Heap-buffer-overflow (Out-of-Bounds Read) in DoH hostname encoding on 04/09/2025
curl disclosed a bug submitted by reporascal_1: https://hackerone.com/reports/3324190 [...]
InfoSec Planet
A collection of diverse security content from a curated list of sources. This website also serves as a demo for "worker-planet", the software that powers it.
FREE Course Release! LIVE | AI Fundamentals | Q&A on 04/09/2025
it's just too easy on 03/09/2025
Why You Suck at Bug Bounty Hunting (And How To Fix It) on 03/09/2025
Indirect Prompt Injection Attacks Against LLM Assistants on 03/09/2025
Really good research on practical attacks against LLM agents. “Invitation Is All You Need! Promptware Attacks Against LLM-Powered Assistants in Production Are Practical and Dangerous” Abstract: The growing integration of LLMs into applications has introduced new security risks, notably known as Promptware—maliciously engineered prompts designed to manipulate LLMs to compromise t [...]
How to attract security researchers to test on my bug bounty program? by Eleanor Barlow on 03/09/2025
You asked, and we answered. At Intigriti, we’ve been paying close attention to the questions most frequently asked by those with a bug bounty program in place. That’s why we’ve launched this blog series dedicated to answering the most asked questions, diving into hot topics, and sharing practical and expert-backed strategies to help you maximize your bug bounty success. So far in this series, we h [...]
Business Logic Error Bypass of OTP Verification During Signup on hover.com on 02/09/2025
Tucows (VDP) disclosed a bug submitted by c0rvuz: https://hackerone.com/reports/3255473 [...]
Unauthenticated Sensitive Information Disclosure on CVE-2021-38314 on 02/09/2025
Mars disclosed a bug submitted by kuriyama: https://hackerone.com/reports/1452774 [...]
Bug Report #23JAN136 (subdomain takeover via shopify ) on 02/09/2025
Mars disclosed a bug submitted by kuriyama: https://hackerone.com/reports/1851895 [...]
Bug Report #23JAN135 (subdomain takeover via shopify ) on 02/09/2025
Mars disclosed a bug submitted by kuriyama: https://hackerone.com/reports/1851886 [...]
RXSS on stores on */visitorRegistration.pml via destination parameter on 02/09/2025
Mars disclosed a bug submitted by kuriyama: https://hackerone.com/reports/2189797 [...]
Order More Than Maximum Allowed Quantity on 02/09/2025
Mars disclosed a bug submitted by blackbird_azar: https://hackerone.com/reports/3185001 [...]
Account Takeover in Password Reset Function on 02/09/2025
Mars disclosed a bug submitted by egsec: https://hackerone.com/reports/3228888 [...]
1965 Cryptanalysis Training Workbook Released by the NSA on 02/09/2025
In the early 1960s, National Security Agency cryptanalyst and cryptanalysis instructor Lambros D. Callimahos coined the term “Stethoscope” to describe a diagnostic computer program used to unravel the internal structure of pre-computer ciphertexts. The term appears in the newly declassified September 1965 document Cryptanalytic Diagnosis with the Aid of a Computer, which compiled 147 l [...]
Unauthorized Blogs Creation on 02/09/2025
Lichess disclosed a bug submitted by albetisi: https://hackerone.com/reports/2130385 [...]
Hacking plugin ecosystems: A complete guide by blackbird-eu on 02/09/2025
Add-on (or plugin) ecosystems unlock an entire new world of integration possibilities while also complementing the platform's extensibility to developers. However, in practice, finding the right balance between adding extensibility and maintaining security often proves to be difficult. The root cause stems from a lack of following security best practices. Proper isolation is, for instance, never f [...]
The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft by BrianKrebs on 01/09/2025
The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many companies racing to invalidate the stolen credentials before hackers can exploit them. Now Google warns the breach goes far beyond access to Salesforce data, noting the hackers responsible also stole valid [...]
This Is Why You Are Missing Those Exploits And How To Find Them [r19.io - Hackers Behind The Code] on 01/09/2025
Incorrect Parsing of IPv6 Zone ID in curl on 01/09/2025
curl disclosed a bug submitted by 9vvert: https://hackerone.com/reports/3319767 [...]
