As the CTO of a fast-growing financial app built with PHP, I never imagined that a tiny flaw in our meticulously engineered system could open the door to attackers. But one day, a hidden vulnerability allowed hackers to exploit our high-traffic environment and drain over 70 million in just minutes. We were blindsided.

In this exclusive talk, I’ll share the untold story of how it happened, how we tracked down this elusive vulnerability, and the hard lessons we learned in the aftermath. Attendees will get a behind-the-scenes look at how these hidden threats can silently cause massive damage in financial systems and why they’re particularly dangerous in high or low-traffic applications.

Through live demos and real-world code examples, I’ll explain how race conditions work, why they’re especially risky in financial transactions, and, most importantly, how you can prevent them in your own PHP applications. This session is necessary for anyone securing online systems, especially in high-stakes environments.

If you have any application online, this is a race you don’t want to win.