Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this month with some of the more widely-used software makers — including Apple, Google, Microsoft, Mozilla and Oracle — fixing near record volumes of secu [...]
The Model Context Protocol (MCP) is a de facto standard for providing structured access to privileged systems for AI agents and external integrations. It acts as a USB-C port for AI, enabling faster innovation by allowing organizations to expose tools, resources, and workflows without the time-consuming work of building APIs. Adoption has surged in recent months, and categories like payments, [...]
AWS VDP disclosed a bug submitted by jcow: https://hackerone.com/reports/3577145 [...]
Now that the dust has settled on Mythos dropping, there is space for more considered reflection on the direction of travel. Mythos wasn't a surprise; it's another data point on a trajectory that's bee [...]
This is the worst Linux vulnerability in years. TL;DR copy.fail is a Linux kernel local privilege escalation, not a browser or clipboard attack. Disclosed by Theori on 29 April 2026 with a working PoC. It abuses the kernel crypto API (AF_ALG sockets) plus splice() to write four bytes at a time straight into the page cache of a file the attacker does not own. The exploit works unmodified across Ub [...]
Go’s native fuzzing is useful, but it stands far behind state-of-the-art tooling that the Rust, C, and C++ ecosystems offer with LibAFL and AFL++. Path constraints are hard to solve. Structured inputs usually need handmade parsing. It doesn’t even detect several common bug classes, such as integer overflows, goroutine leaks, data races, and execution timeouts. So to make it better, we built [...]
The April NIS2 compliance deadline has come and gone, but where does your company stand? The European Union, via the NIS2 Directive, sets the overall framework and timelines. Member States are responsible for transposing these into national law. The deadline for Member States to transpose the NIS2 Directive into their national law was October 17, 2024. The April 18 deadline is for Member States to [...]
Turns out that LLMs are really good at hiding text messages in other text messages. [...]
As founder and CEO of Intigriti, I've spent a long time around hackers, and one thing is clear. The best ones don't fear AI. They use it. What they do fear, however, and what I take seriously as a founder, is a world where platforms quietly replace them under the banner of efficiency. Where their work trains models they don't benefit from, and where the economics of the craft erode while everyon [...]
Learn how malicious Claude Code skills can abuse dynamic context commands to execute before model-level prompt injection defenses can intervene. [...]
Liberapay disclosed a bug submitted by rox-11: https://hackerone.com/reports/3723002 [...]
Liberapay disclosed a bug submitted by rox-11: https://hackerone.com/reports/3721519 [...]
Evidence of them has been found by analyzing DNA in the seawater. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. [...]
Insider trading is rife on Polymarket: Analysis by the Anti-Corruption Data Collective, a non-profit research and advocacy group, found that long-shot bets—defined as wagers of $2,500 or more at odds of 35 percent or less—on the platform had an average win rate of around 52 percent in markets on military and defense actions. That compares with a win rate of 25 percent across all poli [...]
Nextcloud disclosed a bug submitted by vidang04: https://hackerone.com/reports/3511998 - Bounty: $150 [...]
Nextcloud disclosed a bug submitted by 0x0doteth: https://hackerone.com/reports/3304830 [...]
Nextcloud disclosed a bug submitted by yoyomiski: https://hackerone.com/reports/3521434 [...]
An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States today, after a cybercrime group defaced the service’s login page with a ransom demand that threatened to leak data from 275 million students and faculty across nearly 9,000 educational institutions. A sc [...]
A look at how to secure Kubernetes secrets [...]
curl disclosed a bug submitted by shecantcode2: https://hackerone.com/reports/3717365 [...]
Ruby on Rails disclosed a bug submitted by ksw9722: https://hackerone.com/reports/3580511 [...]
ICE is developing its own version of smart glasses, with facial recognition tied to various databases. [...]
Monero disclosed a bug submitted by rorkh: https://hackerone.com/reports/3307874 [...]
Monero disclosed a bug submitted by yulge: https://hackerone.com/reports/3185083 [...]
curl disclosed a bug submitted by p4p3r_hak: https://hackerone.com/reports/3708482 [...]
