments.

ActuatorConfigurationSanitization

0 likes · 8 min read

Secure Spring Boot Actuator: Prevent Sensitive Data Exposure

ZhongAn Tech Team

Jun 4, 2024 · Databases

Elasticsearch 8.x Performance Boosts, New Features, and Migration Guide

This article details how upgrading from Elasticsearch 5.x/2.x to 8.x dramatically improves search, aggregation, and write performance while reducing storage costs, introduces vector KNN, synthetic _source, TSDS, searchable snapshots, security enhancements, and provides migration examples and code snippets for enterprise search platforms.

Data MigrationElasticsearchHybrid Ranking

0 likes · 18 min read

Elasticsearch 8.x Performance Boosts, New Features, and Migration Guide

Java Architecture Diary

Jun 3, 2024 · Information Security

Implementing Password Leak Detection in Spring Boot 3.3 with HaveIBeenPwned

This article explains how Chrome's built‑in password leak alert works and demonstrates how to integrate the same compromised‑password checking into a Spring Boot 3.3 application using the HaveIBeenPwned API, complete with code examples and screenshots.

Password Leak DetectionSpring Boothaveibeenpwned

0 likes · 2 min read

Implementing Password Leak Detection in Spring Boot 3.3 with HaveIBeenPwned

Su San Talks Tech

Jun 3, 2024 · Information Security

Mastering Access Control: 5 Core Permission Models Explained

This article introduces the five mainstream access‑control models—ACL, DAC, MAC, ABAC, and RBAC—explaining their principles, real‑world examples, drawbacks, and how RBAC can be extended and applied in practical user, role, and permission management systems.

AuthorizationRBACaccess control

0 likes · 14 min read

Mastering Access Control: 5 Core Permission Models Explained

Java Tech Enthusiast

Jun 1, 2024 · Information Security

Git CVE-2024-32002 Remote Code Execution Vulnerability Analysis

The article examines Git CVE‑2024‑32002, a remote‑code‑execution flaw that lets attackers run malicious code simply by cloning a crafted repository, exploiting Git hooks, submodules and case‑insensitive symbolic‑link tricks, and advises users to verify their Git version and update to mitigate the risk.

CVE-2024-32002GitRCE

0 likes · 9 min read

Git CVE-2024-32002 Remote Code Execution Vulnerability Analysis

macrozheng

May 30, 2024 · Backend Development

18 Essential API Design Rules Every Backend Developer Should Follow

Learn 18 essential API design rules covering signature, encryption, IP whitelisting, rate limiting, parameter validation, unified responses, exception handling, logging, idempotency, pagination, stress testing, async processing, data masking, documentation, request methods, headers, batch operations, and single‑responsibility principles for robust backend services.

api-designrate limitingsecurity

0 likes · 17 min read

18 Essential API Design Rules Every Backend Developer Should Follow

DataFunSummit

May 28, 2024 · Information Security

OPPO Application Distribution Anti‑Fraud Practices and Countermeasure Architecture

This article presents a comprehensive overview of OPPO's application distribution platform, detailing the black‑gray‑market threats it faces, the multi‑layered anti‑fraud architecture—including perception, identification, evaluation, and disposal modules—and real‑world case studies that demonstrate the effectiveness of its traffic anti‑cheat tools.

App DistributionOPPOanti-fraud

0 likes · 17 min read

OPPO Application Distribution Anti‑Fraud Practices and Countermeasure Architecture

Java Tech Enthusiast

May 28, 2024 · Information Security

Remote Code Execution Vulnerability in Git (CVE-2024-32002) Explained

Git’s CVE‑2024‑32002 is a critical remote‑code‑execution flaw where a malicious repository can exploit hooks, submodules, and symlinks on case‑insensitive file systems to inject and run attacker‑controlled scripts during a recursive clone, affecting versions up to 2.45.0 and mitigated by disabling recursive submodule fetching, avoiding untrusted clones, and updating Git.

