This blog post is a follow-up to yesterday’s post: Security alert: pipdig insecure, DDoSing competitors. Firstly, to re-iterate, my accusations are as follows… pipdig did…

I love WordPress. I make my living from it. It’s no exaggeration to say that developing WordPress websites has changed my life: it provides me…

* sorry, I couldn’t help myself. Yesterday I opened my work inbox first thing to a panicked email from a client (Sutton Community Farm) labelled…

Just to confirm, my picture post guessing at a potential XSS vulnerability from over 3 hours ago proved itself to be exactly that. The vulnerability…

A security issue has come to light in FanUpdate (2.2.1 specifically but likely affects previous versions). This only affects those who are still running with…

Because you can never know too much, and it’s about time I wrote a follow-up to my PHP Script Checklist article. 1. Never include sensitive…

I’ve added a short note about Cutenews on my Unsafe PHP Scripts page.

It seems almost ironic that just the other day I was ranting about Tesco’s seemingly mediocre approach to password security, and today we hear that…

Update 31st July 2012: Welcome, new visitors from The Register, Information Age, etc. If you like this post, you may also like my related posts…

Some chick called “Safire” has republished my Safe Dynamic Includes snippet on her tutorial site. (Fingers in mouth gagging here; I thought people had stopped…

Because you can never know too much, and it’s about time I wrote a follow-up to my PHP Script Checklist article. 1. Never include sensitive…

Usually if I don’t have the time to review a script I advise people to Google for security issues. Except, with the recent problem surrounding…