a list of MCPs for infosec, if you use some add em here github.com/rootThatBox/Bu…

Cybersecurity job requirements in 2025: Entry level position: 10 years experience Must know: Every CVE since 1999 Bonus: Time travel experience preferred

Building a web3 security community infosec.ink Join the discord channel discord.gg/ugrZHAhh3S

Graph of Web3 security gap

Read “Unauthenticated Kibana Dashboard Access — A Serious Security Risk You Can’t Ignore“ by Pratik Dabhi on Medium: infosecwriteups.com/unauthenticate… #bugbounty #infosec #hacking

I once found a critical on a public bug bounty program just by viewing the source code of a page, here's what happened👇 1. Target implemented a feature allowing users to post private images on their profile 2. images were publicly accessible by URLs leaking in the html source💰

Bugbounties are easy af

AI is coming for bug bounty hunters, they say. Cool. But maybe get Grammarly to fix your writeups first.

If you need motivation for it then don't do it

It's 2025, knowledge is free and more accessible than ever. stop getting tricked into buying a course 😂

Imagine being so bored that you run cat ./stealerlogs/* >>new_16_B_leak.txt And then release an article of 16 billion credentials leaked And tell people that this "breach" is so new even the people releasing it don't have exact sources 😂

New Web3 Hack👇 pump.foundatlon account is compromised and scamming web3 users, by talking about a fake pump.fun airdrop, look at how beautifully they're trying to scam people by using @x's article feature😍 and also have created 697 Posts so far mentioning potential web3 users

The problem with bugbounty platforms banning researchers without accurate reasonability is that, at the end it's the customer of the platform that suffers along with the researchers simply due to bad decision making of the platform

Lets understand why this is a clickbait - How links get indexed? links shared on public platforms are hit by crawlers, nothing was actually leaked here these links were shared publicly (that's how crawlers accessed it) Fix: adding an meta noindex html tag in these links

Since Apple doesn’t care, I don’t care either. Here are the details of an address bar spoof vulnerability in Safari on Mac using custom cursor overlap - Apple said it’s *not* a vulnerability. github.com/RenwaX23/X/blo…

Heard cloud services were down so I came to check