CVE-2024-32002GitRCE

0 likes · 9 min read

Remote Code Execution Vulnerability in Git (CVE-2024-32002) Explained

Tech Architecture Stories

May 27, 2024 · Backend Development

From DNS Hacks to QUIC: Six Years of Backend Engineering Lessons at Tencent

The article recounts a Tencent engineer's six‑year journey from early DNS‑bypass tricks to modern HTTP/2 + QUIC implementations, highlighting technical challenges, security innovations, and the iterative process behind multiple promotion evaluations.

BackendHTTP2Networking

0 likes · 12 min read

From DNS Hacks to QUIC: Six Years of Backend Engineering Lessons at Tencent

dbaplus Community

May 26, 2024 · Operations

Why Operations Engineers Aren’t “Low”: Real‑World Skills and Challenges

A collection of Zhihu users’ answers reveals that operations engineers handle complex monitoring, deep Linux expertise, fire‑fighting, network security, and infrastructure management—tasks that often exceed developers’ expectations and require a broad, high‑level technical skill set.

DevOpsInfrastructuremonitoring

0 likes · 17 min read

Why Operations Engineers Aren’t “Low”: Real‑World Skills and Challenges

MaGe Linux Operations

May 25, 2024 · Cloud Native

Avoid These Common Kubernetes Pitfalls to Boost Reliability and Security

This article outlines frequent Kubernetes mistakes—such as missing resource requests, skipping health checks, using the latest image tag, over‑privileged containers, insufficient monitoring, default namespace misuse, and lack of security settings—and provides practical guidance and code examples to prevent them.

Kubernetesbest practicessecurity

0 likes · 13 min read

Avoid These Common Kubernetes Pitfalls to Boost Reliability and Security

Open Source Linux

May 24, 2024 · Fundamentals

Why IPv6 Still Matters: From Misconceptions to Real‑World Insights

This article explains how IPv6 solves IPv4 address exhaustion, outlines its unique features such as 128‑bit addressing, lack of NAT, automatic configuration via SLAAC, privacy‑focused temporary addresses, and common myths, while also discussing practical drawbacks, developer opinions, and the future of Internet connectivity.

IPv6Internet ProtocolNAT

0 likes · 19 min read

Why IPv6 Still Matters: From Misconceptions to Real‑World Insights

Liangxu Linux

May 18, 2024 · Information Security

Essential Linux Redhat Security Hardening Checklist: Accounts, SSH, Logging, and More

This guide provides a step‑by‑step hardening checklist for Red Hat AS 3/4, covering shared‑account detection, redundant‑account lock policies, root remote‑login restrictions, password complexity and lifespan, critical directory permissions, audit logging, SSH configuration, unnecessary service removal, and patch installation.

HardeningLinuxPassword policy

0 likes · 15 min read

Essential Linux Redhat Security Hardening Checklist: Accounts, SSH, Logging, and More

Open Source Tech Hub

May 17, 2024 · Information Security

How to Secure WebSocket Connections with JWT Authentication

This guide explains the security challenges of WebSocket, outlines a step‑by‑step JWT authentication flow, and presents three practical token‑passing techniques—including URL parameters, post‑connection messages, and sub‑protocols—while emphasizing the use of wss:// and safe token storage.

AuthenticationJWTToken

0 likes · 5 min read

How to Secure WebSocket Connections with JWT Authentication

Code Ape Tech Column

May 17, 2024 · Backend Development

Migrating from Fastjson to Gson: Practical Guide, Pitfalls and Solutions

This article documents a month‑long effort to replace Fastjson with Gson in Java projects, analyzing security vulnerabilities, comparing performance and features of Fastjson, Jackson and Gson, and providing detailed migration steps, code examples, and solutions to common issues such as date handling, SpringBoot integration, Swagger compatibility and numeric type conversion.

GsonJSONmigration

0 likes · 19 min read

Migrating from Fastjson to Gson: Practical Guide, Pitfalls and Solutions

vivo Internet Technology

May 15, 2024 · Information Security

Analysis of Android FileProvider, startAnyWhere, and Parcel Asymmetric Vulnerabilities and Exploitation

The article dissects three Android flaws—a misconfigured FileProvider, the privileged startAnyWhere capability, and asymmetric Parcel serialization—showing how their interaction lets an attacker hide a malicious Intent, bypass export checks, read private data, alter system settings, and gain elevated privileges, while outlining mitigation strategies.