A new rowhammer attack gives complete control of NVIDIA CPUs. On Thursday, two research teams, working independently of each other, demonstrated attacks against two cards from Nvidia’s Ampere generation that take GPU rowhammering into new—and potentially much more consequential—territory: GDDR bitflips that give adversaries full control of CPU memory, resulting in full system comprom [...]
PortSwigger Web Security disclosed a bug submitted by bereza4321: https://hackerone.com/reports/3625600 - Bounty: $200 [...]
We recently added a C/C++ security checklist to the Testing Handbook and challenged readers to spot the bugs in two code samples: a deceptively simple Linux ping program and a Windows driver registry handler. If you found the inet_ntoa global buffer gotcha or the missing RTL_QUERY_REGISTRY_TYPECHECK flag, nice work. If not, here’s a full walkthrough of both challenges, plus a deep dive into [...]
DarkSword is a sophisticated piece of malware—probably government designed—that targets iOS. Google Threat Intelligence Group (GTIG) has identified a new iOS full-chain exploit that leveraged multiple zero-day vulnerabilities to fully compromise devices. Based on toolmarks in recovered payloads, we believe the exploit chain to be called DarkSword. Since at least November 2025, GTIG has [...]
curl disclosed a bug submitted by ravindrasl2026: https://hackerone.com/reports/3710209 [...]
curl disclosed a bug submitted by codexxxx: https://hackerone.com/reports/3707747 [...]
curl disclosed a bug submitted by orelbn7: https://hackerone.com/reports/3712343 [...]
As part of our recent AI blog series, and in addition to content on ‘How AI is leveraged to enhance the Intigriti platform’, we have provided multiple insights from the Intigriti team on the development and future of AI, how it impacts programs, and the Bug Bounty community. So far, we have explored: ‘How AI is changing vulnerability discovery’, with COO, Ed Parsons. ‘Common AI misconceptions [...]
Polymarket is a platform where people can bet on real-world events, political and otherwise. Leaving the ethical considerations of this aside (for one, it facilitates assassination), one of the issues with making this work is the verification of these real-world events. Polymarket gamblers have threatened a journalist because his story was being used to verify an event. And now, gamblers are takin [...]
As API and AI adoption grows across the Middle East, so do the expectations around how data is handled. For many organizations operating in this region, it’s not just about securing applications. It’s about doing it in a way that keeps data in-country and aligned with local requirements. Today, we’re introducing the Wallarm Middle East Cloud Point of Presence (POP), giving organizations a n [...]
Nextcloud disclosed a bug submitted by khoof: https://hackerone.com/reports/3399016 [...]
Someone pleaded guilty to secretly working for a ransomware gang as he negotiated ransomware payments for clients. [...]
Senior pentesters have a deeply refined intuition about what is vulnerable in an environment. The problem? That expertise is often siloed with an individual and trapped in their notes or Python scripts. [...]
PlayStation disclosed a bug submitted by slidybat: https://hackerone.com/reports/3320669 - Bounty: $10000 [...]
A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm’s chief executive says the malicious activity resulted from a security breach and was likely the work of a compet [...]
Researchers have reverse-engineered a piece of malware named Fast16. It’s almost certainly state-sponsored, probably US in origin, and was deployed against Iran years before Stuxnet: “…the Fast16 malware was designed to carry out the most subtle form of sabotage ever seen in an in-the-wild malware tool: By automatically spreading across networks and then silently manipulating com [...]
Most assume that SQL injection is a solved problem in today's application landscape, especially with increased awareness of secure coding practices (such as resorting to prepared statements or parameterized queries) and the widespread adoption of NoSQL databases. However, in practice, SQLi vulnerabilities continue to surface in modern applications, often hiding in legacy code components, custom qu [...]
curl disclosed a bug submitted by fxv_ray_st: https://hackerone.com/reports/3702718 [...]
