InfoSec Planet
A collection of diverse security content from a curated list of sources. This website also serves as a demo for "worker-planet", the software that powers it.
Upcoming Speaking Engagements
on 15/06/2025
This is a current list of where and when I am scheduled to speak:
I’m speaking at the International Conference on Digital Trust, AI and the Future in Edinburgh, Scotland on Tuesday, June 24 at 4:00 PM.
The list is maintained on this page.
[...]
See full content
Learning to Hack Active Directory Certificate Services (with Shikata!)
on 14/06/2025
See full content
This is why you should run bug bounty tools from a VPS feat. Arthur Aires #bugbounty #bugbountytips
on 14/06/2025
See full content
Improper HTTP header block termination in llhttp
on 13/06/2025
Node.js disclosed a bug submitted by kenballus: https://hackerone.com/reports/2054283 [...]
See full content
Friday Squid Blogging: Stubby Squid
on 13/06/2025
Video of the stubby squid (Rossia pacifica) from offshore Vancouver Island.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
[...]
See full content
[20.98.103.245] Cross-Site Scripting (XSS) via /ssl-vpn/getconfig.esp at GlobalProtect VPN Portal
on 13/06/2025
Informatica disclosed a bug submitted by xbow: https://hackerone.com/reports/3096384 [...]
See full content
Crafted smart contract can take 8 minutes to execute due to bug in modexp precompile.
on 13/06/2025
Rootstock Labs disclosed a bug submitted by guido: https://hackerone.com/reports/2412583 [...]
See full content
Mitigating prompt injection attacks with a layered defense strategy
on 13/06/2025
Posted by Google GenAI Security TeamWith the rapid adoption of generative AI, a new wave of threats is emerging across the industry with the aim of manipulating the AI systems themselves. One such emerging attack vector is indirect prompt injections. Unlike direct prompt injections, where an attacker directly inputs malicious commands into a prompt, indirect prompt injections involve hidden malici [...]
See full content
Building a Malicious USB Hacking Device for Only $5
on 13/06/2025
See full content
How Security Leaders Build AI-Augmented Defense in Depth
on 13/06/2025
See full content
DOS of RSKJ server
on 13/06/2025
Rootstock Labs disclosed a bug submitted by spacewasp: https://hackerone.com/reports/2105808 - Bounty: $5000 [...]
See full content
Two months of Burp AI: empowering security testers with the future of AppSec
on 13/06/2025
It’s been a whirlwind two months since AI-powered features landed in Burp Suite Professional. Thousands of security testers across the world have been using Burp AI to find vulnerabilities and secure [...]
See full content
Paragon Spyware Used to Spy on European Journalists
on 13/06/2025
Paragon is an Israeli spyware company, increasingly in the news (now that NSO Group seems to be waning). “Graphite” is the name of its product. Citizen Lab caught it spying on multiple European journalists with a zero-click iOS exploit:
On April 29, 2025, a select group of iOS users were notified by Apple that they were targeted with advanced spyware. Among the group were two journalis [...]
See full content
Improper Authentication Throttling Allows Attacker-Controlled Account Lockouts
on 13/06/2025
Lichess disclosed a bug submitted by closec4ll: https://hackerone.com/reports/3160210 [...]
See full content
IDOR on in-app hardcoded zombie endpoint
on 13/06/2025
Bykea disclosed a bug submitted by bugbountywithmarco: https://hackerone.com/reports/3085742 [...]
See full content
Bypassing Bronze Partner Wallet Restriction to Accept Trips with Negative Balance
on 13/06/2025
Bykea disclosed a bug submitted by bugbountywithmarco: https://hackerone.com/reports/2868164 [...]
See full content
Ability to increase any customer offered fare (BAC)
on 13/06/2025
Bykea disclosed a bug submitted by grassye: https://hackerone.com/reports/2861888 [...]
See full content
Broken Access Control (IDOR) in Booking Detail and Bids Could Leads to Sensitive Information Disclosure
on 13/06/2025
Bykea disclosed a bug submitted by back2arie: https://hackerone.com/reports/2374730 [...]
