One of the fun parts of doing my security audits is coming across unexpected code that looks exploitable, and trying it out myself to see what possibilities exist.
In a recent audit, I found myself asking... What if you hashed null?
https://securinglaravel.com/security-tip-what-if-you-hashed-null/