LibAFL is all the rage in the fuzzing community these days, especially with LLVM’s libFuzzer being placed in maintenance mode. Written in Rust, LibAFL claims improved performance, modularity, state-of-the-art fuzzing techniques, and libFuzzer compatibility. For these reasons, I set out to add LibAFL support to Ruzzy, our coverage-guided fuzzer for pure Ruby code and Ruby C extensions. This gives R [...]
curl disclosed a bug submitted by nadsec42: https://hackerone.com/reports/3591956 [...]
curl disclosed a bug submitted by anonymous_237: https://hackerone.com/reports/3646072 [...]
curl disclosed a bug submitted by sdainard: https://hackerone.com/reports/3666576 [...]
curl disclosed a bug submitted by xkilua: https://hackerone.com/reports/3697719 [...]
curl disclosed a bug submitted by 3lcarry: https://hackerone.com/reports/3694390 [...]
curl disclosed a bug submitted by joesephdiver: https://hackerone.com/reports/3669637 [...]
curl disclosed a bug submitted by quaccws: https://hackerone.com/reports/3642555 [...]
curl disclosed a bug submitted by arkss: https://hackerone.com/reports/3671818 [...]
curl disclosed a bug submitted by nobcoderr: https://hackerone.com/reports/3677759 [...]
curl disclosed a bug submitted by bonaire: https://hackerone.com/reports/3621851 [...]
curl disclosed a bug submitted by osama-hamad: https://hackerone.com/reports/3650689 [...]
curl disclosed a bug submitted by m1llie: https://hackerone.com/reports/3682666 [...]
curl disclosed a bug submitted by h3zh3z: https://hackerone.com/reports/3684614 [...]
curl disclosed a bug submitted by wi110w: https://hackerone.com/reports/3684603 [...]
PlayStation disclosed a bug submitted by gezine: https://hackerone.com/reports/3452696 - Bounty: $2500 [...]
Most organizations treating AI security as a model problem are defending the wrong layer. Security teams filter prompts, patch jailbreaks, and tune model behavior, which is all necessary work, while the actual attack surface sits largely unexamined underneath. That surface is the API layer: the endpoints AI systems use to retrieve data, call tools, and take action on behalf of users. This isn' [...]
We’re proud to announce that PortSwigger recently won the Overall Judges’ Award at the Northern Tech Awards 2026. The Northern Tech Awards are run by GP Bullhound, the tech advisory and investment fir [...]
IBM disclosed a bug submitted by jhon1231248e: https://hackerone.com/reports/3340797 [...]
Mozilla disclosed a bug submitted by icecream_23: https://hackerone.com/reports/3279441 - Bounty: $500 [...]
pixiv disclosed a bug submitted by aaqibhussain: https://hackerone.com/reports/3100570 - Bounty: $200 [...]
pixiv disclosed a bug submitted by lainkusanagi: https://hackerone.com/reports/3183520 - Bounty: $3000 [...]
Weblate disclosed a bug submitted by alexb_616: https://hackerone.com/reports/3518571 [...]
Shopify disclosed a bug submitted by 0xd0ff9: https://hackerone.com/reports/3679660 [...]
Your legal team just handed you a 400-page document and said "figure out compliance." The EU AI Act is live, your organization falls under its scope, which is broader than many expect. Even non‑EU companies must comply if their AI systems are used, deployed, or produce effects within the European Union. In practice, that means that global organizations building or integrating AI models cannot tre [...]
Hi hackers, Welcome to the latest edition of Bug Bytes! In this month's issue, we'll be featuring: Compromising an NPM package with 40M weekly downloads Bypassing Cloudflare WAF for a full ATO 20-part series on exploiting JWT vulnerabilities First Intigriti Bug Bounty Meetup And so much more! Let's dive in! Common misconceptions about bug bounty, debugged Bug bounty still gets misundersto [...]
Node.js disclosed a bug submitted by mbarbs: https://hackerone.com/reports/3556769 [...]
Posted by Thomas Brunner, Yu-Han Liu, Moni PandeAt Google, our Threat Intelligence teams are dedicated to staying ahead of real-world adversarial activity, proactively monitoring emerging threats before they can impact users. Right now, Indirect Prompt Injection (IPI) is a top priority for the security community, anticipating it as a primary attack vector for adversaries to target and compromise A [...]
We’re open-sourcing Trailmark, a library that parses source code into a queryable call graph of functions, classes, call relationships, and semantic metadata, then exposes that graph through a Python API that Claude skills can call directly. Install it now: uv pip install trailmark “Defenders think in lists. Attackers think in graphs. As long as this is true, attackers win.” John [...]
Rocket.Chat disclosed a bug submitted by arccode: https://hackerone.com/reports/3589551 [...]
