InfoSec Planet
A collection of diverse security content from a curated list of sources. This website also serves as a demo for "worker-planet", the software that powers it.
My Courses Are Retiring .... ! on 01/04/2025
The /reports/:id.json endpoint discloses potentially sensitive user attributes when reporter summary is present on 01/04/2025
HackerOne disclosed a bug submitted by avinash_: https://hackerone.com/reports/3000510 - Bounty: $25000 [...]
Cell Phone OPSEC for Border Crossings on 01/04/2025
I have heard stories of more aggressive interrogation of electronic devices at US border crossings. I know a lot about securing computers, but very little about securing phones. Are there easy ways to delete data—files, photos, etc.—on phones so it can’t be recovered? Does resetting a phone to factory defaults erase data, or is it still recoverable? That is, does the reset erase [...]
TCM Security - SOC 101 (10+ Hours of Content!) on 31/03/2025
I Scanned 100,000+ Subdomains For CVE-2025-29927 on 31/03/2025
Welcome to the next generation of Burp Suite: elevate your testing with Burp AI on 31/03/2025
At PortSwigger, we believe AI has the power to transform penetration testing - not by replacing human testers, but by augmenting them. With the release of Burp Suite Professional 2025.2, we’re introdu [...]
Unsolved Challenge: Why API Access Control Vulnerabilities Remain a Major Security Risk by Tim Erlin on 31/03/2025
Despite advancements in API security, access control vulnerabilities, such as broken object-level authentication (BOLA) and broken function-level authentication (BFLA), remain almost impossible to detect. This blog will explore why these vulnerabilities are so difficult to detect, the limitations of current security tools, and the implications for businesses relying on API-driven applications [...]
The Signal Chat Leak and the NSA on 31/03/2025
US National Security Advisor Mike Waltz, who started the now-infamous group chat coordinating a US attack against the Yemen-based Houthis on March 15, is seemingly now suggesting that the secure messaging service Signal has security vulnerabilities. "I didn’t see this loser in the group," Waltz told Fox News about Atlantic editor in chief Jeffrey Goldberg, whom Waltz invited to the [...]
How Each Pillar of the 1st Amendment is Under Attack by BrianKrebs on 31/03/2025
“Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.” -U.S. Constitution, First Amendment. Image: Shutterstock, zimmytws. In an address to Congress this month, Preside [...]
Friday Squid Blogging: Squid Werewolf Hacking Group on 28/03/2025
In another rare squid/cybersecurity intersection, APT37 is also known as “Squid Werewolf.” As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. [...]
The Most Common Mistakes New SOC Analysts Make on 28/03/2025
We're Hosting a Conference on 28/03/2025
No rate limiting on form[register] on 28/03/2025
Informatica disclosed a bug submitted by growler09: https://hackerone.com/reports/2583500 [...]
AIs as Trusted Third Parties on 28/03/2025
This is a truly fascinating paper: “Trusted Machine Learning Models Unlock Private Inference for Problems Currently Infeasible with Cryptography.” The basic idea is that AIs can act as trusted third parties: Abstract: We often interact with untrusted parties. Prioritization of privacy can limit the effectiveness of these interactions, as achieving certain goals necessitates sharing pr [...]
Understanding CVE-2025-29927: The Next.js Middleware Authorization Bypass Vulnerability on 28/03/2025
Learn how the Next.js middleware authorization bypass vulnerability works, and how to detect and remediate it. [...]
Get Faster on the Linux Terminal with zoxide! on 27/03/2025
New security requirements adopted by HTTPS certificate industry on 27/03/2025
Posted by Chrome Root Program, Chrome Security Team The Chrome Root Program launched in 2022 as part of Google’s ongoing commitment to upholding secure and reliable network connections in Chrome. We previously described how the Chrome Root Program keeps users safe, and described how the program is focused on promoting technologies and practices that strengthen the underlying security assurances [...]
Cloudflare WAF Bypass - Origin IP Exposure on 27/03/2025
Hemi VDP disclosed a bug submitted by aaravhex: https://hackerone.com/reports/2991326 [...]
