Back

Tags: #security

29 May 2026
Securing a Legacy API You Can't Break or Rewrite
A security audit of a legacy PHP and CodeIgniter mobile backend: nine real flaws, a frozen API contract, and how to patch it without locking out old apps.
2 Apr 2026
Dissecting a WordPress Hack: Ghost Admins and CSS
We debugged a WordPress slot spam infection and found attackers hiding rogue admin accounts and backdoor plugins using a simple CSS override in functions.php.

Securing a Legacy API You Can't Break or Rewrite A security audit of a legacy PHP and CodeIgniter mobile backend: nine real flaws, a frozen API contract, and how to patch it without locking out old apps.