✕ Clear all filters
31 articles
▶ Videos →

📰 Dev.to · Charles Kern

31 articles · Updated every 3 hours · View all reads

All Articles 118,229Blog Posts 125,766Tech Tutorials 30,246Research Papers 23,714News 17,293 ⚡ AI Lessons
Why Cursor Keeps Hashing Passwords With MD5 (And How to Fix It)
Dev.to · Charles Kern 🔐 Cybersecurity ⚡ AI Lesson 1w ago
Why Cursor Keeps Hashing Passwords With MD5 (And How to Fix It)
TL;DR AI editors still reach for md5/sha1 to hash passwords because that is what a decade...
Why Cursor's CORS Fix Opens Your API to Any Website (CWE-942)
Dev.to · Charles Kern 1w ago
Why Cursor's CORS Fix Opens Your API to Any Website (CWE-942)
TL;DR Ask Cursor to "fix the CORS error" and you usually get a wildcard or a reflected...
Why Cursor Keeps Hardcoding Secrets in AI-Generated Code (CWE-798)
Dev.to · Charles Kern 1w ago
Why Cursor Keeps Hardcoding Secrets in AI-Generated Code (CWE-798)
TL;DR AI editors hardcode API keys, tokens, and JWT secrets straight into source because...
Ranked #1 on Google, Invisible in ChatGPT? Here's Why
Dev.to · Charles Kern 📣 Digital Marketing & Growth ⚡ AI Lesson 3w ago
Ranked #1 on Google, Invisible in ChatGPT? Here's Why
A marketing director I spoke with last month spent eighteen months and roughly $60K building out her...
IDOR in AI-Generated APIs: The Ownership Check Cursor Always Skips
Dev.to · Charles Kern 4w ago
IDOR in AI-Generated APIs: The Ownership Check Cursor Always Skips
TL;DR AI tools generate authenticated routes but routinely skip ownership validation --...
Why Ranking #1 on Google Doesn't Mean AI Cites You
Dev.to · Charles Kern 📣 Digital Marketing & Growth ⚡ AI Lesson 4w ago
Why Ranking #1 on Google Doesn't Mean AI Cites You
A marketing director I talked to recently had a problem she couldn't explain. Her company ranked on...
Why Cursor Keeps Writing MD5 for Passwords (And How to Fix It)
Dev.to · Charles Kern 🔐 Cybersecurity ⚡ AI Lesson 2mo ago
Why Cursor Keeps Writing MD5 for Passwords (And How to Fix It)
TL;DR AI editors frequently output MD5 or SHA-1 for password hashing -- both broken for...
AI-Generated APIs Have an IDOR Problem: 3 Patterns Cursor Misses
Dev.to · Charles Kern ⚡ AI Lesson 2mo ago
AI-Generated APIs Have an IDOR Problem: 3 Patterns Cursor Misses
TL;DR AI editors add authentication middleware but skip per-resource ownership checks by...
Why Cursor Keeps Writing MD5 Password Hashes (CWE-328)
Dev.to · Charles Kern 🔐 Cybersecurity ⚡ AI Lesson 2mo ago
Why Cursor Keeps Writing MD5 Password Hashes (CWE-328)
TL;DR AI editors default to MD5/SHA1 because training data is dominated by pre-2012...
3 SQL Injection Patterns Cursor Keeps Writing Into Your API
Dev.to · Charles Kern 2mo ago
3 SQL Injection Patterns Cursor Keeps Writing Into Your API
TL;DR AI editors generate SQL queries with template literals -- directly injectable,...
Prototype Pollution: What Cursor's Object Merge Code Misses
Dev.to · Charles Kern 2mo ago
Prototype Pollution: What Cursor's Object Merge Code Misses
TL;DR Cursor and Claude Code default to for...in object merge -- a CWE-1321 prototype...
Cursor Keeps Writing IDOR Into Your APIs. Here's the Fix.
Dev.to · Charles Kern 2mo ago
Cursor Keeps Writing IDOR Into Your APIs. Here's the Fix.
TL;DR AI editors generate authenticated endpoints with no ownership verification Any...
IDOR in Cursor-Generated Code: The Auth Bug Nobody Checks For
Dev.to · Charles Kern 🔐 Cybersecurity ⚡ AI Lesson 2mo ago
IDOR in Cursor-Generated Code: The Auth Bug Nobody Checks For
TL;DR AI-generated CRUD endpoints routinely skip ownership checks (CWE-639) Any...
IDOR in AI-Generated Code: What Cursor Won't Check for You
Dev.to · Charles Kern 🤖 AI Agents & Automation ⚡ AI Lesson 2mo ago
IDOR in AI-Generated Code: What Cursor Won't Check for You
TL;DR Cursor generates authenticated API routes with no ownership verification by...
IDOR in AI-Generated APIs: What Cursor Won't Check for You
Dev.to · Charles Kern 🔐 Cybersecurity ⚡ AI Lesson 2mo ago
IDOR in AI-Generated APIs: What Cursor Won't Check for You
TL;DR AI editors generate routes that fetch resources by ID with no ownership check --...
Why Cursor Skips Auth Middleware on Every Route It Generates
Dev.to · Charles Kern 2mo ago
Why Cursor Skips Auth Middleware on Every Route It Generates
TL;DR AI editors consistently generate new routes without auth middleware, even when the...
How to Fix Wildcard CORS in Cursor-Generated Code (CWE-942)
Dev.to · Charles Kern 2mo ago
How to Fix Wildcard CORS in Cursor-Generated Code (CWE-942)
TL;DR Cursor and Claude Code default to cors() with no arguments in every Express...
Why Cursor Keeps Generating Wildcard CORS -- And How to Fix It
Dev.to · Charles Kern 🔐 Cybersecurity ⚡ AI Lesson 3mo ago
Why Cursor Keeps Generating Wildcard CORS -- And How to Fix It
TL;DR AI editors almost always default to cors() with no config -- which sets...
Why Cursor Keeps Hardcoding Your API Keys (And How to Stop It)
Dev.to · Charles Kern 🔐 Cybersecurity ⚡ AI Lesson 3mo ago
Why Cursor Keeps Hardcoding Your API Keys (And How to Stop It)
TL;DR AI assistants trained on public repos reproduce hardcoded secrets because that's...
Why Cursor Generates Wildcard CORS in Every Express App
Dev.to · Charles Kern 🔧 Backend Engineering ⚡ AI Lesson 3mo ago
Why Cursor Generates Wildcard CORS in Every Express App
TL;DR Cursor almost always outputs cors() or cors({ origin: '*' }) with no origin...