Bug Bounty and Cybersecurity Updates: YesWeHack News Hub

Viking funeral for the HTTP/1.1 protocol

Why ‘HTTP/1.1 must die’, Intel exploits, C# Random hack with no maths – ethical hacker news roundup

Read More ->

Why ‘HTTP/1.1 must die’, Intel exploits, C# Random hack with no maths – ethical hacker news roundup

Read More ->

EU flag features in a story about how the European Commission’s latest bug bounty tender was won by YesWeHack

US court ruling on Uber breach slammed, red teamers cautious on AI, OffSec offers ‘strategic edge’ – OffSec roundup for CISOs

Read More ->

US court ruling on Uber breach slammed, red teamers cautious on AI, OffSec offers ‘strategic edge’ – OffSec roundup for CISOs

Read More ->

YesWeHack completes first-ever acquisition with purchase of Sekost, French cybersecurity audit specialist

Read More ->

YesWeHack completes first-ever acquisition with purchase of Sekost, French cybersecurity audit specialist

Read More ->

Disk cache in the context of a nonce CSP bypass

Nonce CSP bypass using disk cache, ‘quiet side channel’ for request smuggling, Amazon Q and the malicious pull request – ethical hacker news roundup

Read More ->

Nonce CSP bypass using disk cache, ‘quiet side channel’ for request smuggling, Amazon Q and the malicious pull request – ethical hacker news roundup

Read More ->

Chunked-body parsing flaws, making self-XSS great again, using HTTP redirect loops to achieve non-blind SSRFs – ethical hacker news roundup

Read More ->

Chunked-body parsing flaws, making self-XSS great again, using HTTP redirect loops to achieve non-blind SSRFs – ethical hacker news roundup

Read More ->

Robot gazes satisfyingly at the ladybird he has found – signifying discovery of security bugs by AI models

OpenAI VDP for bugs found by AI, CVE funding fears persist, ‘shift left’ towards vulnerability overload – OffSec roundup for CISOs

Read More ->

OpenAI VDP for bugs found by AI, CVE funding fears persist, ‘shift left’ towards vulnerability overload – OffSec roundup for CISOs

Read More ->

A double-clickjacking attack, exploit or vulnerability

Ultimate double-clickjacking exploit, novel HTTP/2 request tunnelling techniques, when encryption makes matters worse – ethical hacker news roundup

Read More ->

Ultimate double-clickjacking exploit, novel HTTP/2 request tunnelling techniques, when encryption makes matters worse – ethical hacker news roundup

Read More ->

News

Cyber budgets still growing (but not fast enough), ‘AI and automation are operational imperatives’, the real-world impact of boosting Bug Bounty rewards – OffSec roundup for CISOs

MINDEF Launches Next Bug Bounty Programme with YesWeHack

YesWeHack marks first year of Bug Bounty partnership with Singapore government

Why ‘HTTP/1.1 must die’, Intel exploits, C# Random hack with no maths – ethical hacker news roundup

Why ‘HTTP/1.1 must die’, Intel exploits, C# Random hack with no maths – ethical hacker news roundup

European Commission’s latest Bug Bounty tender won by YesWeHack

European Commission’s latest Bug Bounty tender won by YesWeHack

YesWeHack authorised as a CVE Numbering Authority (CNA)

YesWeHack authorised as a CVE Numbering Authority (CNA)

Why ‘HTTP/1.1 must die’, Intel exploits, C# Random hack with no maths – ethical hacker news roundup

US court ruling on Uber breach slammed, red teamers cautious on AI, OffSec offers ‘strategic edge’ – OffSec roundup for CISOs

US court ruling on Uber breach slammed, red teamers cautious on AI, OffSec offers ‘strategic edge’ – OffSec roundup for CISOs

YesWeHack completes first-ever acquisition with purchase of Sekost, French cybersecurity audit specialist

YesWeHack completes first-ever acquisition with purchase of Sekost, French cybersecurity audit specialist

Nonce CSP bypass using disk cache, ‘quiet side channel’ for request smuggling, Amazon Q and the malicious pull request – ethical hacker news roundup

Nonce CSP bypass using disk cache, ‘quiet side channel’ for request smuggling, Amazon Q and the malicious pull request – ethical hacker news roundup

US court ruling on Uber breach slammed, red teamers cautious on AI, OffSec offers ‘strategic edge’ – OffSec roundup for CISOs

Chunked-body parsing flaws, making self-XSS great again, using HTTP redirect loops to achieve non-blind SSRFs – ethical hacker news roundup

Chunked-body parsing flaws, making self-XSS great again, using HTTP redirect loops to achieve non-blind SSRFs – ethical hacker news roundup

OpenAI VDP for bugs found by AI, CVE funding fears persist, ‘shift left’ towards vulnerability overload – OffSec roundup for CISOs

OpenAI VDP for bugs found by AI, CVE funding fears persist, ‘shift left’ towards vulnerability overload – OffSec roundup for CISOs

Ultimate double-clickjacking exploit, novel HTTP/2 request tunnelling techniques, when encryption makes matters worse – ethical hacker news roundup

Ultimate double-clickjacking exploit, novel HTTP/2 request tunnelling techniques, when encryption makes matters worse – ethical hacker news roundup

Chunked-body parsing flaws, making self-XSS great again, using HTTP redirect loops to achieve non-blind SSRFs – ethical hacker news roundup

Products

Researchers

Resources

Company

Follow us