AndroidExploitFileProvider

0 likes · 19 min read

Analysis of Android FileProvider, startAnyWhere, and Parcel Asymmetric Vulnerabilities and Exploitation

Python Programming Learning Circle

May 15, 2024 · Fundamentals

A Collection of Python Automation Scripts: Clipboard Manager, Code Quality Checker, File Integrity Verifier, Smart Trading Forecast, Image Downloader, Port Scanner, Password Manager, Email Sender, README Generator, and File Organizer

This article presents a curated set of Python automation scripts covering clipboard management, code quality analysis, file integrity verification, stock price forecasting, bulk image downloading, network port scanning, encrypted password storage, bulk email sending, README.md generation, and folder organization, each with explanations and complete source code.

data-analysisscriptssecurity

0 likes · 24 min read

A Collection of Python Automation Scripts: Clipboard Manager, Code Quality Checker, File Integrity Verifier, Smart Trading Forecast, Image Downloader, Port Scanner, Password Manager, Email Sender, README Generator, and File Organizer

php Courses

May 15, 2024 · Information Security

Detecting SQL Injection in PHP Using the Cloudmersive Security API

This guide explains how to protect PHP applications from SQL injection attacks by installing the Cloudmersive Security API client via Composer and using its content‑threat detection endpoint to scan user input, all with a free API key offering up to 800 scans per month.

APICloudmersive APIContent Threat Detection

0 likes · 3 min read

Detecting SQL Injection in PHP Using the Cloudmersive Security API

Software Development Quality

May 15, 2024 · Information Security

How APKDeepLens Scans Android Apps for OWASP Top 10 Vulnerabilities

APKDeepLens is a Python‑based tool that automatically scans Android APK files for security flaws, covering the OWASP Top 10 mobile risks and providing detailed, actionable reports for developers, pentesters, and security researchers.

APKOWASPPython

0 likes · 4 min read

How APKDeepLens Scans Android Apps for OWASP Top 10 Vulnerabilities

21CTO

May 13, 2024 · Information Security

Why Microsoft’s $1M Unrestricted Donation Boosts Rust’s Security and Ecosystem

Microsoft has pledged an unrestricted $1 million to the Rust Foundation, earmarking funds for hiring engineers, scholarship programs, and priority projects that enhance Rust’s performance, memory safety, and long‑term sustainability, while analysts highlight the broader industry shift toward secure, high‑performance languages.

MicrosoftProgramming Languagedonation

0 likes · 6 min read

Why Microsoft’s $1M Unrestricted Donation Boosts Rust’s Security and Ecosystem

IT Services Circle

May 13, 2024 · Information Security

The Hidden Costs and Ineffectiveness of CAPTCHAs

CAPTCHAs, originally designed as human‑based computation tools to block bots, have become costly, discriminatory, and largely ineffective security measures that waste billions of dollars annually while providing profit to service providers, prompting a 2024 debate on their continued use.

AI trainingCaptchaHuman Computation

0 likes · 8 min read

The Hidden Costs and Ineffectiveness of CAPTCHAs

php Courses

May 13, 2024 · Backend Development

PHP Form Data Validation and Filtering Techniques

This article explains essential PHP techniques for validating and filtering form inputs, covering required field checks, email and phone format validation, HTML tag stripping, special character escaping, and SQL injection prevention, with practical code examples for each method.

Data FilteringPHPform-validation

0 likes · 4 min read

PHP Form Data Validation and Filtering Techniques

MaGe Linux Operations

May 10, 2024 · Databases

MongoDB Config Guide: System Log, Network, Security, and Storage Settings

This article provides a comprehensive walkthrough of MongoDB's configuration file, detailing system log options, process management, network parameters, security settings, storage engine configurations, slow query profiling, replication, sharding, and mongos parameters, along with explanations of each option and recommended defaults.