Hackuten - A New CTF Platform Rises ... on 01/09/2025
Welcome ... to a new rat age - CheeseMaster Is LIVE! on 30/08/2025
Friday Squid Blogging: Catching Humboldt Squid on 29/08/2025
First-person account of someone accidentally catching several Humboldt squid on a fishing line. No photos, though. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. [...]
Just Hacking Training Livestream on 29/08/2025
I Don't Even Need XSS: Base Tag Injection on 29/08/2025
Baggage Tag Scam on 29/08/2025
I just heard about this: There’s a travel scam warning going around the internet right now: You should keep your baggage tags on your bags until you get home, then shred them, because scammers are using luggage tags to file fraudulent claims for missing baggage with the airline. First, the scam is possible. I had a bag destroyed by baggage handlers on a recent flight, and all the information [...]
Affiliates Flock to ‘Soulless’ Scam Gambling Machine by BrianKrebs on 28/08/2025
Last month, KrebsOnSecurity tracked the sudden emergence of hundreds of polished online gaming and wagering websites that lure people with free credits and eventually abscond with any cryptocurrency funds deposited by players. We’ve since learned that these scam gambling sites have proliferated thanks to a new Russian affiliate program called “Gambler Panel” that bills itself as [...]
The "Police" Scammed Us on 28/08/2025
The year so far: How Burp Suite DAST is leveling up enterprise security in 2025 on 28/08/2025
Enterprise security teams are under more pressure than ever to secure sprawling application estates, without slowing down delivery. That's why, over the first half of 2025, we've delivered some of our [...]
The UK May Be Dropping Its Backdoor Mandate on 28/08/2025
The US Director of National Intelligence is reporting that the UK government is dropping its backdoor mandate against the Apple iPhone. For now, at least, assuming that Tulsi Gabbard is reporting this accurately. [...]
The API Security Reality Check: Key Takeaways from Q2 2025 API ThreatStats Report by Tim Erlin on 28/08/2025
API security has never been more crucial. Vulnerabilities are growing in volume and severity. AI integrations are a burgeoning attack vector. Increasing GraphQL adoption presents hidden dangers. To protect your organization, you must secure your APIs. Keep reading for our key takeaways from the Wallarm Q2 2025 API ThreatStats report – and find out what you need to do to protect yourself. [...]
Intern projects that outlived the internship on 28/08/2025
Our business operations intern at Trail of Bits built two AI-powered tools that became permanent company resources—a podcast workflow that saves 1,250 hours annually and a Slack exporter that enables efficient knowledge retrieval across the organization. [...]
Join me in my hunt for bugs - Free courses inside ... If you earn them! on 28/08/2025
LIVE: Web Hacking | Pentesting | AppSec | Cybersecurity | AMA on 28/08/2025
I MADE THE tool you need to manage your broad scope on 27/08/2025
We Are Still Unable to Secure LLMs from Malicious Inputs on 27/08/2025
Nice indirect prompt injection attack: Bargury’s attack starts with a poisoned document, which is shared to a potential victim’s Google Drive. (Bargury says a victim could have also uploaded a compromised file to their own account.) It looks like an official document on company meeting policies. But inside the document, Bargury hid a 300-word malicious prompt that contains instructions [...]
Implement EIP-7730 today on 27/08/2025
EIP-7730 enables hardware wallets to decode transactions into human-readable formats, eliminating blind signing vulnerabilities with minimal implementation effort for dApp developers. [...]
"The entire internet is broken": ethical hacking expert John Hammond meets James Kettle on 27/08/2025
In a brand-new collaboration between ethical hacking and AppSec expert John Hammond and world-renowned security researcher James Kettle, the pair explore how tens of millions of websites are compromis [...]