See full content
WordPress Version Exposure via /wp-links-opml.php on hemi.xyz
on 13/06/2025
Hemi VDP disclosed a bug submitted by 1_ali_raza: https://hackerone.com/reports/3198394 [...]
See full content
Intigriti Bug Bytes #225 - June 2025 🚀
by Intigriti on 13/06/2025
Hello hackers,
Welcome to the latest edition of Bug Bytes! In this month’s issue, we’ll be featuring:
Becoming an Intigriti Pentester
Exploiting CORS in 2025 (even when SameSite is set to ‘Strict’)
A forgotten tool to quickly score new hidden endpoints (right before you close Burp Suite)
12 API hacking techniques
Common ways to find RCEs in your bug bounty target
And so … [...]
See full content
Inside a Dark Adtech Empire Fed by Fake CAPTCHAs
by BrianKrebs on 12/06/2025
Late last year, security researchers made a startling discovery: Kremlin-backed disinformation campaigns were bypassing moderation on social media platforms by leveraging the same malicious advertising technology that powers a sprawling ecosystem of online hucksters and website hackers. A new report on the fallout from that investigation finds this dark ad tech industry is far more resilient and i [...]
See full content
Managing your blind XSS payloads feat. Arthur Aires #bugbounty #bugbountytips #bugbountyhunter
on 12/06/2025
See full content
[XSS] Reflected XSS via POST request in ()
on 12/06/2025
Mars disclosed a bug submitted by morphykutay: https://hackerone.com/reports/3146996 [...]
See full content
Crafted smart contract can take 1.5 minutes to execute due to inefficient CODESIZE implementation
on 12/06/2025
Rootstock Labs disclosed a bug submitted by guido: https://hackerone.com/reports/2489843 [...]
See full content
Crafted smart contract can take ~23 seconds to execute due to immense error string construction
on 12/06/2025
Rootstock Labs disclosed a bug submitted by guido: https://hackerone.com/reports/2559404 [...]
See full content
Airlines Secretly Selling Passenger Data to the Government
on 12/06/2025
This is news:
A data broker owned by the country’s major airlines, including Delta, American Airlines, and United, collected U.S. travellers’ domestic flight records, sold access to them to Customs and Border Protection (CBP), and then as part of the contract told CBP to not reveal where the data came from, according to internal CBP documents obtained by 404 Media. The data includes pa [...]
See full content
Lack of Feedback Validation Permits Arbitrary Driver Ratings
on 12/06/2025
Bykea disclosed a bug submitted by bugbountywithmarco: https://hackerone.com/reports/2894018 [...]
See full content
Plugging in a Suspicious Mystery USB
on 12/06/2025
See full content
Generating target-specific wordlists feat. Arthur Aires #bugbounty #bugbountytips #bugbountyhunter
on 12/06/2025
See full content
CISO Spotlight: Rick Bohm on Building Bridges, Taming AI, and the Future of API Security
by aarampatzis on 12/06/2025
Nestled in a log cabin high in the Rocky Mountains, Rick Bohm starts his day the same way he’s approached his career: intentionally, with a quiet commitment to learning and action. Boasting more than three decades of cybersecurity experience, Rick has watched tech evolve from dial-up ISPs to advanced AI-driven security architectures – and through it all, he’s focused on one enduring mission: prot [...]
See full content
🔴 LIVE: TCMS CERT TIPS | Interview with an Expert | AMA
on 12/06/2025
See full content
Learn Phishing!
on 11/06/2025
See full content
Hunting Phishing Kits
on 11/06/2025
See full content
Automation to get Hackerone program updates feat. Arthur Aires #bugbounty #bugbountytips #bugbountyh
on 11/06/2025
See full content
Patch Tuesday, June 2025 Edition
by BrianKrebs on 11/06/2025
Microsoft today released security updates to fix at least 67 vulnerabilities in its Windows operating systems and software. Redmond warns that one of the flaws is already under active attack, and that software blueprints showing how to exploit a pervasive Windows bug patched this month are now public.
The sole zero-day flaw this month is CVE-2025-33053, a remote code execution flaw in the Windows [...]
