At BlueHat Asia, Spandan Pokhrel (Spandan Pokhrel ), Independent Security Researcher & Web Pentester, revealed how subtle flaws in OAuth social login flows can lead to devastating account takeovers, even in major platforms. Highlights from Spandan’s talk: ➤ Social logins & OAuth:

We are thrilled to welcome Sandeep Singh AKA Geekboy Co-Founder & CTO at ProjectDiscovery , to the BSides Mussoorie 2026 Review Board! 🏔️🚀 Sandeep’s journey is nothing short of inspiring from starting out as an Independent Security Researcher, to advancing global

🚨 Speaker Announcement! 🚨 We’re beyond excited to welcome Abdullah ( Abdullah Nawaf (HackerX007)🇯🇴 ) Nawaf as a speaker for Security BSides Mussoorie 2026! 🎤✨ A Full-Time #BugBounty Hunter and P1 Specialist, Abdullah has reported 200+ Critical vulnerabilities and uncovered 15+ 0-days on

🚨Speaker Announcement! 🚨 We’re beyond excited to welcome Orwa Atayat (Godfather Orwa 🇯🇴 ) as a speaker for Security BSides Mussoorie 2026 ! 🎤✨ From starting at zero to dominating global bug bounty leaderboards on Multiple BugBounty Platforms. His journey is a powerful

#bluehatasia2025

Radhe Krishna ❤️ 15 minutes 😍 $$$$ What a great team! 💪 I reported a P1 bug, and they fixed it within 15 minutes — then made the payment immediately. 🔥😍 Super professional and responsive — love working with teams like this! #BugBounty #InfoSec

Radhe Krishna ❣️ Bounty Happy to secure 🔐 ✅ #web #Vulnerability #bugbounty

Radhe Krishna ❣️ Bounty I earned $$$ for my submission on @bugcrowd bugcrowd.com #ItTakesACrowd

Radhe Krishna everyone! 🙏💫 We’re excited to invite you all to join the BSides Mussoorie community 💬 discord.com/invite/nkPdQDv… linkedin.com/company/bsides… instagram.com/bsidesmussoori… bsidesmussoorie.in Let’s build something amazing together. See you there! 🚀🔐Security Bsides Mussoorie

🎉 The Wait Is Over! We are excited to announce the six winners of our giveaway! Congratulations to all the winners , you will receive a direct message shortly with the next steps to claim your hoodie. Thank you to everyone who participated! 🙌 For those who didn’t win this

🚨 Speaker Announcement! 🚨 We’re thrilled to welcome nikhil(niks) Mr. Nikhil Shrivastava as a speaker for Security BSides Mussoorie 2026! 🎤✨ Nikhil is the Founder of Security BSides Ahmedabad, Board of Advisor at RiskProfiler , and a globally recognized speaker who has

Guys! our early bird tickets #sale is live now check this at bsidesmussoorie.in/passes Group Discount on 4 or more tickets is 5% we have limited number of early bird tickets, Grab yours.

Thank you bugcrowd for this post about the #Founder of Security Bsides Mussoorie Sharik Khan

The Amr Elsagaei's JWT Analyzer @caido plugin is super cool. It will decode the JWT for you and let you try common attack vectors.

Tips to find bugs in AI products (Mindset) . . #bugbounty #Tips #StudentSuccess #retweet

🚨Alert🚨:Critical RSC Bugs in React and Next.js Allow Unauthenticated Remote Code Execution(CVE-2025-55182&CVE-2025-66478) 🔥PoC : github.com/ejpir/CVE-2025… github.com/BankkRoll/Quic… 🧐Detail : wiz.io/blog/critical-… ----------------------------------------- CVE-2025-55182(CVSS

Update on CVE-2025-66478 (React2Shell): An npm package has been released to scan and update affected Next.js apps. Use `npx fix-react2shell-next` to update to patched versions. All users should update as soon as possible. More details our blog: nextjs.org/cve-2025-66478

Radhe Krishna ❣️ Bounty $$$$ Happy to secure 🔐 ✅ #Vulnerability #bugbounty

Radhe Krishna ❣️ Bounty Happy to secure 🔐 ✅ #Vulnerability #bugbounty

Many people will be offended by me, but the Web2 security space has become shitty, with people still selling and buying courses that teach basic IDORs in the age of AI. Also, flexing about those swags won't take you anywhere, my friends.