Full Account takeover in Microsoft via Client-side Attack in Login Flow New detailed writeup + Full PoC video. I hope you enjoy reading! melotover.medium.com/escalating-imp… #BugBounty #bugbountytips #infosec

I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog: dirkjanm.io/obtaining-glob…

We announced the Critical Research Lab this week. And for our FIRST post, we got Jorian's: - Exploiting Web Worker XSS with Blobs Go check it out! lab.ctbb.show/research/Explo…

🚨 Next.js and the Mutated Middleware [CVE-2025-57822] - a powerful SSRF primitive enabling full control over HTTP methods, headers & URLs. See how a subtle middleware bug can result in a high-impact vulnerability: 🔗 blog.rootsys.at/posts/nextjs-a… #AppSec #Nextjs #SSRF

🧵 We just discovered critical RCE vulnerabilities in popular AI coding tools including Claude Code and Gemini CLI. The issue: These tools use OAuth for MCP (Model Context Protocol) authentication, but don't validate authorization URLs from servers.

I wrote a blog post about enumerating and testing tool usage in web applications that use LLMs: invicti.com/blog/security-…

Ever stumbled on an AEM box and thought “ok… now what?” 😏 We dropped hopgoblin — new research + tool XXE, SSRF, XSS & more (CVE-2025-54251, -54249, -54252, -54250/47/48/46). 👀 time for some crits eh? 👉 github.com/assetnote/hopg…

In a shameless effort to promote my book. I've crafted some very special vectors for you. If you like them please purchase my book to read more. amazon.com/dp/B0BRD9B3GS

I just released Flareprox 🔥 A Cloudflare based Fireprox alternative that allows you to route HTTP traffic through Cloudflare, to gain mostly unique IP Addresses, to avoid detection and blocks.

I published a writeup on three DOM XSS vulnerabilities: elmehdi.me/2025/09/26/dom…

I’ve been hunting on H1 for almost 3 years, ranked #18 in 2025, have always tried to contribute positively to the hacker community. I’ve earned around $500k in bounties and was on the road to $1M. Yet I don’t even have HSM, and I feel I haven’t been recognized as I should 1/4

كلمات الماضي ديالو وقفنا عليها من بعد سنين. And still no change in the big 2025 #GENZ212 #Morocco

Interested in Spring Boot Actuators in the context of bug bounty hunting? I wrote something - nothing new - just some insights ;) Article: dsecured.com/en/articles/sp… Retweet appreciated! Dont expect 0days or some fancy magic.

Found an RCE in Google Web Designer :) Very similar to the CSS Injection to RCE found by Bálint Magyar. sudistark.github.io/2025/09/23/RCE…

At least three people have been killed in Morocco after police opened fire on a crowd of protesters. The Gen-Z-led demonstrations are rooted in public frustration over poor healthcare, education, and public services — and fueled by anger at the government’s decision to

The watchTowr Labs team is back, providing our full analysis of the Oracle E-Business Suite Pre-Auth RCE exploit chain (CVE-2025-61882). Enjoy with us (or cry, your choice..) labs.watchtowr.com/well-well-well…

As a homage to the work of Blaklis, our Security Researcher Tomais debuts his first research post on reverse engineering a critical unauthenticated RCE in Magento (SessionReaper) CVE-2025-54236 at Searchlight Cyber: slcyber.io/assetnote-secu…

A few months ago, I began studying bug bounties extensively. I've made my list public, and you can submit links to help expand it! docs.google.com/spreadsheets/d…

curated.supply this site would make you buy something for no reason

Let's revive AEM vulnerabilities. 🧵 #BugBounty I made ($$,$$$) 5 digit bounties after reading the following blog post from Assetnote (slcyber.io) slcyber.io/assetnote-secu…