What is the pattern that can be expected after going public with a bug bounty program? by Eleanor Barlow on 27/08/2025
You asked, and we answered. At Intigriti, we’ve been paying close attention to the questions most frequently asked by those with a bug bounty program in place. That’s why we’ve launched this blog series dedicated to answering the most asked questions, diving into hot topics, and sharing practical and expert-backed strategies to help you maximize your bug bounty success. In today’s blog, we take a [...]
August CTF challenge: Exploiting SSRF via NextJS Middleware by blackbird-eu on 27/08/2025
At Intigriti, we hold monthly web-based Capture The Flag (CTF) challenges as a way to engage with the security research community. This month's challenge, presented by @0xblackbird, featured an interesting server-side request forgery (SSRF) vulnerability affecting web applications that make use of the Next.js Middleware. This article provides a step-by-step walkthrough for solving the August CTF c [...]
DSLRoot, Proxies, and the Threat of ‘Legal Botnets’ by BrianKrebs on 26/08/2025
The cybersecurity community on Reddit responded in disbelief this month when a self-described Air National Guard member with top secret security clearance began questioning the arrangement they’d made with company called DSLRoot, which was paying $250 a month to plug a pair of laptops into the Redditor’s high-speed Internet connection in the United States. This post examines the histor [...]
hackers have gone TOO FAR on 26/08/2025
Encryption Backdoor in Military/Police Radios on 26/08/2025
I wrote about this in 2023. Here’s the story: Three Dutch security analysts discovered the vulnerabilities—five in total—in a European radio standard called TETRA (Terrestrial Trunked Radio), which is used in radios made by Motorola, Damm, Hytera, and others. The standard has been used in radios since the ’90s, but the flaws remained unknown because encryption algorithms used i [...]
CWE-195 in ExternalMemoryAccounter::Increase() on 26/08/2025
Node.js disclosed a bug submitted by codingthunder: https://hackerone.com/reports/3302484 [...]
CVE-2025-52882: WebSocket authentication bypass in Claude Code extensions on 26/08/2025
A critical vulnerability in older versions of the Claude Code for Visual Studio Code (VS Code) and other IDE extensions allowed malicious websites to connect to unauthenticated local WebSocket servers, potentially enabling remote command execution [...]
AWS | Self Registration Internal LibreChat : Access to internal/proprietary LLMs on 25/08/2025
AWS VDP disclosed a bug submitted by notnotnotveg: https://hackerone.com/reports/3287396 [...]
The Entire Internet is Broken on 25/08/2025
These Regex Hacks Made me $15,000+ on 25/08/2025
Stored XSS in AREA tutorials on 25/08/2025
Autodesk disclosed a bug submitted by who_am_i_: https://hackerone.com/reports/3008066 [...]
Poor Password Choices on 25/08/2025
Look at this: McDonald’s chose the password “123456” for a major corporate system. [...]
Speedrunning the New York Subway on 25/08/2025
We optimized the route for visiting every NYC subway station using algorithms from combinatorial optimization, creating a 20-hour tour that beats the existing world record by 45 minutes. [...]
Come check out my bountyplatform on 25/08/2025
Why hacking on unrealistic labs can be bad for you on 25/08/2025
Hacking on unrealistic labs on 25/08/2025
BBGMA - Full Business 2 Business Bug Bounty Methodology - Part 1 Exploration on 24/08/2025
Life in the Nordics 🌲 | Foraging Blueberries, Mushrooms & Nosework Training with Our Dogs on 24/08/2025
I have launched a bug bounty platform ... for my labs on 23/08/2025
PII Exposure via Email Confirmation Link Email Embedded in Token & Leaked via Wayback Machine on 23/08/2025
Omise disclosed a bug submitted by mantu1738: https://hackerone.com/reports/3210022 [...]
Friday Squid Blogging: Bobtail Squid on 22/08/2025
Nice short article on the bobtail squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. [...]
Prompt Injection via GitHub Patch in Brave AI Chat (Leo) on 22/08/2025
Brave Software disclosed a bug submitted by stellersjay: https://hackerone.com/reports/3086301 [...]
