Latest Posts

W3C – CSS Validator XXE

**security-research** Public # W3C – CSS Validator XXE ## Package ## Affected versions ## Patched versions ## Description ### Summary All versions of W3C CSS validator are vulnerable to XXE….

CSPT Resources

# CSPT Resources 27 Mar 2025 – Posted by Maxence Schmitt As a follow up to Maxence Schmitt’s research on **Client-Side Path Traversal (CSPT)**, we wanted to encourage researchers, bug….

AIs as Trusted Third Parties

This is a truly fascinating paper: “Trusted Machine Learning Models Unlock Private Inference for Problems Currently Infeasible with Cryptography.” The basic idea is that AIs can act as trusted third….