The YesWeHack Blog

The minefield between syntaxes: exploiting syntax confusions in the wild

17 octobre 2025

Community Learn Bug Bounty Dojo Customer Stories Best Practices News

The minefield between syntaxes: exploiting syntax confusions in the wild

The minefield between syntaxes: exploiting syntax confusions in the wild

Article card image

YesWeHack marks first year of partnership with Singapore’s Government Bug Bounty Programmes

Continuous pentesting: an introduction – illustrated by charts and metrics for vulnerability management

How to find SSTI, cache poisoning, business logic vulnerabilities: methodology tips from top Bug Bounty hunters

Viking funeral for the HTTP/1.1 protocol

Why ‘HTTP/1.1 must die’, Intel exploits, C# Random hack with no maths – ethical hacker news roundup

EU flag features in a story about how the European Commission’s latest bug bounty tender was won by YesWeHack

European Commission’s latest Bug Bounty tender won by YesWeHack

Vulnerability vectors: Bug Bounty guide to race conditions

Concurrency exploits: The ultimate Bug Bounty guide to exploiting race condition vulnerabilities in web applications

Article card image

Dojo challenge #44 Hardware monitor write-up

YesWeHack authorised as a CVE Numbering Authority (CNA)

YesWeHack authorised as a CVE Numbering Authority (CNA)

Global energy services company NOV have a Bug Bounty partnership with YesWeHack

‘The unpredictability and creativity of actual threat actors’: Energy giant NOV reaps the rewards of Bug Bounty

Don't wait for threats to strike

Adopt a proactive security posture now

Harness the power of crowdsourced security to supercharge the discovery and remediation of vulnerabilities.

Book Your Discovery Call