InfoSec Planet
A collection of diverse security content from a curated list of sources. This website also serves as a demo for "worker-planet", the software that powers it.
Friday Squid Blogging: How Squid Skin Distorts Light on 04/07/2025
New research. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. [...]
Build a Structured Threat Hunting Methodology on 04/07/2025
CRLF injection in libcurl's SMTP client via --mail-from and --mail-rcpt allows SMTP command smuggling on 03/07/2025
curl disclosed a bug submitted by skrcprst: https://hackerone.com/reports/3235428 [...]
HackerOne Leading AI Agent ... Should We Be Worried? on 03/07/2025
Inside Axis’s Approach to Cybersecurity with Bugcrowd on 03/07/2025
Big Tech’s Mixed Response to U.S. Treasury Sanctions by BrianKrebs on 03/07/2025
In May 2025, the U.S. government sanctioned a Chinese national for operating a cloud provider linked to the majority of virtual currency investment scam websites reported to the FBI. But a new report finds the accused continues to operate a slew of established accounts at American tech companies — including Facebook, Github, PayPal and Twitter/X. On May 29, the U.S. Department of the Treasur [...]
MozillaVPN: Elevation of Privilege via a Logic Vulnerability on 03/07/2025
Mozilla disclosed a bug submitted by northsea: https://hackerone.com/reports/2686750 [...]
MozillaVPN: Elevation of Privilege via a Race Condition Vulnerability on 03/07/2025
Mozilla disclosed a bug submitted by northsea: https://hackerone.com/reports/2261577 [...]
Surveillance Used by a Drug Cartel on 03/07/2025
Once you build a surveillance system, you can’t control who will use it: A hacker working for the Sinaloa drug cartel was able to obtain an FBI official’s phone records and use Mexico City’s surveillance cameras to help track and kill the agency’s informants in 2018, according to a new US justice department report. The incident was disclosed in a justice department inspector general’s audit [...]
Subdomain takeover on live.firefox.com on 03/07/2025
Mozilla disclosed a bug submitted by martinvw: https://hackerone.com/reports/2899858 - Bounty: $500 [...]
What CISA’s BOD 25-01 Means for API Security and How Wallarm Can Help by Tim Erlin on 03/07/2025
The US government has taken another significant step towards strengthening cloud security with the release of CISA’s Binding Operational Directive (BOD) 25-01. Aimed at improving the security posture of federal cloud environments, BOD 25-01 mandates robust configuration, visibility, and control across cloud-based services. While the directive doesn’t explicitly name API security, securing mo [...]
curl doesn't hide credentials in /proc/XXX/cmdline provided via CLI arguments on 03/07/2025
curl disclosed a bug submitted by stogusho: https://hackerone.com/reports/3000639 [...]
Elevation of Privileges (EoP) vulnerabilities related to the some easy_options on Windows on 03/07/2025
curl disclosed a bug submitted by justlikebono_official: https://hackerone.com/reports/2941920 [...]
Authorization Header Leak via --location-trusted in Curl on 03/07/2025
curl disclosed a bug submitted by voggerloops: https://hackerone.com/reports/2946924 [...]
LIVE: Memory Forensics | Cybersecurity | Blue Team on 03/07/2025
this malware hides a payload in a WALLPAPER on 02/07/2025
Ubuntu Disables Spectre/Meltdown Protections on 02/07/2025
A whole class of speculative execution attacks against CPUs were published in 2018. They seemed pretty catastrophic at the time. But the fixes were as well. Speculative execution was a way to speed up CPUs, and removing those enhancements resulted in significant performance drops. Now, people are rethinking the trade-off. Ubuntu has disabled some protections, resulting in 20% performance boost. A [...]
Buckle up, Buttercup, AIxCC’s scored round is underway! on 02/07/2025
Our CRS (Cyber Reasoning System), Buttercup, is now competing in the one and only scored round of DARPA’s AI Cyber Challenge (AIxCC) against six other teams to see which autonomous AI-driven system can find and patch the most software vulnerabilities. [...]
The One Thing Vulnerability Scanners Can't Do! on 01/07/2025
Memory leak of ftp (with proxy reuse) on 01/07/2025
curl disclosed a bug submitted by catenacyber: https://hackerone.com/reports/3023139 [...]
HTTP Proxy Bypass via `CURLOPT_CUSTOMREQUEST` Verb Tunneling on 01/07/2025
curl disclosed a bug submitted by alphox: https://hackerone.com/reports/3231321 [...]
Speculative Execution Side-Channel in `curl` on 01/07/2025
curl disclosed a bug submitted by evilginx1: https://hackerone.com/reports/3124490 [...]
arbitrary file read via `file://` path traversal with `--path-as-is` on 01/07/2025
curl disclosed a bug submitted by demsese: https://hackerone.com/reports/3226502 [...]
