This Week's Trending
This Month's Trending
This Year's Trending
Hi everyone,
I’ve been researching Content Security Policy Level 3 support in Phoenix and wanted to share my findings and a proposal for...
New
:warning: Security advisory: Decimal DoS vulnerability
A vulnerability has been published for decimal where very large exponents can cau...
New
In 2026 double submit/session tokens are no longer necessary to prevent against CSRF attacks. Instead, we can use the Sec-Fetch-Site head...
New
Following has been copied from the Erlef website:
Vulnerability description
Allocation of Resources Without Limits or Throttling vulnera...
New
Following on from part of the discussion in the Digital Nomads & Frequent Travellers (Tips/Advice/Chat) thread, I thought it might be...
New
This may be a real beginner thing to be figuring out, but I’m working on both:
Good security practices
Phoenix module naming
Here’s my...
New
While it’s easy to identify potential guests by who speaks at conferences or is maintaining a library that’s getting some attention, thes...
New
Last Three Year's Trending
Just seen this on LinkedIn, and didn’t see any threads here. Looks like a severe problem with anything running xz library (brew lists it ...
New
So this is something I am working on for a client I will reference as REDACTED, because they are :slight_smile:
I’ve discussed it a fair...
New
Hi Elixir Forum,
I’ve been working on Paraxial.io for a while now, and am excited to announce the beta is officially live! Here’s the an...
New
You may have seen that a critical security vulnerability has been disclosed in the OTP SSH implementation that could permit an attacker t...
New
“Vision for a Secure Elixir Ecosystem: An Empirical Study of Vulnerabilities in Elixir Programs” was published by the ACM in April, 2022....
New
Howdy howdy everyone!
@PJUllrich and I have built our first Pro library, Phx2Ban! Phx2Ban is a web application firewall that you can ins...
New
Another one where me and @fhunleth have gone kind of deep on a topic and I figure this information should be in the community. Findable. ...
New
This code assumes that get_organization_by_slug!/2 raises anEcto.NoResultsError which would be automatically converted to 404 , but you c...
New
Following on from this post in Do you use LittleSnitch or the equivalent on your OS? I think it might be worth us creating this thread so...
New
I was reading about security considerations of firmware for RPIs, namely when it comes to firmware encryption when deploying to sdcard.
...
New
Hello!
Many of us agree that LiveView is awesome. However, using WebSockets to power most of the application introduces new security cha...
New
I don’t know if anyone else has worked with ARM TrustZone and the BEAM. I’d love to hear more if any of you have. Otherwise I’ll share no...
New
Last week I spent some time back in Rails world, and ActiveRecord in particular, and I was stunned how many keystrokes it saved me, compa...
New
Over the weekend the first CVE from the Erlang Ecosystem Foundation CNA was posted:
https://cna.erlef.org/cves/cve-2025-4748.html
If yo...
New
Trending Over Three Years
Sobelow
Sobelow is a security-focused static analysis tool for the Phoenix framework. For security researchers, it is a useful tool for g...
New
Hi everybody,
I’m working on a new API, and digging (once again, why not?) on how to provide auth capabilities to it, I found an interes...
New
At start some definitions:
HTTPS (is a protocol for secure communication over a computer network which is widely used on the Internet) -...
New
Today I saw this newsletter:
The interesting bit is in the clairvoyance part of the newsletter, where it reveals us a new tool to reve...
New
I find myself quite often in the following situation.
Colleague: “Elixir/Erlang is problematic because we cannot secure the VM (i.e. Bea...
New
I’ve been looking for an open-source database of Elixir vulnerabilities, similar to The Ruby Advisory Database, The RustSec Advisory Data...
New
I’ve been watching some videos on Kry10 - a robust and secure OS for the IoT. Because Kry10 is based on the seL4 microkernel, it has a pe...
New
When looking on Hex or on the awesome-elixir list, it becomes clear that there are many different use authentication and management packa...
New
Hi everyone,
Today when i opened my email I got this from github:
> Security advisory GHSA-h9rv-jmmf-4pgx (moderate severity) affect...
New
Hex v0.19 released:
The v0.19 release includes an important security fix to anyone accessing Hex repositories through a mirror. A bug h...
New
I came across this article that have some disturbing facts about using websockets from javascript in the browser for port scanning your m...
New
Hey all,
I wrote up an article this week that goes over NoSQL injection in Phoenix applications. It piggy-backs off of my last article a...
New
I just spent the better part of the day figuring out why my phoenix app could authenticate through Auth0 flawlessly via Chrome and gives ...
New
Hey Friends!
I was recently watching a historical documentary about computer security in the late 80’s, the subject of the film was an e...
New
So lately the day job has been deploying a static checking tool for checking C# code for potential security vulnerabilities. This got me...
New
Latest on Elixir Forum
Get money off!
The Pragmatic Bookshelf
35% off any eBook
Manning Publications
45% off any item
ElixirCasts
10% off for life
The Pragmatic Studio
20% off any course
AppSignal
10% off for 12 months
Honeybadger
10% off for 12 months
Simply use coupon code "devtalk.com" or "elixirforum" at checkout!
Filter by Type:
Sub Categories:
Popular Tags
- #ecto
- #liveview
- #troubleshooting
- #learning-elixir
- #deployment
- #library
- #erlang
- #testing
- #genserver
- #mix
- #absinthe
- #remote-other
- #otp
- #plug
- #how-to-question
- #macros
- #postgres
- #channels
- #elixirconf
- #exunit
- #discussion
- #javascript
- #podcasts
- #code-sync
- #onsite
- #dialyzer
- #docker
- #authentication
- #umbrella
- #full-time-contract
- #podcasts-by-brainlid
- #ecto-query
- #elixir-ls
- #phoenix_html
- #iex
- #blog-post
- #graphql
- #genstage
- #ai
- #websockets
- #supervisor
- #advent-of-code
- #elixirconf-us
- #distillery
- #processes
- #forms
- #api
- #metaprogramming
- #security
- #performance








