| 2015-05-05 | Android Native API Hooking with Library Injection and ELF Introspection | MD | 7345 | |
| 2015-05-05 | Forcing XXE Reflection through Server Error Messages | MD | 2431 | |
| 2015-05-04 | Fuzzing nginx - Hunting vulnerabilities with afl-fuzz | MD | 9143 | |
| 2015-05-04 | XSS via window.stop() - Google Safen Up | MD | 7368 | |
| 2015-05-04 | Dynamically inject a shared library into a running process on Android/ARM | MD | 2088 | |
| 2015-04-30 | Automated Data Exfiltration With XXE | MD | 6541 | |
| 2015-04-27 | Race conditions on Facebook, DigitalOcean and others (fixed) | MD | 2535 | |
| 2015-04-27 | WordPress 4.2 Stored XSS | MD | 3534 | |
| 2015-04-25 | WordPress < 4.1.2 Stored XSS vulnerability | MD | 2509 | |
| 2015-04-24 | Java Obfuscator - Lite | MD | 6950 | |
| 2015-04-23 | Analyzing the Magento Vulnerability | MD | 3347 | |
| 2015-04-23 | plupload - Same-Origin Method Execution [Wordpress 3.9 - 4.1.1] | MD | 7433 | |
| 2015-04-22 | CRLF injection on Twitter or why blacklists fail | MD | 2421 | |