I’m Spending the Year at the Munk School on 22/08/2025
This academic year, I am taking a sabbatical from the Kennedy School and Harvard University. (It’s not a real sabbatical—I’m just an adjunct—but it’s the same idea.) I will be spending the Fall 2025 and Spring 2026 semesters at the Munk School at the University of Toronto. I will be organizing a reading group on AI security in the fall. I will be teaching my cybersecu [...]
Missing Security Headers on 22/08/2025
curl disclosed a bug submitted by balajidev: https://hackerone.com/reports/3310318 [...]
Try This Weekend AI Side Project! on 22/08/2025
Lesser Known Linux Persistence Mechanisms on 22/08/2025
Should you keep testing on 22/08/2025
Which tool would you pick? on 22/08/2025
What to hack on API level on 22/08/2025
How I would hack broad in less than 15 seconds on 22/08/2025
Exploiting API4 — 8 Real-World Unrestricted Resource Consumption Attack Scenarios (and How to Stop Them) by Tim Erlin on 22/08/2025
Unrestricted Resource Consumption (API4:2023) is the only threat category in the OWASP API Security Top 10 explicitly dedicated to Denial of Service (DoS) and resource abuse. But despite being just one category, attackers can exploit it in many different ways; from large file uploads and expensive GraphQL queries to abuse of metered third-party services like SMS gateways or AI/LLM APIs. These att [...]
This Bug Bounty Guide Is What You Need The Most If You Are Struggling on 22/08/2025
Easy Soldering Trick! on 21/08/2025
hack Windows before even finishing setup on 21/08/2025
Comprehensive MCP Security Checklist: Protecting Your AI-Powered Infrastructure by Sergei Lega on 21/08/2025
With innovation comes risk. As organizations race to build AI-first infrastructure, security is struggling to keep pace. Multi-Agentic Systems – those built on Large Language Models (LLMs) and Multi-Component Protocols (MCP) - bring immense potential, but also novel vulnerabilities that traditional tools weren’t designed to handle. At Wallarm, we’re closely following emerging guidance ar [...]
Weaponizing image scaling against production AI systems on 21/08/2025
In this blog post, we’ll detail how attackers can exploit image scaling on Gemini CLI, Vertex AI Studio, Gemini’s web and API interfaces, Google Assistant, Genspark, and other production AI systems. We’ll also explain how to mitigate and defend against these attacks, and we’ll introduce Anamorpher, our open-source tool that lets you explore and generate these crafted images. [...]
Live Router Hacking | IoT Hacking | Hardware Hacking on 21/08/2025
SIM-Swapper, Scattered Spider Hacker Gets 10 Years by BrianKrebs on 21/08/2025
A 20-year-old Florida man at the center of a prolific cybercrime group known as “Scattered Spider” was sentenced to 10 years in federal prison today, and ordered to pay roughly $13 million in restitution to victims. Noah Michael Urban of Palm Coast, Fla. pleaded guilty in April 2025 to charges of wire fraud and conspiracy. Florida prosecutors alleged Urban conspired with others to stea [...]
MCP vulnerability case study: SQL injection in the Postgres MCP server on 21/08/2025
Learn how vulnerability in Anthropic's reference Postgres MCP server allowed us to bypass the read-only restriction and execute arbitrary SQL statements. [...]
this symbol is LYING TO YOU on 20/08/2025
I Hacked My Way To the Red Bull F1 Races on 20/08/2025
curl leaks destination IP via glibc getaddrinfo() UDP connect, bypassing SOCKS5/Tor on 20/08/2025
curl disclosed a bug submitted by robert_min1: https://hackerone.com/reports/3306475 [...]
Curl parse_connect_to_string Heap-Overread Leading to Denial of Service via CURLOPT_CONNECT_TO on 20/08/2025
curl disclosed a bug submitted by irene1hacker: https://hackerone.com/reports/3306456 [...]
Invalid on 19/08/2025
WakaTime disclosed a bug submitted by pashaaaaaaaa: https://hackerone.com/reports/3304704 [...]
