Blog

Insights, tutorials, and best practices for secure development

Security Tool Comparisons: 2026 Crash Course

Learn how different security scanning tools compare and which one is right for your project. A comprehensive crash course on security tooling.

Jan 31, 20264 min read

ai-securityllm-securitycode-generation+2 more

When LLMs Write Code: Trusting Untrusted Outputs

LLM code generation can introduce serious security flaws—from SQL injection to remote code execution. Learn why model outputs must be treated as untrusted input.

Jan 30, 20266 min read

api-keysweb-securitydevelopers+2 more

Top 11 Tools for Detecting API Key Leaks (2026)

Exposed API keys can kill projects fast. Compare the top 11 tools for detecting API key leaks in 2026 — including Betterleaks (the new Gitleaks successor), TruffleHog, GitHub secret scanning, and Gitleaks itself — with detection methods, pricing, and migration notes.

Jan 30, 202614 min read

raftersecuritylaunch+1 more

Launching Rafter: The Future of Code Security

What we built and why Rafter represents the next generation of code security scanning.

Jan 30, 20264 min read

owaspweb-securitydevelopers+2 more

Logging Failures: OWASP Top 10 (2026)

Without logging, you won't know you've been hacked. Learn how to fix security logging and monitoring failures.

Jan 30, 20264 min read

api-keysweb-securitydevelopers+2 more

RSC Vulnerabilities in Next.js: December 2025 Pt. 2

Two new React Server Components vulnerabilities affect Next.js App Router. Learn the CVEs, real impact, and exactly how to secure your app.

Jan 30, 20266 min read

ai-securityv0github+2 more

How to Run a 5-Minute Security Audit on Your v0 App (2026)

Learn how to run a free five-minute security audit on your v0 project using Rafter. Secure your AI-generated code, fix vulnerabilities fast, and ship safely.

Jan 30, 20266 min read

llm-securityplugin-securitydevelopers+2 more

When Your AI Agent Becomes the Hacker

Learn how insecure plugin and tool use in LLM apps can expose secrets, enable prompt injection, and turn your agent into an attack vector.

Jan 29, 20266 min read

api-keysweb-securitydevelopers+2 more

Why AI Projects Leak API Keys More Than Any Other Apps

AI projects are notorious for leaking API keys. Learn why OpenAI API keys and others get exposed so often, and how to keep them secure.

Jan 29, 20265 min read

securityreactvulnerability+3 more

Critical React Security Vulnerability: Upgrade Now, December 2025 (CVE-2025-55182)

React Server Components has a critical remote code execution vulnerability. Upgrade immediately to secure your applications.

Jan 29, 20265 min read

owaspweb-securitydevelopers+2 more

Insecure Design: OWASP Top 10 (2026)

Learn why insecure design flaws lead to systemic security issues and how to prevent them with threat modeling.

Jan 29, 20264 min read

securityai-securityvulnerability-detection+2 more

VulnLLM-R: The Reasoning LLM That Finds Real Vulnerabilities

VulnLLM-R is a specialized reasoning LLM for vulnerability detection. Learn how it works, why it matters, and how to use it in practice.

Jan 29, 20269 min read

Showing 157–168 of 191 posts