Heap buffer overflow vulnerability in conncache.c: incorrect use of pointer arrays resulting in out-of-bounds memory writes. on 01/07/2025
curl disclosed a bug submitted by freak_coding: https://hackerone.com/reports/3156384 [...]
curl -OJ allows creating custom .curlrc file which allows exfiltrating private data, among other things on 01/07/2025
curl disclosed a bug submitted by wolfsage: https://hackerone.com/reports/3135673 [...]
curl_easy_header runs at O(N) or worse and can be abused to use minute(s) of CPU time on 01/07/2025
curl disclosed a bug submitted by wolfsage: https://hackerone.com/reports/3133253 [...]
hackers trick everyone to run malware (FileFix) on 01/07/2025
Iranian Blackout Affected Misinformation Campaigns on 01/07/2025
Dozens of accounts on X that promoted Scottish independence went dark during an internet blackout in Iran. Well, that’s one way to identify fake accounts and misinformation campaigns. [...]
[High] MITM via Insecure CA Path Handling in cURL (--capath, CURLOPT_CAPATH) (CWE-494: Download of Code Without Integrity Check) on 30/06/2025
curl disclosed a bug submitted by oicus: https://hackerone.com/reports/3120969 [...]
[High] Arbitrary File Write via Path Traversal in cURL CLI (`-o`, `--output`) (CWE-22: Improper Limitation of a Pathname to a Restricted Directory) on 30/06/2025
curl disclosed a bug submitted by oicus: https://hackerone.com/reports/3120987 [...]
Potential XSS vector in curl via unsanitized URL parameter handling on 30/06/2025
curl disclosed a bug submitted by redfoxsec: https://hackerone.com/reports/3118915 [...]
Double free caused by mqtt_doing() on 30/06/2025
curl disclosed a bug submitted by tdp3kel9g: https://hackerone.com/reports/3045390 [...]
Buffer Overflow in curl's Rustls Backend on 30/06/2025
curl disclosed a bug submitted by cyberguardianrd: https://hackerone.com/reports/3037583 [...]
Stack-based Buffer Overflow in TELNET NEW_ENV Option Handling on 30/06/2025
curl disclosed a bug submitted by agent_0: https://hackerone.com/reports/3230082 [...]
Senator Chides FBI for Weak Advice on Mobile Security by BrianKrebs on 30/06/2025
Agents with the Federal Bureau of Investigation (FBI) briefed Capitol Hill staff recently on hardening the security of their mobile devices, after a contacts list stolen from the personal phone of the White House Chief of Staff Susie Wiles was reportedly used to fuel a series of text messages and phone calls impersonating her to U.S. lawmakers. But in a letter this week to the FBI, one of the Sena [...]
RXSS AT https://proze.yelp.com/tmsubscribe.net/vidsn.aspx on 30/06/2025
Yelp disclosed a bug submitted by 0xold: https://hackerone.com/reports/2947762 [...]
Making transfer v2 channel unupgradable through the forwarding on 30/06/2025
Cosmos disclosed a bug submitted by unknown_feature: https://hackerone.com/reports/2914705 [...]
Replacing ICA active channel during the upgrade and a bit more on 30/06/2025
Cosmos disclosed a bug submitted by unknown_feature: https://hackerone.com/reports/2917368 [...]
Unlock underage blocked app without support interaction using airplane mode on 30/06/2025
Tools for Humanity disclosed a bug submitted by polem4rch: https://hackerone.com/reports/3136790 - Bounty: $300 [...]
How Cybersecurity Fears Affect Confidence in Voting Systems on 30/06/2025
American democracy runs on trust, and that trust is cracking. Nearly half of Americans, both Democrats and Republicans, question whether elections are conducted fairly. Some voters accept election results only when their side wins. The problem isn’t just political polarization—it’s a creeping erosion of trust in the machinery of democracy itself. Commentators blame ideological tr [...]
GraphQL CSRF via the HEAD method #bugbounty #bugbountytips #bugbountyhunter on 30/06/2025
Heap Buffer Overflow in libcurl curl_slist_append via Unterminated String on 30/06/2025
curl disclosed a bug submitted by geeknik: https://hackerone.com/reports/3229490 [...]
Memory leak from doh_write_cb on 29/06/2025
curl disclosed a bug submitted by catenacyber: https://hackerone.com/reports/3089595 [...]
Unauthorized coins transfer from locking account(s) on 29/06/2025
Cosmos disclosed a bug submitted by unknown_feature: https://hackerone.com/reports/2976481 [...]
