How To Not Get Hacked: Uncovering Web Vulnerabilities

About this talk

Security is often treated as someone else's problem — until it becomes everyone's problem. In this talk at DevBCN 2026 at the World Trade Center in Barcelona, we challenge the assumption that security falls outside the developer's remit by walking through real-world breaches from major companies and showing, through a live demo, how a web application can be compromised step by step. The session distils practical steps every JavaScript developer can take to reduce risk and ship safer apps without becoming a security specialist.

Key takeaways

• Why security is a frontend concern, not just a backend or ops concern
• Real-world breach case studies and what went wrong at the code level
• A live exploit walkthrough — seeing a real attack from the attacker's perspective
• Practical, low-effort security controls every JavaScript developer should adopt