hhhh

open to bug bounty collaboration

Cooperate with 4rain and 1ue，we are able to reproduce CVE-2024-49194 Databricks JDBC RCE. kb.databricks.com/en_US/data-sou…

Apache Struts S2-067 CVE-2024-53677 cwiki.apache.org/confluence/plu… Here are the analyses of my friends t.zsxq.com/KiGZs t.zsxq.com/FuG4V

CVE-2024-10400 Tutor LMS <= 2.7.6 Unauthenticated SQL Injection

We are super proud and honored to have Xynexis International join us as our Event Partner for #OOTB Jakarta happening next month! xynexis.com #HITB #25YearsInTheBox #Jakarta #Indonesia

Bybit detected unauthorized activity involving one of our ETH cold wallets. The incident occurred when our ETH multisig cold wallet executed a transfer to our warm wallet. Unfortunately, this transaction was manipulated through a sophisticated attack that masked the signing

search to download Chrome

1. find a JavaMelody Unauth Access in hxxp://xxx/monitoring 2. explore and find /monitoring?part=processes java -Dsendgrid=SG.xxxxxxx org.apache.catalina.startup.Bootstrap start 3. test sendgrid API key GET /v3/scopes Host: api.sendgrid.com Authorization: xx

Great collaborations with Tuan Anh Nguyen⚡️ 🇻🇳 find a cool account-takeover vulnerability

thanks bugcrowd P1 warrior hoodie

#vulhub #CyberSecurity #opensource #infosec Announcing some exciting news from the Vulhub project! We've been busy making big improvements: 1⃣. Completely rebuilt our website from the ground up! Check it out: vulhub.org

SSRF + Cache Poisoning + Stored XSS = Account Takeover

很好，这次我也是受害者了...被 Alby 🐝 偷走 0.00174788 BTC($191.96)。能偷是因为这是 Alby 的托管账号。我是很震惊的，因为这鬼协议我必然是不知情的... 我猜是不是会给我发邮件通知，果然 2025/5/1 给我发了个： Updates to our Terms of Service – Please Review

After 9 months+ of cranking, cursing, and cursoring, and drawing on over 20 years experience running #HITB's Call for Papers, I bring you CFP Directory - a single system to make it easier for speakers to submit and organizers to connect and curate talks: cfp.directory

1/4 dbugs LIVE dbugs.ptsecurity.com — vulnerabilities’ home See trends, discover more, read AI summaries, have all references at hand, and your profile with all your CVEs and CVSS score on a leaderboard. ⬇️ See thread: what’s live + what’s next ⬇️

gpt-oss is out! we made an open model that performs at the level of o4-mini and runs on a high-end laptop (WTF!!) (and a smaller one that runs on a phone). super proud of the team; big triumph of technology.

“看看 etherscan都要收费”😂