Nisal Priyanka — BlogLong-form research on malware, red teaming, and offensive security.https://nisalpriyanka.dev/en-usJWT Pitfalls That Still Ship in 2026https://nisalpriyanka.dev/blog/jwt-pitfalls-2026/https://nisalpriyanka.dev/blog/jwt-pitfalls-2026/None-algorithm attacks were 'fixed' a decade ago. Here are five JWT misconfigurations I still find in production every quarter, with payloads and fixes.Tue, 14 Apr 2026 00:00:00 GMT