Before launch, Perplexity hired us to test the security of Comet, their AI browser assistant. We demonstrated how four prompt injection techniques could extract users' private information from Gmail. 🧵

infosecwriteups.com/hacking-micros… This is the longest and most in-depth article I’ve published on Medium so far. It covers IIS and ASP dotNET vulnerabilities from absolute basics to advanced techniques. Even if you have zero background in IIS, you’ll be able to understand the fundamentals

4 months is doable

I wish I knew this earlier. There is a website that shows you what CSP bypasses are possible by pasting the CSP policy in it. cspbypass.com Basically you can lookup vulnerable 3rd party JS libs and SDKs from the whitelisted CSP sources #bugbountytips #bugbounty

🚨To everyone in the HackingHub community: we want your honest feedback. What’s working? What’s not? What courses should exist? Survey takes 2 min + raffle entry. 👉 forms.gle/2KSMehv8XKHZPb…

🥲

🔥 Took the Month of AI Bugs wreckage and turned it into a paper - AI Kill Chain 🧨 - Test cases and exploit chains (data exfil, rce, zombies!) - AgentHopper (a working AI virus for coding agents) 🦠 - SpAIware - Normalization of Deviance in AI zenodo.org/records/187692…

🐧NEW: Linux for Hackers Fundamentals just got a massive update! Led by @JohnHammond, we’ve added 3 powerful new modules: ✅ Sed ✅ Awk ✅ Vim That’s 2 hours of fresh content to level up your skills. Get 40% OFF today. Use Code: Linux2026 Get Started: hhub.io/Linux2026

NEW: Linux for Hackers Fundamentals just leveled up!🚀 We’ve updated one of our most popular courses with our very own @JohnHammond. We’ve added 3 powerful new modules: Sed - Awk - Vim  That’s 2 hours of fresh content! 🔥 Get 40% OFF today 🎟️Use Code: Linux2026

Everyone who wants to learn: 1️⃣ XSS ↪️ SSRF 🤔 OWASP 🪟 DOM XSS 🔐 Auth bypass 💉 SQL injection 📁 File upload vulns 📦 GraphQL Hacking 🧰 Burp Suite Mastery 🧠 Business Logic Flaws 💔 Broken Access Control 🏴‍☠️ Real Exploit Techniques 💥 Much, much, much, more I hope you found

Hot take: watching cybersecurity content ≠ building cybersecurity skill. You don’t learn to think like an attacker by memorizing slides, you learn by breaking things safely, getting stuck, and debugging your way out. That’s why HackingHub labs mimic real-world environments,

AI has opened a door for people like me who don’t understand reverse engineering. By combining it with MCP, I can at least perform the most basic analysis. The results aren’t perfect, but they’re still far better than what I could ever do on my own. blog.huli.tw/2026/03/01/en/…

🚨 KNOXSS GIVEAWAY March 2026 ✅ Follow us ✅ Like and share this 🎁 Prize: KNOXSS Pro for 1 Month 🏆 Results: March 6th (3 winners) Want to find some vulns? Get one of our plans and test for #XSS consistently. Sign up now! 😀 knoxss.pro #BugBounty #PenTesting

Still didn't hit play? 👀 Consider this your reminder. The 3.5-hour Bug Bounty Masterclass is live on YouTube. YES. Completely for free. Featuring Nagli (The $1M+ bounty hunter) walking through his actual methodology. 👉 youtube.com/watch?v=G3t1Jk…

My analysis on the US-Iran War: youtu.be/jIS2eB-rGv0?si…

APIs make everything possible when it comes to AI, but devs always get security wrong! I'm doing a 2026 guide/workshop to API hacking for those who missed me at the DEFCON Red Team Village last year. But even if you were there, I've added some new stuff on hacking AI

commas(,) are the new em dashes(--) of llms

AuthN/Z is always a #security minefield & MCP adds even more complexity with agents, remote servers, and transitive trust. This Teleport -sponsored deep dive breaks down attack vectors & why each step is a potential trust boundary. 🔗 blog.doyensec.com/2026/03/05/mcp… #doyensec #ai

Papa Johns Pizza (2.3 miles from the Pentagon) is experiencing an extreme spike in activity, reaching 244%. District Pizza Palace (1.0 miles from Pentagon) is also spiking at 137%. DOUGHCON level is 2 as of Sunday evening.

BREAKING: While a new War for Oil erupts in the Middle East A Physics Paper just quietly dropped TODAY that will eventually make Oil, and the entire current Energy Industry, irrelevant. Ushering in the era of Zero-Point Energy Harold "Sonny" White, PhD Here is the breakthrough🧵