ConfigurationMongoDBReplication

0 likes · 12 min read

MongoDB Config Guide: System Log, Network, Security, and Storage Settings

macrozheng

May 9, 2024 · Information Security

Why Servers Never Store Your Original Password: A Deep Dive into Secure Hashing

This article explains why servers cannot know your original password, covering the principles of password hashing, the difference between cryptographic and non‑cryptographic hash functions, the role of salts, and a Java example using SHA‑256 with salt to securely store passwords.

SHA-256cryptographyjava

0 likes · 6 min read

Why Servers Never Store Your Original Password: A Deep Dive into Secure Hashing

Efficient Ops

May 8, 2024 · Information Security

How to Detect and Recover from Linux Server Intrusions: 11 Essential Checks

This guide walks Linux operations engineers through eleven practical checks—including log inspection, user file verification, login event analysis, network traffic monitoring, and file recovery via lsof—to identify and remediate compromised machines effectively.

LinuxSysadminintrusion detection

0 likes · 7 min read

How to Detect and Recover from Linux Server Intrusions: 11 Essential Checks

Python Programming Learning Circle

May 8, 2024 · Fundamentals

A Collection of Python Automation Scripts for Clipboard Management, Code Quality, File Integrity, Stock Forecasting, Image Downloading, Port Scanning, Password Management, Email Sending, README Generation, and Folder Organization

This article presents a curated set of Python automation scripts covering clipboard monitoring, code quality analysis, file integrity verification, stock price forecasting, bulk image downloading, network port scanning, encrypted password storage, mass email sending, README.md generation, and intelligent folder organization, each illustrated with complete source code.

data-analysisfile-managementmachine-learning

0 likes · 20 min read

A Collection of Python Automation Scripts for Clipboard Management, Code Quality, File Integrity, Stock Forecasting, Image Downloading, Port Scanning, Password Management, Email Sending, README Generation, and Folder Organization

Liangxu Linux

May 6, 2024 · Information Security

Master Secure Remote Access: A Complete Linux SSH Configuration Guide

This step‑by‑step guide explains how to install, configure, and harden SSH on Linux, covering service setup, key generation, client configuration, file transfer, tunneling, ProxyJump, login banners, password‑less authentication, time/IP restrictions, fail2ban monitoring, multi‑factor authentication, ssh‑agent usage, and regular maintenance.

Fail2banLinuxRemote access

0 likes · 9 min read

Master Secure Remote Access: A Complete Linux SSH Configuration Guide

Liangxu Linux

May 4, 2024 · Operations

Mastering Linux Users and Groups: Files, Commands, and Best Practices

This guide explains Linux user and group concepts, the structure of key files like /etc/passwd and /etc/shadow, and provides detailed usage of management commands such as useradd, groupadd, newusers, passwd, chage, and related utilities.

LinuxUser Managementgroup-management

0 likes · 30 min read

Mastering Linux Users and Groups: Files, Commands, and Best Practices

Test Development Learning Exchange

Apr 30, 2024 · Information Security

Python GUI Password Generator with Tkinter and Clipboard Support

This guide explains why building your own password generator with a Tkinter graphical interface enhances security, customization, and learning, and provides a complete Python example that generates random passwords, displays them, and optionally copies them to the clipboard using pyperclip.

GUITkinterclipboard

0 likes · 5 min read

Python GUI Password Generator with Tkinter and Clipboard Support

Ops Development & AI Practice

Apr 28, 2024 · Operations

How to Run Commands as Non‑Login Users with su – No Shell Required

Learn how to use the Linux su command with the -s option to execute a single command as a non‑login user whose shell is set to /sbin/nologin or /bin/false, while preserving security and avoiding a full interactive shell session.

LinuxSystem Administrationnon-login user

0 likes · 4 min read

How to Run Commands as Non‑Login Users with su – No Shell Required

Liangxu Linux

Apr 27, 2024 · Information Security

Why Linux Needs Fewer Antivirus Tools: 5 Security Advantages Explained

Linux’s open‑source nature, robust package management, kernel‑level protections, built‑in firewall, and community‑driven security practices result in far fewer malware threats, reducing the need for traditional antivirus software and external firewalls compared to Windows, as outlined in five key reasons.

