For this year’s Cybersecurity Awareness Month, GitHub’s Bug Bounty team is excited to offer some additional incentives to security researchers! The post Kicking off Cybersecurity Awareness Month 2025: Researcher spotlights and enhanced incentives appeared first on The GitHub Blog.| The GitHub Blog
How I found critical security vulnerabilities in McDonald's systems affecting millions of employees, and had to cold-call their HQ pretending to know security staff just to report them.| bobdahacker.com
I have previously blogged about the relatively new trend of AI slop in vulnerability reports submitted to curl and how it hurts and exhausts us. This trend does not seem to slow down. On the contrary, it seems that we have recently not only received more AI slop but also more human slop. The latter … Continue reading Death by a thousand slops →| daniel.haxx.se
Some months ago, while analyzing a […]| hn security
Microsoft Sets Passkeys Default for New Accounts Article Link: https://thehackernews.com/2025/05/microsoft-sets-passkeys-default-for-new.html Accenture: What We Learned When Our CEO Got Deepfaked Article Link: https://www.computing.co.uk/event/2025/accenture-what-we-learned-when-our-ceo-got-deepfaked Ghost Students Creating an ‘agonizing’ Problem for Calif. Colleges Article Link: https://www.sfgate.com/bayarea/article/ghost-students-creating-problem-calif-colleges-20311708.php AI-Dri...| Project Hyphae
Some Apache Logging Services projects, such as Log4j, are participating in the YesWeHack bug bounty program.| Apache Software Foundation - Logging Services
“If you shame attack research, you […]| hn security
A case study in using AFL++, afl-cov and basic custom harnesses to find a bug in libsoup for a public bug bounty program.| Almond Offensive Security Blog
As AI continues to evolve, so do the threats against it. As these GenAI systems become more sophisticated and widely adopted, ensuring their security and ethical use becomes paramount. 0Din is a groundbreaking GenAI bug bounty program dedicated specifically to help secure GenAI systems and beyond. In this blog, you'll learn about 0Din, how it works, and how you can participate and make a difference in securing our AI future. The post 0Din: A GenAI Bug Bounty Program – Securing Tomorrow’s ...| Mozilla Hacks – the Web developer blog
On the 18th of November I submitted a ticket to the Monero HackerOne Bug Bounty program. This is the ticket regarding ‘GarlicRust’, a vulnerability I publicly disclosed in my previous b…| Eyal Itkin
Bug bounties prioritise the non-contributor’s worldview – the quality of the strip-mined commodity – and neglect the true community view – pooled innovation and shared costs.| Meshed Insights Ltd
Introduction Users often assume that known software is free of security flaws because it has been checked by a sufficient number of tools and security testers. However, this is not an assumption that a pentester or bug hunter can afford to make. Vulnerabilities may lurk in various places, and finding an interesting bug often requires ...| research.securitum.com
See how I could perform an XSS Injection with Envato Search Field. SerHack Blog, a blog about security researcher, development and reverse engineering.| SerHack – Security Research