When Getting Phished Puts You in Mortal Danger by BrianKrebs on 27/03/2025
Many successful phishing attacks result in a financial loss or malware infection. But falling for some phishing scams, like those currently targeting Russians searching online for organizations that are fighting the Kremlin war machine, can cost you your freedom or your life. The real website of the Ukrainian paramilitary group “Freedom of Russia” legion. The text has been machine-tran [...]
HTTP Response Header Injection in shopify/pitchfork + Rack 3 on 27/03/2025
Shopify disclosed a bug submitted by ooooooo_q: https://hackerone.com/reports/2279572 - Bounty: $800 [...]
A Taxonomy of Adversarial Machine Learning Attacks and Mitigations on 27/03/2025
NIST just released a comprehensive taxonomy of adversarial machine learning attacks and countermeasures. [...]
LIVE: WordPress Intrusion | Cybersecurity | Blue Team | AMA on 27/03/2025
Titan Security Keys now available in more countries on 26/03/2025
Posted by Christiaan Brand, Group Product ManagerWe’re excited to announce that starting today, Titan Security Keys are available for purchase in more than 10 new countries:IrelandPortugalThe NetherlandsDenmarkNorwaySwedenFinlandAustraliaNew ZealandSingaporePuerto RicoThis expansion means Titan Security Keys are now available in 22 markets, including previously announced countries like Austria, Be [...]
this MP3 file is malware on 26/03/2025
AI Agents and API Security: The Hidden Risks Lurking in Your Business Logic by Sergei Lega on 26/03/2025
Modern organizations are becoming increasingly reliant on agentic AI, and for good reason: AI agents can dramatically improve efficiency and automate mission-critical functions like customer support, sales, operations, and even security. However, this deep integration into business processes introduces risks that, without proper API security, can compromise sensitive data and decision-making. [...]
AI Data Poisoning on 26/03/2025
Cloudflare has a new feature—available to free users as well—that uses AI to generate random pages to feed to AI web crawlers: Instead of simply blocking bots, Cloudflare’s new system lures them into a “maze” of realistic-looking but irrelevant pages, wasting the crawler’s computing resources. The approach is a notable shift from the standard block-and-defend st [...]
Null Pointer Dereference by Crafted Response from AI Model on 26/03/2025
Brave Software disclosed a bug submitted by canalun: https://hackerone.com/reports/2958097 - Bounty: $100 [...]
Detecting NTFS Timestomping on 25/03/2025
Report on Paragon Spyware on 25/03/2025
Citizen Lab has a new report on Paragon’s spyware: Key Findings: Introducing Paragon Solutions. Paragon Solutions was founded in Israel in 2019 and sells spyware called Graphite. The company differentiates itself by claiming it has safeguards to prevent the kinds of spyware abuses that NSO Group and other vendors are notorious for. Infrastructure Analysis of Paragon Spyware. Based on a tip [...]
Intigriti insights into latest beg bounty scam by Eleanor Barlow on 25/03/2025
The Intigriti team have recently observed an abuse scenario, trending across the industry, where malicious actors are posing as legitimate white-hat hackers, deceiving targeted companies into believing their actions are carried out in good faith. Bad actors will always try to exploit the system, in any industry, for personal gain. At Intigriti, we help customers navigate this l… [...]
8 Tips for writing effective bug bounty reports by blackbird-eu on 25/03/2025
So, you've found a valid security vulnerability in one of your bug bounty programs, now it's time to write the report. Finding the vulnerability was half the story. Writing effective reports is also an essential phase in bug bounty. Clear, well-written, and to-the-point bug bounty reports often get triaged faster and have more chance of getting well received by companies. In th… [...]
Creating immutable users through a bug in Entra ID restricted administrative units on 25/03/2025
Imagine trying to disable a malicious user in your Azure environment, only to find it can't be modified! We recently identified a timing-based bug in Entra ID's restricted administrative units (AUs) that could have allowed just this scenario to occur. [...]
The 'IngressNightmare' vulnerabilities in the Kubernetes Ingress NGINX Controller: Overview, detection, and remediation on 25/03/2025
Learn how the Kubernetes Ingress NGINX Controller vulnerabilities work, how to detect and remediate them. [...]
