This Week's Trending Top

This Month's Trending Top

This Year's Trending Top

eagle-head
Hi everyone, I’ve been researching Content Security Policy Level 3 support in Phoenix and wanted to share my findings and a proposal for...
New
maennchen
:warning: Security advisory: Decimal DoS vulnerability A vulnerability has been published for decimal where very large exponents can cau...
New
engineeringdept
In 2026 double submit/session tokens are no longer necessary to prevent against CSRF attacks. Instead, we can use the Sec-Fetch-Site head...
New
Nicd
Following has been copied from the Erlef website: Vulnerability description Allocation of Resources Without Limits or Throttling vulnera...
New
AstonJ
Following on from part of the discussion in the Digital Nomads & Frequent Travellers (Tips/Advice/Chat) thread, I thought it might be...
New
dogweather
This may be a real beginner thing to be figuring out, but I’m working on both: Good security practices Phoenix module naming Here’s my...
New
charlesfsl
While it’s easy to identify potential guests by who speaks at conferences or is maintaining a library that’s getting some attention, thes...
New

Last Three Year's Trending Top

iarekk
Just seen this on LinkedIn, and didn’t see any threads here. Looks like a severe problem with anything running xz library (brew lists it ...
New
lawik
So this is something I am working on for a client I will reference as REDACTED, because they are :slight_smile: I’ve discussed it a fair...
New
realcorvus
Hi Elixir Forum, I’ve been working on Paraxial.io for a while now, and am excited to announce the beta is officially live! Here’s the an...
New
l3nz
You may have seen that a critical security vulnerability has been disclosed in the OTP SSH implementation that could permit an attacker t...
New
realcorvus
“Vision for a Secure Elixir Ecosystem: An Empirical Study of Vulnerabilities in Elixir Programs” was published by the ACM in April, 2022....
New
akoutmos
Howdy howdy everyone! @PJUllrich and I have built our first Pro library, Phx2Ban! Phx2Ban is a web application firewall that you can ins...
New
lawik
Another one where me and @fhunleth have gone kind of deep on a topic and I figure this information should be in the community. Findable. ...
New
BartOtten
This code assumes that get_organization_by_slug!/2 raises anEcto.NoResultsError which would be automatically converted to 404 , but you c...
New
AstonJ
Following on from this post in Do you use LittleSnitch or the equivalent on your OS? I think it might be worth us creating this thread so...
New
D4no0
I was reading about security considerations of firmware for RPIs, namely when it comes to firmware encryption when deploying to sdcard. ...
New
mattludwigs
Hello! Many of us agree that LiveView is awesome. However, using WebSockets to power most of the application introduces new security cha...
New
lawik
I don’t know if anyone else has worked with ARM TrustZone and the BEAM. I’d love to hear more if any of you have. Otherwise I’ll share no...
New
hubertlepicki
Last week I spent some time back in Rails world, and ActiveRecord in particular, and I was stunned how many keystrokes it saved me, compa...
New
axelson
Over the weekend the first CVE from the Erlang Ecosystem Foundation CNA was posted: https://cna.erlef.org/cves/cve-2025-4748.html If yo...
New

Trending Over Three Years Top

griffinbyatt
Sobelow Sobelow is a security-focused static analysis tool for the Phoenix framework. For security researchers, it is a useful tool for g...
New
pggalaviz
Hi everybody, I’m working on a new API, and digging (once again, why not?) on how to provide auth capabilities to it, I found an interes...
New
Eiji
At start some definitions: HTTPS (is a protocol for secure communication over a computer network which is widely used on the Internet) -...
New
Exadra37
Today I saw this newsletter: The interesting bit is in the clairvoyance part of the newsletter, where it reveals us a new tool to reve...
New
arnomi
I find myself quite often in the following situation. Colleague: “Elixir/Erlang is problematic because we cannot secure the VM (i.e. Bea...
New
greysteil
I’ve been looking for an open-source database of Elixir vulnerabilities, similar to The Ruby Advisory Database, The RustSec Advisory Data...
New
Rich_Morin
I’ve been watching some videos on Kry10 - a robust and secure OS for the IoT. Because Kry10 is based on the seL4 microkernel, it has a pe...
New
Qqwy
When looking on Hex or on the awesome-elixir list, it becomes clear that there are many different use authentication and management packa...
New
wolfiton
Hi everyone, Today when i opened my email I got this from github: > Security advisory GHSA-h9rv-jmmf-4pgx (moderate severity) affect...
New
voltone
Hex v0.19 released: The v0.19 release includes an important security fix to anyone accessing Hex repositories through a mirror. A bug h...
New
Exadra37
I came across this article that have some disturbing facts about using websockets from javascript in the browser for port scanning your m...
New
petecorey
Hey all, I wrote up an article this week that goes over NoSQL injection in Phoenix applications. It piggy-backs off of my last article a...
New
beno
I just spent the better part of the day figuring out why my phoenix app could authenticate through Auth0 flawlessly via Chrome and gives ...
New
koudelka
Hey Friends! I was recently watching a historical documentary about computer security in the late 80’s, the subject of the film was an e...
New
Onor.io
So lately the day job has been deploying a static checking tool for checking C# code for potential security vulnerabilities. This got me...
New
  • Follow
  • Join
  • Shape
the conversation

Latest on Elixir Forum

Elixir Forum

Similar Portals

    None added yet

We're in Beta

About us Mission Statement