Scott Helme
Passkeys, Permissions Policy and Bug Hunting in 1Password's WebAuthn Wrapper
Open-Sourcing passkeys-php: A Security-Focused WebAuthn Library for PHP
XSS Is Deadly for Passkeys: The Hidden Risk of Attestation None
Passkeys 101: An Introduction to Passkeys and How They Work
Anatomy of a WooCommerce Skimmer: A Technical Deep-Dive
Under Attack: Responding to the Rise of Info-Stealer Threats
Security considerations when using Passkeys on your website
Fighting an active Magecart Campaign
Amazing Refresh โ A Malicious Chrome Extension Running Malware in the Browser
Bringing in the experts; Having our Passkeys implementation Security Tested
Launching Passkeys support on Report URI! ๐๏ธ
When โOne in a Billionโ Happens Every Day: Scaling Redis at Report URI
Leverage our treasure trove of Threat Intelligence data
XSS Ranked #1 Top Threat of 2025 by MITRE and CISA
DNS-PERSIST-01; Handling Domain Control Validation in a short-lived certificate World
The European Space Agency got hacked, and now we own the domain used!
Eating Our Own Dogfood: What Running Report URI on Report URI Taught Us
Blink and you'll miss them: 6-day certificates are here!
What a Year of Solar and Batteries Really Saved Us in 2025
Report URI Penetration Test 2025
Report URI - outage update
Integrity Policy - Monitoring and Enforcing the use of SRI
CVE-2025-49844 - The Redis CVSS 10.0 vulnerability and how we responded
Capture JavaScript Integrity Metadata using CSP!
We're going High Availability with Redis Sentinel!
Automation improvements after a Tesla Powerwall outage!
OWASP ASVS 5.0.0 is here!
Trillion with a T: Surpassing 2 Trillion Events Processed!๐๐
V2: Hacking my Tesla Powerwalls to be the ultimate home energy solution!
Shorter certificates are coming!
Hacking my Tesla Powerwalls to be the ultimate home energy solution!
PCI DSS FAQ SAQ WTF BBQ...
Report URI: Launching Policy Watch and other improvements!
Let's Encrypt to offer 6-day certificates!
Updating to Pi-hole v6 and enabling HTTPS!
Stronger Than Ever: How We Turned a DDoS Attack Into a Lesson in Resilience
Let's Encrypt to end OCSP support in 2025
XSS Ranked #1 Top Threat of 2024 by MITRE and CISA