[clarnaskirq]

As a web programmer, for whom the majority of this article is not only new, but difficult to comprehend, it makes me yearn to improve my web security knowledge. Any pointers?

[ridiculous_leke]

I suggest going through cheatsheets on OWASP. Most of it is comprehensible to any web programmer. Here's one example:

https://cheatsheetseries.owasp.org/cheatsheets/PHP_Configura...

[ipnon]

Do some of your own hacking on hackthebox.com. It is shocking what can be done with only a week of security training by an already experienced programmer. It becomes clear that the typical software engineer doesn't give a single thought to security.

[doopy1]

You can look at the disclosed reports on hackerone and get a feel for the kind of stuff that's being exploited and how it's being addressed.

[orangepurple]

Go through each line item in the article and create a proof of concept for yourself. You will learn a lot along the way too.