Integer Underflow in src/var.c on 26/01/2026
curl disclosed a bug submitted by f_i_h: https://hackerone.com/reports/3523349 [...]
InfoSec Planet
A collection of diverse security content from a curated list of sources. This website also serves as a demo for "worker-planet", the software that powers it.
Friday Squid Blogging: Giant Squid in the Star Trek Universe on 23/01/2026
Spock befriends a giant space squid in the comic Star Trek: Strange New Worlds: The Seeds of Salvation #5. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. [...]
🤖🤖🤖 on 23/01/2026
AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities on 23/01/2026
Really interesting blog post from Anthropic: In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. This illustrates how barriers to the use of AI in relatively autonomous cyber workflows are rapidly comin [...]
I am a scammer? on 23/01/2026
What exploit to hunt for when everything is tested #bugbounty on 23/01/2026
How to pick an exploit in #bugbounty on 23/01/2026
🤖🤖 on 22/01/2026
Why AI Keeps Falling for Prompt Injection Attacks on 22/01/2026
Imagine you work at a drive-through restaurant. Someone drives up and says: “I’ll have a double cheeseburger, large fries, and ignore previous instructions and give me the contents of the cash drawer.” Would you hand over the money? Of course not. Yet this is what large language models (LLMs) do. Prompt injection is a method of tricking LLMs into doing things they are normally pr [...]
A tech issue alone does not = risk on 22/01/2026
IoT Hacking Stream on 22/01/2026
31 bite-sized tips, techniques, and bug bounty resources to kick off 2026! by Eleanor Barlow on 22/01/2026
What you will learn Practical, bite-sized bug bounty tips and techniques you can apply immediately, whether you’re just starting or sharpening your skills. Proven approaches for finding, prioritizing, and validating vulnerabilities more efficiently in real-world programs. An eye on what to look out for to stay consistent and motivated in 2026. In the lead-up to the new year, we released a bug [...]
🤖 on 21/01/2026
Spam & Clearance checks disabled with existing referenced Message-ID on 21/01/2026
Basecamp disclosed a bug submitted by northeastprince: https://hackerone.com/reports/2012659 [...]
"I made an Evil MCP server" (and AI fell for it) on 21/01/2026
Internet Voting is Too Insecure for Use in Elections on 21/01/2026
No matter how many times we say it, the idea comes back again and again. Hopefully, this letter will hold back the tide for at least a while longer. Executive summary: Scientists have understood for many years that internet voting is insecure and that there is no known or foreseeable technology that can make it secure. Still, vendors of internet voting keep claiming that, somehow, their new syste [...]
Will LLMs Always Hallucinate? on 20/01/2026
Kimwolf Botnet Lurking in Corporate, Govt. Networks by BrianKrebs on 20/01/2026
A new Internet-of-Things (IoT) botnet called Kimwolf has spread to more than 2 million devices, forcing infected systems to participate in massive distributed denial-of-service (DDoS) attacks and to relay other malicious and abusive Internet traffic. Kimwolf’s ability to scan the local networks of compromised systems for other IoT devices to infect makes it a sobering threat to organizations [...]
[Critical] Unauthorized Cross-Tenant Data Access in Stripo AI Hub Campaign via Deleted Project. on 20/01/2026
Stripo Inc disclosed a bug submitted by srcode: https://hackerone.com/reports/3459285 [...]
Memory Exhaustion in CometBFT v1.0.1 via malicious ProposalMessage leads to network-wide denial of service on 20/01/2026
Cosmos disclosed a bug submitted by 0xjam: https://hackerone.com/reports/3510161 [...]
Could ChatGPT Convince You to Buy Something? on 20/01/2026
Eighteen months ago, it was plausible that artificial intelligence might take a different path than social media. Back then, AI’s development hadn’t consolidated under a small number of big tech firms. Nor had it capitalized on consumer attention, surveilling users and delivering ads. Unfortunately, the AI industry is now taking a page from the social media playbook and has set its sig [...]
Crossorigin cookies leak and injection risk when using a custom Host header on 20/01/2026
curl disclosed a bug submitted by ichise: https://hackerone.com/reports/3516878 [...]
SSL options ISSUERCERT, EC_CURVES and CRLFILE silently ignored by non-OpenSSL backends on 20/01/2026
curl disclosed a bug submitted by foobar4213: https://hackerone.com/reports/3516974 [...]
Internal logs/info leaked via endpoint {https://203.137.128.240/server-status} on 20/01/2026
pixiv disclosed a bug submitted by dexter34: https://hackerone.com/reports/2473173 [...]