Exploiting Log4Shell (Log4J) in 2025 by blackbird-eu on 29/06/2025
It's been a few years since Log4Shell, an injection attack in Log4J Apache logging software, has struck thousands of companies around the world. And despite all the efforts organisations took to patch this critical flaw in their systems, some web services running in 2025 are still vulnerable to Log4Shell, often due to legacy systems still relying on vulnerable versions, (hidden… [...]
CNWPP - This Is Why You Suck At Pentesting on 28/06/2025
HTTP/2 CONTINUATION Flood Vulnerability on 28/06/2025
curl disclosed a bug submitted by evilginx1: https://hackerone.com/reports/3125820 [...]
Path Traversal Vulnerability in curl via Unsanitized IPFS_PATH Environment Variable on 28/06/2025
curl disclosed a bug submitted by ziad616: https://hackerone.com/reports/3100073 [...]
Buffer Overflow in curl MQTT Test Server (tests/server/mqttd.c) via Malicious CONNECT Packet on 28/06/2025
curl disclosed a bug submitted by deep-hackerone: https://hackerone.com/reports/3101127 [...]
Free of uninitialized pointer in doh_decode_rdata_name() on 28/06/2025
curl disclosed a bug submitted by tdp3kel9g: https://hackerone.com/reports/3037326 [...]
Improper Restriction of Authentication Attempts in cURL on 28/06/2025
curl disclosed a bug submitted by irfanmughal1122: https://hackerone.com/reports/3030158 [...]
Stack Buffer Overflow in curl's OpenSSL Provider Handling on 28/06/2025
curl disclosed a bug submitted by oblivionsage: https://hackerone.com/reports/3153971 [...]
OS Command Injection in scripts/firefox-db2pem.sh via untrusted certificate nicknames on 28/06/2025
curl disclosed a bug submitted by behindtheblackwall: https://hackerone.com/reports/3225565 [...]
10/10 GraphQL SQL injection bug #bugbounty #bugbountytips #bugbountyhunter on 28/06/2025
Friday Squid Blogging: What to Do When You Find a Squid “Egg Mop” on 27/06/2025
Tips on what to do if you find a mop of squid eggs. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. [...]
Unauthorized Access to Private Video Description via Translation API for Private Accounts on 27/06/2025
TikTok disclosed a bug submitted by z3phyrus: https://hackerone.com/reports/2921830 [...]
How to Chain Vulnerabilities for Impact (PWPE Prep) on 27/06/2025
Mutation Based Stored XSS on Trix Editor version latest (2.1.8) on 27/06/2025
Basecamp disclosed a bug submitted by sudi: https://hackerone.com/reports/2819573 - Bounty: $6000 [...]
The Age of Integrity on 27/06/2025
We need to talk about data integrity. Narrowly, the term refers to ensuring that data isn’t tampered with, either in transit or in storage. Manipulating account balances in bank databases, removing entries from criminal records, and murder by removing notations about allergies from medical records are all integrity attacks. More broadly, integrity refers to ensuring that data is correct and accura [...]
Unexpected privilege escalation deletion bug #bugbounty #bugbountytips #bugbountyhunter on 27/06/2025
Failure to strip Proxy-Authorization header on change in origin on 27/06/2025
curl disclosed a bug submitted by grahamcampbell: https://hackerone.com/reports/3180396 [...]
Arbitrary File Read via Unsanitized curl Usage Results in Sensitive File Exposure on 27/06/2025
curl disclosed a bug submitted by ednaq: https://hackerone.com/reports/3183957 [...]
NEX: Stack overflow in UnicodeToUtf8 on 27/06/2025
Nintendo disclosed a bug submitted by kinnay: https://hackerone.com/reports/469997 [...]
The Last We Heard From Andrew! 😱 on 26/06/2025
Will This GUI Based Subdomain Checker Be A Good Tool In Your Arsenal ... ? on 26/06/2025
Improper Access Control Allows Trip Hijacking and Passenger/Driver PII Disclosure on 26/06/2025
Bykea disclosed a bug submitted by grassye: https://hackerone.com/reports/2867022 [...]
White House Bans WhatsApp on 26/06/2025
Reuters is reporting that the White House has banned WhatsApp on all employee devices: The notice said the “Office of Cybersecurity has deemed WhatsApp a high risk to users due to the lack of transparency in how it protects user data, absence of stored data encryption, and potential security risks involved with its use.” TechCrunch has more commentary, but no more information. [...]
Exposed trip_no in WebSocket Responses Leading to Excessive information Disclosure on 26/06/2025
Bykea disclosed a bug submitted by mrrhacker: https://hackerone.com/reports/2209750 [...]