CNWPP How To Fail An Exam Part 4:4 on 24/03/2025
Non-Production API Endpoints for the Forecast Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration on 24/03/2025
AWS VDP disclosed a bug submitted by nick_frichette_dd: https://hackerone.com/reports/3022516 [...]
Twitter broken link hijacking in thewild.com on 24/03/2025
Autodesk disclosed a bug submitted by yunxohang: https://hackerone.com/reports/3035275 [...]
This Simple URL Encoding Made me $50,000 in Bounties on 24/03/2025
the CRITICAL 9.1 severity Next.js vulnerability on 24/03/2025
More Countries are Demanding Backdoors to Encrypted Apps on 24/03/2025
Last month, I wrote about the UK forcing Apple to break its Advanced Data Protection encryption in iCloud. More recently, both Sweden and France are contemplating mandating backdoors. Both initiatives are attempting to scare people into supporting backdoors, which are—of course—are terrible idea. Also: “A Feminist Argument Against Weakening Encryption.” [...]
Cache Poisoning Allows Zero Interaction Store XSS on 22/03/2025
Trendyol disclosed a bug submitted by samark19: https://hackerone.com/reports/2917062 [...]
CNWPP How To Fail An Exam Part 3:4 on 21/03/2025
Friday Squid Blogging: A New Explanation of Squid Camouflage on 21/03/2025
New research: An associate professor of chemistry and chemical biology at Northeastern University, Deravi’s recently published paper in the Journal of Materials Chemistry C sheds new light on how squid use organs that essentially function as organic solar cells to help power their camouflage abilities. As usual, you can also use this squid post to talk about the security stories in the news that I [...]
Arrests in Tap-to-Pay Scheme Powered by Phishing by BrianKrebs on 21/03/2025
Authorities in at least two U.S. states last week independently announced arrests of Chinese nationals accused of perpetrating a novel form of tap-to-pay fraud using mobile devices. Details released by authorities so far indicate the mobile wallets being used by the scammers were created through online phishing scams, and that the accused were relying on a custom Android app to relay tap-to-pay tr [...]
Learn API Hacking! on 21/03/2025
My Writings Are in the LibGen AI Training Corpus on 21/03/2025
The Atlantic has a search tool that allows you to search for specific works in the “LibGen” database of copyrighted works that Meta used to train its AI models. (The rest of the article is behind a paywall, but not the search tool.) It’s impossible to know exactly which parts of LibGen Meta used to train its AI, and which parts it might have decided to exclude; this snapshot was taken [...]
The REAL Truth About AI in Cybersecurity on 21/03/2025
3 Interview Questions You MUST Ask! on 20/03/2025
Limited Privilege User Can Create Unauthorized Referrals on partners.shopify.com on 20/03/2025
Shopify disclosed a bug submitted by samux: https://hackerone.com/reports/1457471 [...]
DOGE to Fired CISA Staff: Email Us Your Personal Data by BrianKrebs on 20/03/2025
A message posted on Monday to the homepage of the U.S. Cybersecurity & Infrastructure Security Agency (CISA) is the latest exhibit in the Trump administration’s continued disregard for basic cybersecurity protections. The message instructed recently-fired CISA employees to get in touch so they can be rehired and then immediately placed on leave, asking employees to send their Social Secu [...]
LIVE: Web Hacking | Pentesting | AppSec | Cybersecurity | TryHackme | AMA on 19/03/2025
Turn Your Cybersecurity to Cyberstrength with HackerOne on 19/03/2025
Data Leaks and AI Agents: Why Your APIs Could Be Exposing Sensitive Information by Sergei Lega on 19/03/2025
Most organizations are using AI in some way today, whether they know it or not. Some are merely beginning to experiment with it, using tools like chatbots. Others, however, have integrated agentic AI directly into their business procedures and APIs. While both types of organizations are undoubtedly realizing remarkable productivity and efficiency benefits, they may not know they are putting thems [...]