AntivirusLinuxfirewall

0 likes · 5 min read

Why Linux Needs Fewer Antivirus Tools: 5 Security Advantages Explained

MaGe Linux Operations

Apr 26, 2024 · Information Security

Secure SSH Access with Google Authenticator: Step-by-Step Linux Setup

Learn how to strengthen SSH logins by integrating Google Authenticator on Linux, covering the protocol basics, installing required packages, configuring PAM and sshd, generating secret keys, and using Android, browser, and Python clients for two‑factor authentication.

Google AuthenticatorLinuxSSH

0 likes · 9 min read

Secure SSH Access with Google Authenticator: Step-by-Step Linux Setup

Efficient Ops

Apr 25, 2024 · Information Security

How China Agricultural Bank Achieved National‑Level DevSecOps Excellence Across Five Projects

China Agricultural Bank’s five key projects—including a unified encryption platform, mobile note app, WeChat credit‑card service, open‑banking gateway, and IoT operation module—successfully passed the CAICT DevSecOps Level‑2 assessment, demonstrating advanced security capabilities and offering valuable insights into large‑scale DevSecOps implementation.

DevOpsDevSecOpsDigital Transformation

0 likes · 16 min read

How China Agricultural Bank Achieved National‑Level DevSecOps Excellence Across Five Projects

php Courses

Apr 23, 2024 · Backend Development

7 Benefits of Using PHP in Web Development

This article outlines seven key advantages of using PHP for web development, including its free open‑source nature, flexibility, scalability, built‑in security features, easy integration, strong community support, and powerful frameworks that enable rapid, reliable, and cost‑effective creation of dynamic websites and applications.

PHPWeb Developmentframeworks

0 likes · 5 min read

7 Benefits of Using PHP in Web Development

Spring Full-Stack Practical Cases

Apr 22, 2024 · Backend Development

Master Spring Boot Admin 3.2.3: Setup, Security, and Custom UI

This guide walks you through installing Spring Boot Admin 3.2.3, configuring both server and client sides, securing the dashboard with Spring Security, and customizing the UI with external links, dropdown menus, and branding.

Custom UImonitoringsecurity

0 likes · 8 min read

Master Spring Boot Admin 3.2.3: Setup, Security, and Custom UI

Goodme Frontend Team

Apr 22, 2024 · Information Security

How to Secure POS Terminals: One‑Click Remote Cleanup and Software Blocking

This article explains how to remotely diagnose and clean POS computers, monitor and automatically remove unwanted software, and enforce installation restrictions using Windows policies, hooks, and custom tools to keep terminals safe and under strict control.

Desktop controlRemote Managementsecurity

0 likes · 17 min read

How to Secure POS Terminals: One‑Click Remote Cleanup and Software Blocking

Top Architect

Apr 19, 2024 · Backend Development

Design and Implementation of a Lightweight Maven Encryption and Agent Decryption Solution for Java Backend Applications

This article analyzes the challenges of protecting Java backend code and third‑party dependencies, evaluates existing tools such as ProGuard, jar‑protect, GraalVM and core‑lib/xjar, and proposes a lightweight Maven encryption and Java‑agent decryption scheme that limits performance impact to under 5% while safeguarding intellectual property.

Backendsecurity

0 likes · 9 min read

Design and Implementation of a Lightweight Maven Encryption and Agent Decryption Solution for Java Backend Applications

php Courses

Apr 19, 2024 · Information Security

Secure File Upload: Validation, Size Checks, and Vulnerability Prevention

This article explains how to secure file uploads in web applications by validating file types, enforcing size limits, and preventing upload vulnerabilities through safe storage practices, providing PHP code examples for each protective measure.

