🔊 Talk Announcement: "Plumbing The Plumber: A Playbook for Integration Servers" by Roll4Combat The speaker is going to explore how misconfigured integration tech like Webmethods and Oracle can lead to major recon wins. 📍Recon Village, DEF CON 33 - Aug 8-10, 2025 #InfoSec

Whenever I audit C# code, I look for benign file operations such as File.Exists(), especially if there's a preceding Path.Combine(). Read about how we leaked NTLM hashes pre-authentication in DotNetNuke (CVE-2025-52488) due to a perfect storm of issues. slcyber.io/assetnote-secu…

Wanna see a magic trick 🤓

Red, Blue, Purple AI starts TOMORROW! If you have already signed up, you'll get the zoom link today. If you haven't... what the heck are you waiting for?? arcanum-sec.com/training/red-b…

The wait is finally over! We have published the Bug Bounty Village agenda for DEF CON 33. Want to know what you can learn, who you’ll meet, and when your favorite speaker takes the stage? Check out the full lineup at bugbountydefcon.com/agenda.

If you find me at DEFCON this year I’ve got a sticker for you. Can’t wait to trade stickers with everyone !

Come hang out gang 🤘

Our Security Research team at Searchlight Cyber discovered a pre-authentication RCE vulnerability in Sawtooth Lighthouse Studio (CVE-2025-34300). It affects all versions up to 9.16.14. Read more here: slcyber.io/assetnote-secu…

Added some topics to the new course I’m building: Finding security workflows Security Prompt engineering Security Context engineering Prompt abstraction Security workflow glue - n8n, power automate, Atlassian, etc Mcp + fastapi design Benchmarking and evaluation Scaling

🐵 MonkeHacks #72 Stickers, Homelabs, Cinema #bugbountytips #hacktheplanet #BugBounty monke.ie/p/monkehacks-72

New stickers arrived!

Heading to DEF CON?  On August 9 at 1pm - 2pm, I'll be signing copies of my new book "From Day Zero to Zero Day"!  I can't wait to see you all there! 📆 Add to your calendar now: hackertracker.app/event/?conf=DE…

New MASSIVE updates to Arcanum Information Security Prompt Injection Taxonomy, based on REAL WORLD assessments, releasing around DEF CON 🤟🫶🤖

Don't miss "Referral Beware, Your Rewards Are Mine" by Whit Taylor (un1tycyb3r) on Saturday, August 9 at 03:00 PM inside the Creator Stage 5. Read more at bugbountydefcon.com/agenda #BugBounty #DEFCON33

New Episode is out! (and what a crazy one too) — youtu.be/z9sCrHTl_rM Justin is joined by Mathias Karlsson to discuss vulns associated with archives. They talk about his new tool, Archive Alchemist, explore topics like the significance of Unicode paths, symlinks, and TAR.

Wait a minute!!... Maybe the REAL goal of XBOW's marketing team is actually to get all the bug hunters arguing about whether it is legit or not, so it can keep finding MORE bugs (and climb the leaderboard), while the humans argue with each other instead of hunting🥸

I hacked an Optical Network Terminal (ONT)! This one was slightly more hardened than the usual ones, but thankfully hardware hacking expands your toolbox... spaceraccoon.dev/getting-shell-…

Big news: the Hackalong team just got bigger! xssdoctor and Vitor Falcão "busfactor" are now part of the Hackalong crew with Justin Gardner From now on we’ll have 3 sessions per month on the CTBB Discord, each one hosted by a different team member.

We are ONE WEEK away from Hacker Summer Camp 2025! Wanna know where the Arcanum team will be? Click on the image below to find out... AND Keep an eye out here for daily badge and swag drop announcements! #badgelife

I've been working on client-side stuff. Trying to make a "roadmap" for topics relevant to hackers. Im finding it harder to focus in on what to deep dive / study. Of course, learning JS is first. But as someone who feels fairly comfy with JS, where to go next is confusing 🤷‍♂️