Uncle Rat Presents: 002-B: Uncle Rat's Ultimate Bug Bounty Guide - P 2 - Broad Scope And API Hacking on 18/03/2025
Notepad Saves Your Notes - Even If You Don't! on 18/03/2025
SSRF in Autodesk Rendering leading to account takeover on 18/03/2025
Autodesk disclosed a bug submitted by metereorpreter: https://hackerone.com/reports/3024673 [...]
Django Debug Mode Enabled - Information Disclosure on api.wwm-dev.autodesk.com on 18/03/2025
Autodesk disclosed a bug submitted by khoof: https://hackerone.com/reports/2965143 [...]
How To Get Hacked Downloading Torrents - Malware Analysis on 18/03/2025
Quantifying the Financial Impact of Cybersecurity with Return on Mitigation (RoM) on 18/03/2025
ms teams is now a C2 (command-and-control) on 18/03/2025
How to Find Your First Help Desk Role! on 17/03/2025
Announcing OSV-Scanner V2: Vulnerability scanner and remediation tool for open source on 17/03/2025
Posted by Rex Pan and Xueqin Cui, Google Open Source Security TeamIn December 2022, we released the open source OSV-Scanner tool, and earlier this year, we open sourced OSV-SCALIBR. OSV-Scanner and OSV-SCALIBR, together with OSV.dev are components of an open platform for managing vulnerability metadata and enabling simple and accurate matching and remediation of known vulnerabilities. Our goal is [...]
This is How a Simple IDOR Earned Me a Max Bug Bounty Payout on 17/03/2025
I took the TryHackMe Security Analyst Level 1 Certification (SAL1) on 17/03/2025
CNWPP How To Fail An Exam Part 2:4 on 16/03/2025
Sensitive Information Disclosure via Back Button Post Logout on https://apps.nextcloud.com/account/ on 16/03/2025
Nextcloud disclosed a bug submitted by vulnerability_is_here: https://hackerone.com/reports/2946927 [...]
ClickFix: How to Infect Your PC in Three Easy Steps by BrianKrebs on 14/03/2025
A clever malware deployment scheme first spotted in targeted attacks last year has now gone mainstream. In this scam, dubbed “ClickFix,” the visitor to a hacked or malicious website is asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware. ClickFix attacks mimic the “Verify You are [...]
My Recap Of BSides Limburg 2025 on 14/03/2025
The German Hacking Championship on 14/03/2025
IoT Hacking Tools You MUST Know: An In-Depth Review on 14/03/2025
2FA Bypass leads to impersonation of legimate users on 14/03/2025
Drugs.com disclosed a bug submitted by dedoxd2: https://hackerone.com/reports/2885636 [...]
Stored Cross-Site Scripting found in custom integration app on https://admin.b360.autodesk.com. on 14/03/2025
Autodesk disclosed a bug submitted by the-white-evil: https://hackerone.com/reports/2971572 [...]
One PUT Request to Own Tomcat: CVE-2025-24813 RCE is in the Wild by Ivan Novikov on 14/03/2025
A devastating new remote code execution (RCE) vulnerability, CVE-2025-24813, is now actively exploited in the wild. Attackers need just one PUT API request to take over vulnerable Apache Tomcat servers. The exploit, originally published by a Chinese forum user iSee857, is already available online: CVE-2025-24813 PoC by iSee857. Exploit Breakdown: How a Simple PUT Request Leads to Full RCE This att [...]
Intigriti Bug Bytes #222 - March 2025 🚀 by Intigriti on 14/03/2025
Hey hackers, Each month, we team up with bug bounty experts to bring you insights, platform updates, new programs, and upcoming community events—all to help you find more bugs! Product updates New Feature: Gain Deeper Insights into Researcher Activity We're excited to introduce a new way for researchers to gain valuable insights into their time allocation across different domai… [...]
Hack Smart Devices For Only $2! on 13/03/2025
Stored Cross-Site Scripting in mercadopago.com.ar on 13/03/2025
MercadoLibre disclosed a bug submitted by elmago: https://hackerone.com/reports/1955485 [...]
