> when was the last time you heard of a modern application backend being exploited through memory corruption, in any language?
It happens all the time, but it’s a bit hard to find because “modern application backend[s]” are usually written in Go or Python or Rust. Even so, you’ll find plenty of exploits based on getting a C or C++ library on the backend to parse a malformed file.
There is absolutely nothing special about backends in this regard except that it’s more likely that the attacker doesn’t have access to the code or binary.
It happens all the time, but it’s a bit hard to find because “modern application backend[s]” are usually written in Go or Python or Rust. Even so, you’ll find plenty of exploits based on getting a C or C++ library on the backend to parse a malformed file.