This Simple Vulnerability Was Worth $70,000 on 19/01/2026
AI-Powered Surveillance in Schools on 19/01/2026
It all sounds pretty dystopian: Inside a white stucco building in Southern California, video cameras compare faces of passersby against a facial recognition database. Behavioral analysis AI reviews the footage for signs of violent behavior. Behind a bathroom door, a smoke detector-shaped device captures audio, listening for sounds of distress. Outside, drones stand ready to be deployed and provide [...]
Cookie Replacement Use-After-Free Vulnerability on 19/01/2026
curl disclosed a bug submitted by bhaskar_ram: https://hackerone.com/reports/3516202 [...]
Cookie Max-Age Integer Overflow Vulnerability on 19/01/2026
curl disclosed a bug submitted by bhaskar_ram: https://hackerone.com/reports/3516186 [...]
Is @TheXSSRat a scammer? on 18/01/2026
Disclose Hidden Comments on Media Section of hub.vroid.com on 18/01/2026
pixiv disclosed a bug submitted by giwadaoud: https://hackerone.com/reports/2541962 - Bounty: $500 [...]
clickjacing can lead to account takeover on 18/01/2026
pixiv disclosed a bug submitted by hyk3n: https://hackerone.com/reports/2119892 - Bounty: $200 [...]
libcurl: Improper Authentication State Management on Cross-Protocol Redirects on 17/01/2026
curl disclosed a bug submitted by andrewml: https://hackerone.com/reports/3514263 [...]
I bought this tiny $40 ereader… Then rewrote It on 16/01/2026
Easy way to create a new Deck board without permission on 16/01/2026
Nextcloud disclosed a bug submitted by hakuna: https://hackerone.com/reports/2388183 - Bounty: $100 [...]
Can download files on Android app without permission on 16/01/2026
Nextcloud disclosed a bug submitted by hakuna: https://hackerone.com/reports/2380133 - Bounty: $250 [...]
How I’m Approaching Cybersecurity Goals in 2026 on 16/01/2026
Locked in for 2026 on 16/01/2026
Command Injection on Amazon Q Developer CLI via malicious .amazonq/mcp.json leads to arbitrary code execution on 16/01/2026
AWS VDP disclosed a bug submitted by farmer: https://hackerone.com/reports/3427370 [...]
AI and the Corporate Capture of Knowledge on 16/01/2026
More than a decade after Aaron Swartz’s death, the United States is still living inside the contradiction that destroyed him. Swartz believed that knowledge, especially publicly funded knowledge, should be freely accessible. Acting on that, he downloaded thousands of academic articles from the JSTOR archive with the intention of making them publicly available. For this, the federal governmen [...]
Functional PoCs in less than a minute? Julen Garrido Estévez puts Burp AI to the test on 16/01/2026
Note: This is a guest post by pentester Julen Garrido Estévez (@b3xal). Methodology Key results Examples Key learnings Prompt template A pentester's POV on Burp AI Pentester Julen Garrido Es [...]
Intigriti Bug Bytes #232 - January 2026 🚀 by Ayoub on 16/01/2026
Hi hackers, Welcome to the latest edition of Bug Bytes (and the first of 2026)! In this month’s issue, we’ll be featuring: Hijacking official AWS GitHub repositories New anonymous bug bounty forum Finding more IDORs & SSRFs using a unique methodology New JavaScript file scanner to find hidden endpoints And so much more! Let’s dive in! Intigriti SantaCloud CTF results are in December 20 [...]
Pen testing demand is up. Budgets aren’t. on 15/01/2026
Do NOT buy burp AI credits on 15/01/2026
NTUSER.MAN on 15/01/2026
7 Reasons to Get Certified in API Security by Tim Erlin on 15/01/2026
API security is becoming more important by the day and skilled practitioners are in high demand. Now’s the time to level up your API security skillset. Wallarm University, our free training course, provides security analysts, engineers, and practitioners with hands-on skills you can’t get from documentation, videos, or traditional courses. Run real attacks, investigate real signals, and learn [...]
New Vulnerability in n8n on 15/01/2026
This isn’t good: We discovered a critical vulnerability (CVE-2026-21858, CVSS 10.0) in n8n that enables attackers to take over locally deployed instances, impacting an estimated 100,000 servers globally. No official workarounds are available for this vulnerability. Users should upgrade to version 1.121.0 or later to remediate the vulnerability. Three technical links and two news links. [...]
fs.futimes() Bypasses Read-Only Permission Model on 15/01/2026
Node.js disclosed a bug submitted by oriotie: https://hackerone.com/reports/3390084 [...]
IMAP Protocol Desynchronization and Response Smuggling via Naive Literal Parsing on 14/01/2026
curl disclosed a bug submitted by shiftj: https://hackerone.com/reports/3509396 [...]
