blog.threatdive.io

Home About

Welcome to Anon Blog's blog, enjoy!

Latest

Persistent XSS via WebSocket Injection in a Third-Party Widget 04 Feb 2026

How an unvalidated WebSocket endpoint turned into persistent XSS, opening the door for potential checkout manipulation across a merchant ecosystem.

Blog Posts