Community

YesWeHack interview with ethical hacker gregxsunday aka Grzegorz Niedziela about Bug Bounty, in which he says “I’m paying a lot of attention to SSO or SAML flaws”

‘Feeling close to a critical vulnerability is incredibly addictive’ – YouTuber gregxsunday on the joys of Bug Bounty

L’Oréal Live Bug Bounty at LeHACK 2024

Flashback to the L’Oréal Live Bug Bounty: Watch last year’s highlights as anticipation builds for leHACK 2025

A double-clickjacking attack, exploit or vulnerability

Ultimate double-clickjacking exploit, novel HTTP/2 request tunnelling techniques, when encryption makes matters worse – ethical hacker news roundup

Signature spoofing OpenPGP

Critical signature-spoofing vulnerability in OpenPGP.js hits the headlines

GitHub screenshot

‘Airborne’ AirPlay attacks, netting $64k from deleted files, triaging AI slop – ethical hacker news roundup

Vulnerabilities affecting middleware

Middleware mayhem, Zoolander banter PoC, Malta to pardon hackers over ‘unfair’ charges – ethical hacker news roundup

YouTube email leak exploit, Great ‘Wallbleed’ of China, Burp’s overlooked ‘best feature’ – ethical hacker news roundup

Trophy for the top web hacking techniques of 2024

Top web hacking techniques of 2024, McDelivery hijack, 4D SOTA jailbreak – ethical hacker news roundup

pwnii (aka pwnwithlove), the star of this YesWeHack hunter interview, is pictured and quoted saying: “Don’t forget that a duplicate bug is a valid bug”

‘There are a lot of vulnerabilities on public programs’: pwnii’s Bug Bounty journey so far

A YesWeHack hunter interview with Bug Bounty hacker Blaklis, pictured, who talks about being “a bit of a Cro-Magnon in the way I hack”

‘Hacking is essentially about curiosity’: Blaklis on the art and science of Bug Bounty hunting

HTML code on a PC monitor to illustrate DOMPurify bypasses on an ethical hacker news roundup

DOMPurify bypasses, prompt injecting ChatGPT to shell, AI fuzz finds – ethical hacker news roundup

YesWeHack Bug bounty hunter interview: Drak3hft7 aka Simone Paganessi, who says “soft skills are as important as technical skills”

‘My best attribute is persistence – technical skills you can learn’: drak3hft7’s Bug Bounty story so far