Hackers want transparency. Customers want progress. Bugcrowd delivers both. 🚚👏 Huge thanks to bsysop! Get to know them here: youtu.be/De2edXOn0T8?si…

Brilliant guy 🔥

When someone post something without knowing context and/or all previous years of extraordinary researches that helped make the world safer and community skilled! 🤯 For the haters, now is not only a website but a hashtag too 🤣☮️ #http1mustDie 🤟🏻

👀 Two weeks to go... The countdown to the desync endgame begins. http1mustdie.com/?ps_medium=soc…

Today was my last day at bugcrowd I will forever be proud of the work I did there, the life-long friends made, and working with the best hackers in the world! I'll always be part of Bugcrowd, and Bugcrowd will always be part of me. Love to you all ♥️

Big things brewing in Lisbon: Ethiack and my friend André Baptista are putting together a massive in person conference! It's all about hacking, security, and AI. Speakers from @hacker0x01, Bedrock Security, Lupin and more. Solid crew, great vibes. 👉🏼 hackaicon.com

Getting ready for LV Hacker Summer Camp week with Bug Bounty Village 🤟🏻🔥 #BugBounty

Congrats sw33tLie, super well deserved after a long list of contributions, tools, ideas, etc 🔥🎉🤟🏻 #BugBounty

Let’s hear it for Bugcrowd’s Top P1 Hacker of 2025… priyanshuxo! 👑👏 This title is so much more than a badge. It celebrates the quiet grind behind every critical find. Long nights, dead ends, and countless hours dissecting complex systems… all fueled by curiosity and the

At #BlackHat? Catch "HTTP/1.1 Must Die! The Desync Endgame" today at 3:20 in Oceanside A, Level 2. Hope to see you there!

🕵️‍♂️ 🎩 The desync endgame has just begun. New expert lab has just dropped. Straight from James Kettle’s #BHUSA talk: Understand the latest request smuggling techniques, sharpen your skills, unlock new bounties, and solidify your organization’s defenses with the new expert lab ⬇️

Super glad to have collaborated on James Kettle’s research this year with bsysop and Medusa. Funny enough, it all started with a random Slack DM that revealed a potential research collision with James, and things took off from there.

It was great to see you all 🤟🏻

Thanks for the transparency and support during the research Ryan Barnett (B0N3) @ hackersummercamp Akamai Security Intelligence Group

Just released a new recollapse version thanks to Ryan Barnett (B0N3) @ hackersummercamp and Angel Hacker after their talk in Black Hat today. What’s new? 💥Mode 6: Fuzz case folding/upper/lower 💥 Mode 7: Fuzz byte truncations 💥 Recollapse is now available to use as a python library and

Moving to upstream HTTP/2 slams the door on desync attacks. Binary framing eliminates the ambiguity HTTP/1.1 suffers from, reducing exploitability. In this blog, James Kettle, Director of Research at PortSwigger, outlines a clear case for replacing HTTP/1.1 with HTTP/2 to prevent