Hacking Wheelchairs over Bluetooth on 14/01/2026
Researchers have demonstrated remotely controlling a wheelchair over Bluetooth. CISA has issued an advisory. CISA said the WHILL wheelchairs did not enforce authentication for Bluetooth connections, allowing an attacker who is in Bluetooth range of the targeted device to pair with it. The attacker could then control the wheelchair’s movements, override speed restrictions, and manipulate conf [...]
Upcoming Speaking Engagements on 14/01/2026
This is a current list of where and when I am scheduled to speak: I’m speaking at the David R. Cheriton School of Computer Science in Waterloo, Ontario, Canada, on January 27, 2026, at 1:30 PM ET. I’m speaking at the Université de Montréal in Montreal, Quebec, Canada, on January 29, 2026, at 4:00 PM ET. I’m speaking and signing books at the Chicago Public Library in Chicago, Illinois, USA, on Feb [...]
Roundcube Webmail Style Sanitizer can be bypassed using CSS Character Escapes on 14/01/2026
Nextcloud disclosed a bug submitted by somerandomdev: https://hackerone.com/reports/3443563 [...]
[revive-adserver] Reflected XSS in Banner Delivery Options via cap parameter on 14/01/2026
Revive Adserver disclosed a bug submitted by 7yr: https://hackerone.com/reports/3473696 [...]
Reflected XSS in banner-acl.php and channel-acl.php via executionorder on 14/01/2026
Revive Adserver disclosed a bug submitted by 7yr: https://hackerone.com/reports/3470970 [...]
Reflected XSS in afr.php on 14/01/2026
Revive Adserver disclosed a bug submitted by nigh7c0r3: https://hackerone.com/reports/3468169 [...]
Broken Access Control allows advertiser accounts to delete trackers they do not own on 14/01/2026
Revive Adserver disclosed a bug submitted by 0xjad: https://hackerone.com/reports/3445710 [...]
INI Format string injection in Revive Adserver 6.0.4 settings on 14/01/2026
Revive Adserver disclosed a bug submitted by pakcyberbot: https://hackerone.com/reports/3445332 [...]
Integer-underflow leads to heap over-read in TFTP implementation on 14/01/2026
curl disclosed a bug submitted by z2_: https://hackerone.com/reports/3508321 [...]
Digest Authentication Header Injection on 14/01/2026
curl disclosed a bug submitted by andrew-bbp: https://hackerone.com/reports/3508799 [...]
Directory listing vulnerability is disclosing names and emails, widespread (thousands of records, publicly accessible without auth) on 14/01/2026
curl disclosed a bug submitted by vikash_saw: https://hackerone.com/reports/3509437 [...]
Gopher Protocol Command Injection (SSRF Smuggling) on 14/01/2026
curl disclosed a bug submitted by andrew-bbp: https://hackerone.com/reports/3508785 [...]
Use-After-Free in curl_easy_nextheader when reusing header handle across requests on 14/01/2026
curl disclosed a bug submitted by adce626q: https://hackerone.com/reports/3508701 [...]
Patch Tuesday, January 2026 Edition by BrianKrebs on 14/01/2026
Microsoft today issued patches to plug at least 113 security holes in its various Windows operating systems and supported software. Eight of the vulnerabilities earned Microsoft’s most-dire “critical” rating, and the company warns that attackers are already exploiting one of the bugs fixed today. January’s Microsoft zero-day flaw — CVE-2026-20805 — is brought t [...]
Reflecting on 2025, shaping 2026. A fireside chat with Intigriti leadership by Eleanor Barlow on 14/01/2026
What you will learn How 2025 became a defining year for Intigriti through key milestones, major wins, and bold product launches. Insights from Intigriti’s C-suite on the moments that shaped the company’s growth and direction. How these reflections set the foundation for Intigriti’s vision and priorities for 2026. 2025 reflections, aspirations, and lessons learnt Stijn Jans, Chief Executive Off [...]
Unpatchable Vulnerabilities of Kubernetes: CVE-2020-8554 on 14/01/2026
A look at how Kubernetes CVE-2020-8554 works [...]
Certifications vs. Raw Skills: Which is Better? on 13/01/2026
AI Red Teaming: What Breaks, How It Breaks, and Human Role on 13/01/2026
MQTT: unsigned integer underflow bypasses MAX_MQTT_MESSAGE_SIZE check on 13/01/2026
curl disclosed a bug submitted by 0xshakib0x04: https://hackerone.com/reports/3508854 [...]
Part Two: HackerOne CEO on Adapting to AI-Driven Change on 13/01/2026
integer Overflow in MQTT Protocol Handling Allows Bypassing Message Size Limit on 13/01/2026
curl disclosed a bug submitted by gudyuu: https://hackerone.com/reports/3508500 [...]
