This chapter explores a scenario involving an obfuscated JavaScript tweet that caused a worm-like behavior when users executed it in the console. It discusses the MySpace worm, a security engineer named Sammy, and his unexpected arrest in LA.
Scott and Wes are joined by security expert, Alex Sexton of Stripe to cover all things: client security, XSS, attack vectors, and CSP (content security policy).