Those that know me or have followed me online will know I'm a massive advocate of encryption on the web. One of my goals is to help encrypt as much of the web as I can by sharing knowledge and information, building tools and services, speaking at conferences and countless other things. I see this blog post as part of that mission.
First, I find amusing that many people like to quote "if that is free, then you are the product", but when it comes to Let's Encrypt, they forget this statement and enjoy their certificates carelessly.
This article explains a strange bug in the way Gmail organizes its folders/filters based on falsifying the From field in an attacker’s email. Any email so forged automatically enters the recipients “Sent” folder — giving the false impression to the unwitting user it was an email they themselves sent.
fuxploider: File upload vulnerability scanner and exploitation tool.