Tag
middleware-security
Safeguard articles tagged "middleware-security" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Vulnerability Management
CVE-2025-29927: inside the Next.js middleware auth bypass
A single spoofed header let attackers skip Next.js middleware entirely — CVSS 9.1, four major versions affected, exploited in the wild within days.
Jul 9, 20266 min read
Regulatory Compliance
Django CSRF protection and common session security miscon...
Django's CSRF defaults are solid, but wildcards, exempted webhooks, and reordered middleware quietly undo them. Here's where django csrf misconfiguration actually happens.
Jan 27, 20267 min read