Had 4 critical vulnerabilities get resolved today for NHS England NHS England Transformation HackerOne resolved within 1 week. Nice to be able to help and ensure that client data doesn’t get exposed

Still can’t believe the company who produces ozempic who had exposed admin credentials (which worked) refused to payout or publish acknowledge it… company is worth 500 billion 😂 elite as ever, patch and say thanks moving on

It might sound impossible but the UK will very soon have lasers that shoot down missiles & drones at the speed of light. How? Because we’ve reformed military procurement to speed up projects that could’ve taken decades, to urgently get the new weapons we need to defend Britain.

Just got a duplicate for a report against my other report, what?! 🤣

Anyone have any reading recommendations on OS / PHP command injections, believe I found in a crypto exchange with a BBP program but can’t yet verify if I’m correct

Last month only critical bugs found, no bad start. 10 this week!

Found a new 0 day in an api manager, reported to the company 5 weeks ago with no reply yet. 🤦🏼‍♂️

🤯

Found an error in a smart contract, here’s hoping they respond swiftly (official program). First time I’ve tried on blockchain bug bounties

Finally got a bug bounty payout for £30k. Not bad 🤘🏼 #cybersecurityawareness #CybersecurityNews

BREAKING 🩸 $2.9 TRILLION wiped out from stocks this morning due to fears of a global recession. THE WORST DAY SINCE 2020 COVID CRASH

👀

⚠️Please take a moment to look at #CVE-2024-38036. An unauthenticated remote code execution in the Windows #TCPIP stack. Seems to be a buffer related problem handling IPv6 packets. Affecting Win10, Win11, Server 2008 - 2022. No details yet, but likely bad! msrc.microsoft.com/update-guide/v…

#CVE-2024-21733, a Tomcat HTTP Request Smuggling vulnerability, reminds me of the HeartBleed vulnerability, which had a profound impact 10 years ago. In both cases, buffer over-reading is the root cause. Attacker is overwhelmingly likely to skim sensitive data from buffer cache.

Found a old CVE in one of the largest cookie processing companies, CVE-2020-17519 (PoC) github.com/murataydemir/C… they are charging people to reject cookies… blows my mind, pay to not be tracked. Feels like that should be illegal 😂 Anyway reported & let’s see how they respond.

Proud achievement! Listed in the gov.uk acknowledgments page. …ity-reporting.service.security.gov.uk/acknowledgemen…

Merry Christmas to all! 🎄

Fascinating debate

so... forgot about this account! 😂