PHPWeb Securityfile upload

0 likes · 5 min read

Secure File Upload: Validation, Size Checks, and Vulnerability Prevention

Architect's Guide

Apr 19, 2024 · Backend Development

API Gateway Design and Best Practices for Microservice Architectures

This article explains the role, core functions, design principles, and key considerations of API gateways in microservice architectures, compares popular gateway solutions, and provides guidance on achieving high performance, high availability, and scalability while ensuring security and operational efficiency.

BackendDesign PatternsScalability

0 likes · 22 min read

API Gateway Design and Best Practices for Microservice Architectures

Alibaba Cloud Native

Apr 18, 2024 · Cloud Native

What’s New in RocketMQ ACL 2.0? A Deep Dive into Features, Architecture, and Configuration

This article explains the motivations behind RocketMQ ACL 2.0, outlines its six major enhancements—including fine‑grained API permissions, flexible matching modes, and cluster‑wide access control—details the RBAC/ABAC model, authentication and authorization workflows, configuration examples, command‑line usage, and migration strategies, and discusses future planning for the access control system.

ACLAuthenticationAuthorization

0 likes · 24 min read

What’s New in RocketMQ ACL 2.0? A Deep Dive into Features, Architecture, and Configuration

Open Source Linux

Apr 18, 2024 · Information Security

Essential Linux Security Hardening Checklist for Red Hat Systems

This guide outlines a comprehensive set of security configurations for Red Hat Linux, covering shared account checks, redundant account locking, root remote login restrictions, password complexity and lifespan policies, directory permissions, logging, SSH hardening, service disabling, and patch management to ensure robust system protection.

LinuxPassword policySystem Hardening

0 likes · 22 min read

Essential Linux Security Hardening Checklist for Red Hat Systems

MaGe Linux Operations

Apr 11, 2024 · Information Security

Mastering Ansible Vault: Secure Password Management Without Interactive Prompts

This guide explains how to avoid interactive password prompts in Ansible by using Ansible Vault’s AES‑256 encryption, covering creation, viewing, editing, re‑keying, and best‑practice strategies for managing multiple vault IDs and credential passwords in automated workflows.

AnsibleDevOpsVault

0 likes · 17 min read

Mastering Ansible Vault: Secure Password Management Without Interactive Prompts

Java Tech Enthusiast

Apr 10, 2024 · Information Security

Backdoor Discovered in xz-utils for Fedora 40 and Rawhide

Red Hat’s emergency advisory (CVE‑2024‑3094) warns that malicious code was inserted into xz‑utils 5.6.0/5.6.1, creating a remote‑access backdoor that affects only Fedora 41 and Rawhide, traced to attacker JiaT75 who compromised the Tukaani project for three years before GitHub disabled the repository.

CVE-2024-3094Fedorabackdoor

0 likes · 4 min read

Backdoor Discovered in xz-utils for Fedora 40 and Rawhide

Goodme Frontend Team

Apr 10, 2024 · Frontend Development

Frontend Highlights: PNG XSS, V8 Fast Properties, React Nested Components

This roundup presents recent frontend news and curated articles covering PNG‑based XSS attacks, V8 engine optimizations, React component nesting pitfalls, engineering habits, brand‑centric design, and useful resources for developers seeking practical insights.

JavaScriptfrontendsecurity

0 likes · 5 min read

Frontend Highlights: PNG XSS, V8 Fast Properties, React Nested Components

php Courses

Apr 9, 2024 · Backend Development

How to Use PHP setcookie Function to Set Cookies

This article explains the PHP setcookie function, detailing its syntax, parameters such as name, value, expiration, path, domain, secure, and httponly, and provides multiple practical examples for setting cookies with different lifetimes and scopes, while also noting how to read them via $_COOKIE.

cookiessecuritysetcookie

0 likes · 4 min read

How to Use PHP setcookie Function to Set Cookies

php Courses

Apr 9, 2024 · Information Security

Using PHP password_hash Function for Secure Password Hashing

This article explains how to securely hash passwords in PHP using the password_hash function, describes the underlying hash concept, provides example code for hashing and verifying passwords, and highlights PHP's automatic salting and best practices for protecting user credentials.

Hashingpassword_hashpassword_verify

0 likes · 4 min read