I am Baptiste Parravicini: • Tech entrepreneur & API visionary • Co-founder of apidays, world's leading API conference • Passionate about AI integration & tech for the greater good Follow for insights on how APIs are connecting our future Repost for your network 🔄:

Very cool write up on a journey to getting RCE through a number of different bugs by Abdullah Nawaf (HackerX007)🇯🇴 and Godfather Orwa 🇯🇴: medium.com/@HX007/a-journ… We made a FREE hub out of it for everyone to try: app.hackinghub.io/hubs/path-to-r…

So far I have published 13 articles (862 pages) to help other professionals in the cybersecurity community: ERS 03: exploitreversing.com/2025/01/22/exp… ERS 02: exploitreversing.com/2024/01/03/exp… ERS 01: exploitreversing.com/2023/04/11/exp… MAS 10: exploitreversing.com/2025/01/15/mal… MAS 09: exploitreversing.com/2025/01/08/mal… MAS 09:

Our client base has been feeding us rumours about in-the-wild exploited SonicWall SMA n-days (CVE-2023-44221, CVE-2024-38475) for a while... Given these are now CISA KEV, enjoy our now public analysis and reproduction :-) labs.watchtowr.com/sonicboom-from…

This tiny team tricked Silicon Valley: Overhyped their AI Reached $2 BILLION valuation Invited to elite tech conferences Created mass panic among developers But one software engineer spotted a fatal flaw—and everything unraveled. Here's the outrageous story:🧵

All new lab guides All new organisation All new RAT!! FREE!! Please share this post dear rats <3 thexssrat.podia.com/ultimate-begin…

Datr cookie theft and AI leading to Facebook account takeover ($24,000) ysamm.com/uncategorized/… Two-click Facebook account takeover via FXAuth ($30,000) ysamm.com/uncategorized/… Self-XSS in Facebook payments flow leads to account takeovers ($62,500) ysamm.com/uncategorized/…

Most people will waste this weekend. Don’t be one of them. Stanford's Autumn 2025 Transformers & LLMs course. 9 lectures. Free. While others scroll, you could understand how Flash Attention achieves 3x speedup, how LoRA cuts fine-tuning costs by 90%, and how MoE makes models

Stop wasting hours trying to learn AI. 📘📚 I have already done it for you. With one list. Zero confusion. And no fluff 📹 Videos: 1. LLM Introduction: lnkd.in/dMqbaZdK 2. LLMs from Scratch: lnkd.in/dYYwEhYy 3. Agentic AI Overview (Stanford):

Forget Coursera. Forget Udemy. Forget paid guides. MIT just dropped 11 (free) guides: Get all official guides here: lnkd.in/eu2mj4aS 1. AI 101 Intro to AI concepts. Perfect for absolute beginners. Link: lnkd.in/gxvDzRZe 2. Introduction to Deep Learning Bootcamp

Want to see what top-notch security research looks like? Look no further than Jakub Domeracki's latest research, a standout contributor to the Google Cloud VRP! 🪲💪 jdsec.cloud/posts/2026-01-…

🤯A Really Awesome Guide on JavaScript Analysis for Pentesters Blog: kpwn.de/2023/05/javasc… Author: Konstantin #infosec

Throughout December 2025, we shared bite-sized bug bounty tips, techniques, and resources as part of our BugQuest2025, to help you kick off 2026 with more findings. From recon strategies and file upload bypasses to JWT attacks and CORS exploitation, we covered a wide range of

Here's one story about how Clawdbot acted maliciously and stole someone's money and took over accounts. When you give an AI tool full control of your computer, a lot of new threats emerge. opensourcemalware.com/blog/clawdbot-…

If you want to become good at system design, then learn these 12 case studies (not kidding): 1 How ChatGPT Apps Work: ↳ newsletter.systemdesign.one/p/apps-in-chat… 2 How YouTube Works: ↳ newsletter.systemdesign.one/p/youtube-syst… 3 How Google Docs Works: ↳ newsletter.systemdesign.one/p/how-does-goo… 4 How Kafka Works: ↳

404 page to RCE. A report by spaceraccoon | Eugene Lim He chained two old CVEs to achieve RCE: - Found a 404 page mentioning an obscure CMS, discovered /josso/signin login - Triggered CVE-2007-0450 (directory traversal in mod_proxy) using a %5C../ to bypass the internal proxy - Reached

🍽 Resources: Beginners Guide to Learning about Dependency Confusion. Guide: book.hacktricks.xyz/pentesting-web… Blog 1: medium.com/@alex.birsan/d… Blog 2: zego.engineering/dependency-con… #infosec

I analyze thousands of bug bounty content items every month. Less than 5% makes it to the newsletter. I distilled those curated selections down to the top 25 resources for 2026 and put them in this PDF. It includes the top platforms, tools, and people that consistently deliver

Pwning TRUfusion Enterprise again: chaining a pre-auth SSRF (CVE-2025-32355), a default password, and a path traversal (CVE-2025-59793) to gain RCE. #security rcesecurity.com/2026/02/when-a…