What you will learn How vulnerability research and security testing may evolve in the future, based on expert insights and reflections from Intigriti COO Ed Parsons. How AI is reshaping vulnerability discovery, including the major trends and developments security teams should understand today. The ‘vulnpocalypse’, and what it signals about the future of AI-assisted hacking. The risks, oppor [...]
Every secure API draws a line between code and data. HTTP separates headers from bodies. SQL has prepared statements. Even email distinguishes the envelope from the message. The Model Context Protocol (MCP), the fast-growing standard for connecting AI agents to external services, inherits that gap from the models it sits on top of. Its central premise is that a language model reads tool descripti [...]
Rocket.Chat disclosed a bug submitted by npc: https://hackerone.com/reports/3564655 [...]
A 24-year-old British national and senior member of the cybercrime group “Scattered Spider” has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted his role in a series of text-message phishing attacks in the summer of 2022 that allowed the group to hack into at least a dozen major technology companies and steal tens of millions of doll [...]
TL;DR AI risk doesn’t live in the model. It lives in the APIs behind it. Every AI interaction triggers a chain of API calls across your environment. Many of those APIs aren’t documented or tracked. That’s your real exposure. Shadow API discovery gives you visibility into those hidden endpoints, so you can find them before attackers do. If you don’t know which APIs your AI relies on, you can [...]
Nextcloud disclosed a bug submitted by nullcathedral: https://hackerone.com/reports/3486747 [...]
Nextcloud disclosed a bug submitted by nullcathedral: https://hackerone.com/reports/3590586 [...]
Nextcloud disclosed a bug submitted by nullcathedral: https://hackerone.com/reports/3590583 [...]
Nextcloud disclosed a bug submitted by nullcathedral: https://hackerone.com/reports/3590576 [...]
curl disclosed a bug submitted by valvelvel: https://hackerone.com/reports/3680680 [...]
curl disclosed a bug submitted by fg0x0: https://hackerone.com/reports/3680038 [...]
Nextcloud disclosed a bug submitted by aikido_security: https://hackerone.com/reports/3594137 [...]
curl disclosed a bug submitted by skksndk: https://hackerone.com/reports/3680234 [...]
Ruby on Rails disclosed a bug submitted by smlee: https://hackerone.com/reports/3601655 [...]
curl disclosed a bug submitted by asdwe: https://hackerone.com/reports/3673277 [...]
Two weeks ago, Google’s Quantum AI group published a zero-knowledge proof of a quantum circuit so optimized, they concluded that first-generation quantum computers will break elliptic curve cryptography keys in as little as 9 minutes. Today, Trail of Bits is publishing our own zero-knowledge proof that significantly improves Google’s on all metrics. Our result is not due to some quantum breakthrou [...]
What you will learn How AI is boosting researcher productivity How new researchers are approaching bug bounties Why the quality of submissions is not declining How effective triage and coordination are crucial AI and the growing ecosystem of tools built around it have now moved beyond early experimentation and into everyday use across the bug bounty community. What initially showed up as AI- [...]
Why we’re launching the program What it means to be a Burp Ambassador What we’re aiming for Our Burp Ambassadors Alan Levy Corey Ball Federico Dotta Rana Khalil Tib3rius Looking ahead Get Involved - B [...]
HackerOne disclosed a bug submitted by joejoe5: https://hackerone.com/reports/3168691 [...]
HackerOne disclosed a bug submitted by hellokbit: https://hackerone.com/reports/3287208 - Bounty: $12500 [...]
curl disclosed a bug submitted by hybirdss: https://hackerone.com/reports/3674275 [...]
Understanding npm and the importance of dependency cooldowns. [...]
arkadiyt-projects disclosed a bug submitted by argareksapatii: https://hackerone.com/reports/3642600 [...]
AWS VDP disclosed a bug submitted by killnet-edc: https://hackerone.com/reports/3591725 [...]
Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dubbed “BlueHammer.” Separately, Google Chrome fixed its fourth zero-day of 2026, and an emergency update for Adobe Reader nixes an actively exploited [...]
Basecamp disclosed a bug submitted by xavlimsg: https://hackerone.com/reports/3608199 - Bounty: $500 [...]
Basecamp disclosed a bug submitted by xavlimsg: https://hackerone.com/reports/3543475 - Bounty: $218 [...]