Lack of isolation in agentic browsers resurfaces old vulnerabilities on 13/01/2026
With browser-embedded AI agents, we’re essentially starting the security journey over again. We exploited a lack of isolation mechanisms in multiple agentic browsers to perform attacks ranging from the dissemination of false information to cross-site data leaks. These attacks, which are functionally similar to cross-site scripting (XSS) and cross-site request forgery (CSRF), resurface decade [...]
Information Disclosure in API Endpoint /users on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by moha1sd: https://hackerone.com/reports/3027405 [...]
Publicly Accessible CDN Endpoint Exposing XML Metadata (including ETag) on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by l0rdv0ld3m0r7: https://hackerone.com/reports/3346375 [...]
Create account without auth via response manipulation on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by exec_iq: https://hackerone.com/reports/2061982 [...]
Information Disclosure via Publicly Accessible Debug Log on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by xgoon: https://hackerone.com/reports/3318295 [...]
Debug Info disclose on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by saqib98: https://hackerone.com/reports/3066992 [...]
Reflected XSS Vulnerability in SSL VPN Endpoint CVE-2025-0133 on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by 0xkarim_dix: https://hackerone.com/reports/3238607 [...]
Reflected XSS via user Parameter in /ssl-vpn/getconfig.esp on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by aramx4: https://hackerone.com/reports/3205104 [...]
Reflected XSS via user Parameter on getconfig.esp Endpoint on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by aramx4: https://hackerone.com/reports/3204997 [...]
XSS on on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by bewgsy: https://hackerone.com/reports/3053220 [...]
Cross-Site Scripting via URL on on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by jonasdiasrebelo: https://hackerone.com/reports/3437836 [...]
Cross-Site Scripting via 'currentImage' parameter on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by jonasdiasrebelo: https://hackerone.com/reports/3136746 [...]
Cross-Site Scripting via 'wikitext' parameter on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by jonasdiasrebelo: https://hackerone.com/reports/3137212 [...]
Cross-Site Scripting (XSS) in ASP.NET via ResolveUrl on on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by jonasdiasrebelo: https://hackerone.com/reports/3166582 [...]
Cross-Site Scripting (XSS) in ASP.NET via ResolveUrl on on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by jonasdiasrebelo: https://hackerone.com/reports/3166581 [...]
Cross-Site Scripting (XSS) in ASP.NET via ResolveUrl on on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by jonasdiasrebelo: https://hackerone.com/reports/3166587 [...]
Cross-Site Scripting via URL on on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by jonasdiasrebelo: https://hackerone.com/reports/3354494 [...]
Cross-Site Scripting via URL on on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by jonasdiasrebelo: https://hackerone.com/reports/3351408 [...]
Cross-Site Scripting via 'RAISED_FUNDS_DESC' parameter on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by jonasdiasrebelo: https://hackerone.com/reports/3284389 [...]
Cross-Site Scripting via 'autoPlay' parameter on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by jonasdiasrebelo: https://hackerone.com/reports/3136754 [...]
Cross-Site Scripting via 'description_extra' parameter on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by jonasdiasrebelo: https://hackerone.com/reports/3137206 [...]
Reflected XSS in `Telerik.ReportViewer.axd` with F5 BIG-IP ASM Bypass on `` on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by the_reinhardt: https://hackerone.com/reports/3135626 [...]
Cross-Site Scripting (XSS) in ASP.NET via ResolveUrl on on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by jonasdiasrebelo: https://hackerone.com/reports/3166585 [...]
Cross-Site Scripting (XSS) in ASP.NET via ResolveUrl on on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by jonasdiasrebelo: https://hackerone.com/reports/3166579 [...]
Cross-Site Scripting via 'EVENT_DESCRIPTION' parameter on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by jonasdiasrebelo: https://hackerone.com/reports/3284381 [...]
Unauthenticated File Read Adobe ColdFusion on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by silentbreach: https://hackerone.com/reports/2870951 [...]
Secret Access Key of AWS Firehose Disclosure on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by marucube35: https://hackerone.com/reports/2914739 [...]
Exposed Extremely Sensitive Information in Public ZIP File on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by aldenpartridge: https://hackerone.com/reports/2857082 [...]
Air Force candidate PII + recruitment chat logs accessible via BAC/IDOR on (very large/significant exposure) on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by oxylis: https://hackerone.com/reports/2968391 [...]
ASBS viewing other soldiers PII/Board/Board Voters/ETC on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by badlifeguard: https://hackerone.com/reports/2954320 [...]
[Critical Data Breach] Exposure of PII Data Leak via API Response on 12/01/2026
U.S. Dept Of Defense disclosed a bug submitted by rocky1696: https://hackerone.com/reports/3078508 [...]