Domain highlighting on External link warning is not working on Chrome & Microsoft Edge browsers on Mobile on 13/03/2025
HackerOne disclosed a bug submitted by sarthakbhingare015: https://hackerone.com/reports/2553026 [...]
cgi scripts wordlist entry for windmail.exe has payload that sends arbitrary file read result to third-party on 13/03/2025
PortSwigger Web Security disclosed a bug submitted by floyd: https://hackerone.com/reports/2733994 - Bounty: $200 [...]
they tried to hack me so i confronted them on 13/03/2025
Burp Everywhere, All Around the World: Bringing AppSec Enthusiasts Together in 2025 on 13/03/2025
Security is a team sport. Whether you're a pentester, bug bounty hunter, student, or just love breaking (and fixing) things, our field thrives on shared knowledge, collaboration, and support. We want [...]
Access control vulnerability in the retail industry. Cross-Site Scripting (XSS) use case by Eleanor Barlow on 13/03/2025
Why is the retail industry being targeted? Large-scale operations and the extensive attack surface of the retail industry render it particularly susceptible to cybercrime, on a global scale. Websites, mobile apps, and company programs create numerous entry points for malicious actors. The high volume of payment transactions and financial incentives of successful attacks present… [...]
CNWPP How To Fail An Exam Part 1:4 on 12/03/2025
Uncle Rat's 4 Hour API Hacking MasterClass - Zero To Hero - OWASP top 10 - Tools - Demo's on 12/03/2025
LIVE: USB and Log Analysis | Cybersecurity | Blue Team | AMA on 12/03/2025
Hunting for privilege escalations by modifying the JS feat. renniepak #bugbounty #bugbountytips #bug on 12/03/2025
The mysterious bug bounty methodology on 12/03/2025
$50k XSS in a web3 website feat. renniepak #bugbounty #bugbountytips #bugbountyhunter on 12/03/2025
Using javascript bookmarks to speed up bug hunting feat. renniepak #bugbounty #bugbountytips #bugbou on 12/03/2025
An XSS payload tattooed on the forearm feat. renniepak #bugbounty #bugbountytips #bugbountyhunter on 12/03/2025
The CSPBypass website feat. renniepak #bugbounty #bugbountytips #bugbountyhunter on 12/03/2025
How to become an XSS expert with renniepak on 12/03/2025
Behind the Scenes of Burp AI: How we built it, and what's next on 12/03/2025
Why now? Artificial intelligence is rapidly transforming industries, and security testing is no exception. At PortSwigger, we’ve always been driven by innovation, but we don’t chase trends for the sak [...]
LEAKED Russian Hackers Internal Chats on 12/03/2025
Best practices to avoid Bugcrowd platform violations with Anon Hunter (Sharik Khan) on 12/03/2025
Microsoft: 6 Zero-Days in March 2025 Patch Tuesday by BrianKrebs on 11/03/2025
Microsoft today issued more than 50 security updates for its various Windows operating systems, including fixes for a whopping six zero-day vulnerabilities that are already seeing active exploitation. Two of the zero-day flaws include CVE-2025-24991 and CVE-2025-24993, both vulnerabilities in NTFS, the default file system for Windows and Windows Server. Both require the attacker to trick a target [...]
Non-Production API Endpoints for the DocumentDB Elastic Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration on 11/03/2025
AWS VDP disclosed a bug submitted by nick_frichette_dd: https://hackerone.com/reports/3009411 [...]
CSRF to Reflected XSS at echo.urbandictionary.biz via spoofing content type on 11/03/2025
Urban Dictionary disclosed a bug submitted by osama-hamad: https://hackerone.com/reports/1237321 [...]
Account Takeover Vulnerability in Shopify Collabs Platform Due to Missing Email Verification on 11/03/2025
Shopify disclosed a bug submitted by kun_19: https://hackerone.com/reports/1679734 - Bounty: $800 [...]
Alleged Co-Founder of Garantex Arrested in India by BrianKrebs on 11/03/2025
Authorities in India today arrested the alleged co-founder of Garantex, a cryptocurrency exchange sanctioned by the U.S. government in 2022 for facilitating tens of billions of dollars in money laundering by transnational criminal and cybercriminal organizations. Sources close to the investigation told KrebsOnSecurity the Lithuanian national Aleksej Besciokov, 46, was apprehended while vacationing [...]