Chris Shiflett has posted about the release of the latest issue from php|architect - March 2006 - and some of the security-related content inside.
He discusses cross-site request forgeries, an attack first mentioned in php|architect back in 2003. Sadly, it remains one of the most dangerous, yet relatively unknown attacks. It deserves more attention.
Another edition of php|architect has been published. I was especially excited to read this one, because it's Ilia's first month writing Security Corner. It's nice to see a topic explained from a different point of view, and there is still too little interest in security within the PHP community. (In other words, this is a rare opportunity.)
Chris goes into more detail about the issue, noting some of the differences of opinion that he and Ilia seem to have about the finer points. There's also a pertinent secret shared about Chris' comment forms - check the post to see what it is.