Oregon Man Charged in ‘Rapper Bot’ DDoS Service by BrianKrebs on 19/08/2025
A 22-year-old Oregon man has been arrested on suspicion of operating “Rapper Bot,” a massive botnet used to power a service for launching distributed denial-of-service (DDoS) attacks against targets — including a March 2025 DDoS that knocked Twitter/X offline. The Justice Department asserts the suspect and an unidentified co-conspirator rented out the botnet to online extortionis [...]
3 IoT Hacking Tools You Need! on 19/08/2025
WebSocket Fragmentation DoS on Curl Client on 19/08/2025
curl disclosed a bug submitted by pelioro: https://hackerone.com/reports/3303765 [...]
BloodHound can map ANYTHING on 19/08/2025
Marshal madness: A brief history of Ruby deserialization exploits on 19/08/2025
This post traces the decade-long evolution of Ruby Marshal deserialization exploits, demonstrating how security researchers have repeatedly bypassed patches and why fundamental changes to the Ruby ecosystem are needed rather than continued patch-and-hope approaches. [...]
Enumerating AWS the quiet way: CloudTrail-free discovery with Resource Explorer on 19/08/2025
Discover how attackers could quietly enumerate AWS resources via Resource Explorer, and how Datadog and AWS worked together to close the visibility gap. [...]
Email verification bypass via request to endpoint "accounts.insightly.com/signup/provisionuser" on 18/08/2025
Insightly disclosed a bug submitted by akostak: https://hackerone.com/reports/2718253 - Bounty: $750 [...]
No SPF/DMARC records on mb-cosmos.com on 18/08/2025
Malwarebytes disclosed a bug submitted by assassin_marcos: https://hackerone.com/reports/1030042 [...]
i need your help. on 18/08/2025
## Title Heap Use-After-Free Vulnerability in `curl` Leading to Potential Code Execution on 18/08/2025
curl disclosed a bug submitted by irene1hacker: https://hackerone.com/reports/3302518 [...]
Scaling your bug bounty program: strategic guidance for CISOs and cybersecurity leaders by Eleanor Barlow on 18/08/2025
If you are a CISO or cybersecurity leader looking to scale your bug bounty program but are not sure when the right time to do this is, how to do this in a way that works best for your company or want more insights into the impact scaling will have on your team, then we’ve got the tips and tricks for you! Why scale your bug bounty program at all? For security leaders, scaling a bug bounty progra [...]
Mobile Phishers Target Brokerage Accounts in ‘Ramp and Dump’ Cashout Scheme by BrianKrebs on 15/08/2025
Cybercriminal groups peddling sophisticated phishing kits that convert stolen card data into mobile wallets have recently shifted their focus to targeting customers of brokerage services, new research shows. Undeterred by security controls at these trading platforms that block users from wiring funds directly out of accounts, the phishers have pivoted to using multiple compromised brokerage accoun [...]
Intro to PowerShell in Under 30 Minutes! on 15/08/2025
Email Verification Bypass via Race Condition on 15/08/2025
Malwarebytes disclosed a bug submitted by sijojohnson: https://hackerone.com/reports/3020733 [...]
Replayable Password Change Request Across Sessions. on 15/08/2025
Malwarebytes disclosed a bug submitted by mantu1738: https://hackerone.com/reports/3269777 [...]
Rails Debug Mode Enabled On ( https://44.208.145.207/testrail/files.md5 ) on 15/08/2025
Malwarebytes disclosed a bug submitted by tarun_sec: https://hackerone.com/reports/1874836 [...]
Staff with Restricted Permissions Could Access Customer Data After Company Removal on 15/08/2025
Shopify disclosed a bug submitted by sahill_chavda: https://hackerone.com/reports/2855610 [...]
Intigriti Bug Bytes #227 - August 2025 🚀 by Intigriti on 15/08/2025
Hi hackers, Welcome to the latest edition of Bug Bytes! In this month’s issue, we’ll be featuring: Evading WAFs like Cloudflare, Akamai & AWS Cloudfront Creating your complete bug bounty automation system A powerful, targeted backup file scanner Bypassing CSP to achieve XSS via a cool trick with PDF files And so much more! Let’s dive in! INTIGRITI 0725 results are in With only 7 conf [...]