Content Security Policy

• Scraping the bottom of the CORS barrel (part 1) Aug 4

• Abusing Slack's file-sharing functionality to de-anonymise fellow workspace members Oct 12