api 7

• I Can Read Everyone's Invoices (and Found a Backdoor Inside) Apr 20, 2026
• The Refresh Token That Wouldn't Die Apr 19, 2026
• It's 3 AM and I'm Creating a Thousand Invoices Apr 18, 2026
• I Just Sent XSS Payloads to the Support Team Apr 17, 2026
• When Your Internal Fields Aren't Internal: The Day I Deleted My Own Account Apr 16, 2026
• The CORS Rabbit Hole I Didn't Want to Go Down Apr 15, 2026
• 5,000 Attack Vectors Later: What I Learned From Testing Everything Apr 13, 2026