Gowri Shankar

Cybersecurity specialist and founder of Gowri Shankar Infosec - a professional blog dedicated to sharing actionable insights on cybersecurity, data protection, server administration, and compliance frameworks including SOC 2, PCI DSS, and GDPR.

CVE-2025-13118: Critical Improper Authorization Vulnerability in macrozheng mall-swarm Exposes Order Data

by

Overview CVE-2025-13118 is a critical improper authorization vulnerability affecting macrozheng mall-swarm up to version 1.0.3. This vulnerability resides in the paySuccess function of the /order/paySuccess endpoint. Successful exploitation allows a remote attacker to manipulate the orderID argument, potentially gaining unauthorized access to order information and potentially manipulating order status. A public exploit is currently available, … Read more

Top Open Source Tools to Debug Golang Code

by

Golang (Go), developed by Google, is known for its simplicity, performance, and concurrency model. However, even the most experienced developers encounter bugs, performance issues, or unexpected behavior during development. Troubleshooting in Go requires efficient tools that can identify the root cause quickly without disrupting the workflow. During my development with Golang programming, I faced a … Read more

How to Create an Empty Array in Golang (With Examples)

by

Learn how to create an empty array in Golang using different methods. Understand the difference between arrays and slices with practical examples and best practices. In Golang (Go), arrays are one of the most fundamental data structures in any programming language, and Go (or Golang) is no exception. Understanding how to create and manage arrays … Read more

CVE-2025-43205: Apple Fixes ASLR Bypass Vulnerability in iOS, iPadOS, watchOS, tvOS, and visionOS

by

CVE-2025-43205 is a security vulnerability affecting Apple’s iOS, iPadOS, watchOS, tvOS, and visionOS operating systems. This vulnerability stems from an out-of-bounds access issue that could potentially allow a malicious application to bypass Address Space Layout Randomization (ASLR), a critical security mechanism. Technical Details The core of the vulnerability lies in an out-of-bounds access issue. This … Read more

Black Friday 2025: Maximize Your Sales and Profit This Holiday Season

by

Black Friday 2025 is not just another sales day—it’s the most critical revenue opportunity of the year for online and offline retailers. Falling on November 28, 2025, this event kicks off the global holiday shopping season and sets the tone for year-end profits. With eCommerce expanding faster than ever, mobile-first shoppers dominating traffic, and consumer … Read more

iPhone 17 Drawbacks and Disadvantages: A Practical Buyer’s Analysis

by

Apple’s iPhone 17 brings flagship features like a 120 Hz ProMotion display, upgraded dual 48 MP cameras, and the powerful A19 chip to the standard model. While these upgrades make it one of the most capable iPhones to date, it’s not without flaws. Here’s a detailed look at the drawbacks and disadvantages of the iPhone … Read more

HTTP 302 Status Code: Temporary Redirect Explained

by

Learn everything about the HTTP 302 status code (Temporary Redirect). Understand its meaning, use cases, SEO impact, examples in Apache, Nginx, PHP, and how to avoid open redirect vulnerabilities. The HTTP 302 status code is one of the most commonly encountered response codes in web development and server administration. It indicates that the requested resource … Read more

How to Search File by Name in a Linux Server

by

Learn how to search file by name in a Linux server using find, locate, and grep commands. Step-by-step examples, best practices, and tips for system administrators. When managing a Linux server, it’s common to search for files by their names whether you’re troubleshooting, locating configuration files, or tracking down logs. Fortunately, Linux offers powerful command-line … Read more

How to Convert SSH Key to PEM Format – Step-by-Step Guide for Linux

by

Learn how to convert SSH key to PEM format on Linux using ssh-keygen. Follow this step-by-step guide to safely convert your RSA 4096-bit private key for compatibility with legacy systems and applications. SSH keys are widely used for secure server access, and RSA 4096-bit keys provide strong encryption. In some cases, you may need to … Read more