Unauthenticated → Low privileges → admin #bugbounty #bugbountytips #bugbountyhunter on 26/06/2025
Beyond Traditional Threats: The Rise of AI-Driven API Vulnerabilities by Tim Erlin on 26/06/2025
AI has had dramatic impacts on almost every facet of every industry. API security is no exception. Up until recently, defending APIs meant guarding against well-understood threats. But as AI proliferates, automated adversaries, AI-crafted exploits, and business logic abuse have complicated matters. It’s no longer enough to merely patch known flaws; security teams must now contend with intelligent [...]
LIVE: New FREE Course Release! | Q&A | AMA | Cybersecurity on 26/06/2025
How You Can Impersonate Anyone in Active Directory (with Shikata!) on 25/06/2025
What LLMs Know About Their Users on 25/06/2025
Simon Willison talks about ChatGPT’s new memory dossier feature. In his explanation, he illustrates how much the LLM—and the company—knows about its users. It’s a big quote, but I want you to read it all. Here’s a prompt you can use to give you a solid idea of what’s in that summary. I first saw this shared by Wyatt Walls. please put all text under the following [...]
Sometimes, one field is all you need for a bug #bugbounty #bugbountytips #bugbountyhunter on 25/06/2025
Pass The PWPE With These Quick Tips! on 24/06/2025
What bugs you should look for in a GraphQL API? Bug Bounty Case Study on 24/06/2025
Here’s a Subliminal Channel You Haven’t Considered Before on 24/06/2025
Scientists can manipulate air bubbles trapped in ice to encode messages. [...]
Maturing your smart contracts beyond private key risk on 24/06/2025
Private key compromise accounted for 43.8% of crypto hacks in 2024, yet traditional smart contract audits rarely address architectural access control weaknesses. This post introduces a four-level maturity framework for designing protocols that can tolerate key compromise, progressing from single EOA control to radical immutability, with practical examples demonstrating multisigs, timelocks, and th [...]
Bug Bounties Is EASY! on 24/06/2025
Woocommerce SQL Injection in WC_Report_Coupon_Usage on 24/06/2025
Automattic disclosed a bug submitted by q5ca: https://hackerone.com/reports/3198980 [...]
DIY or outsourced bug bounty programs: what’s best for your business? by Eleanor Barlow on 24/06/2025
Organizations are adopting bug bounty programs more and more as part of a layered security strategy to address the skills gap and to help their security budget go further. But should you run a program in-house or outsource to a bug bounty program provider? This blog will take you through the setup process and explain where the value from a bug bounty platform comes into play. … [...]
Bug Bounty Road Map - A Good Start, But Here's A Better Idea on 23/06/2025
Security Flash: US Critical Infrastructure on 23/06/2025
I Am Giving Away 2 Copies Of My Endless Bundle - What Is Included?! (See Description) on 22/06/2025
Come test out our #XSS playgrounds on 22/06/2025
What wordlist do I pick in bug bounty hunting? on 22/06/2025
Credential leak on redirect due to improper state clearing when parsing macdef in netrc.c on 22/06/2025
curl disclosed a bug submitted by oxghostly: https://hackerone.com/reports/3211973 [...]
Sensitive information disclosure with malicious netrc file on 22/06/2025
curl disclosed a bug submitted by z2_: https://hackerone.com/reports/3211126 [...]
This is the best API hacking course because Is FREE on 21/06/2025
CAPIE IS FREE - API HACKING FROM UNC FAT RAT on 21/06/2025
CAPIE - Certified API hacking Expert - FREE IN DESCRIPTION on 21/06/2025
Every Cybersecurity Job Explained! on 20/06/2025
Learn Capture the Flag! on 19/06/2025
Evading Antivirus Detection in C (with Dahvid Schloss) on 19/06/2025
What Horses Can Teach Us About AI on 19/06/2025
Five Uncomfortable Truths About LLMs in Production by Ivan Novikov on 19/06/2025
Many tech professionals see integrating large language models (LLMs) as a simple process -just connect an API and let it run. At Wallarm, our experience has proved otherwise. Through rigorous testing and iteration, our engineering team uncovered several critical insights about deploying LLMs securely and effectively. This blog shares our journey of integrating cutting-edge AI into a secu [...]
LIVE: New Cert | Chaining Vulnerabilities | AppSec | Cybersecurity | Pentesting on 19/06/2025
Unexpected security footguns in Go's parsers on 18/06/2025
File parsers in Go contain unexpected behaviors that can lead to serious security vulnerabilities. This post examines how JSON, XML, and YAML parsers in Go handle edge cases in ways that have repeatedly resulted in high-impact security issues in production systems. We explore three real-world attack scenarios: marshaling/unmarshaling unexpected data, exploiting parser differentials, and leveraging [...]
EXIF metadata not stripped from profile image on 18/06/2025
Informatica disclosed a bug submitted by growler09: https://hackerone.com/reports/3129421 [...]