See full content
Threat Hunting in 3 Easy Steps!
on 10/06/2025
See full content
Bug bounty tools that actually land bugs with Arthur Aires
on 10/06/2025
See full content
Windows Endpoint Telemetry (ft. Jonny Johnson)
on 10/06/2025
See full content
What we learned reviewing one of the first DKLs23 libraries from Silence Laboratories
on 10/06/2025
In October 2023, we audited Silence Laboratories’ DKLs23 threshold signature scheme (TSS) library—one of the first production implementations of this then-novel protocol that uses oblivious transfer (OT) instead of traditional Paillier cryptography. Our review uncovered serious flaws that could enable key destruction attacks, which Silence Laboratories promptly fixed. [...]
See full content
Security maturity, complexity, and bug bounty program effectiveness: A deep dive
by Eleanor Barlow on 10/06/2025
There are three key elements that, when combined, support the planning of a bug bounty program to attract the right researchers. These three components are the attack surface, security maturity, and asset complexity. In this article, we explore each of these elements, how they impact one another, and their influence on bug bounty programs.
What defines an attack surface? And ho… [...]
See full content
Puny-Code, 0-Click Account Takeover | @YShahinzadeh & @AmirMSafari | #NahamCon2025
on 09/06/2025
See full content
Path Traversal Vulnerability in Lila Project
on 09/06/2025
Lichess disclosed a bug submitted by immm: https://hackerone.com/reports/3181066 [...]
See full content
New Way to Covertly Track Android Users
on 09/06/2025
Researchers have discovered a new way to covertly track Android users. Both Meta and Yandex were using it, but have suddenly stopped now that they have been caught.
The details are interesting, and worth reading in detail:
Tracking code that Meta and Russia-based Yandex embed into millions of websites is de-anonymizing visitors by abusing legitimate Internet protocols, causing Chrome and other bro [...]
See full content
IDOR Vulnerability at AddTagToAssets operation name
on 08/06/2025
HackerOne disclosed a bug submitted by root_geek280: https://hackerone.com/reports/2633771 [...]
See full content
Friday Squid Blogging: Squid Run in Southern New England
on 06/06/2025
Southern New England is having the best squid run in years.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
[...]
See full content
ImageId Format Injection in Image Upload Endpoint
on 06/06/2025
Lichess disclosed a bug submitted by oblivionsage: https://hackerone.com/reports/3175928 [...]
See full content
Hearing on the Federal Government and AI
on 06/06/2025
On Thursday I testified before the House Committee on Oversight and Government Reform at a hearing titled “The Federal Government in the Age of Artificial Intelligence.”
The other speakers mostly talked about how cool AI was—and sometimes about how cool their own company was—but I was asked by the Democrats to specifically talk about DOGE and the risks of exfiltrating our d [...]
See full content
Getting Started with HackTheBox in 2025 | Cheatsheet Inside
on 06/06/2025
See full content
Report on the Malicious Uses of AI
on 06/06/2025
OpenAI just published its annual report on malicious uses of AI.
By using AI as a force multiplier for our expert investigative teams, in the three months since our last report we’ve been able to detect, disrupt and expose abusive activity including social engineering, cyber espionage, deceptive employment schemes, covert influence operations and scams.
These operations originated in many parts o [...]
See full content
1 Click Account Takeover via Auth Token Theft on marketing.hostinger.com
on 06/06/2025
hostinger disclosed a bug submitted by aziz0x48: https://hackerone.com/reports/3081691 [...]
See full content
The One Thing You Keep Forgetting About Broad Scope -ShuffelDNS
on 06/06/2025
See full content
Proxy Services Feast on Ukraine’s IP Address Exodus
by BrianKrebs on 05/06/2025
Image: Mark Rademaker, via Shutterstock.
Ukraine has seen nearly one-fifth of its Internet space come under Russian control or sold to Internet address brokers since February 2022, a new study finds. The analysis indicates large chunks of Ukrainian Internet address space are now in the hands of shadowy proxy and anonymity services that are nested at some of America’s largest Internet service [...]
See full content
Impress Interviewers With This IT Weekend Project!
on 05/06/2025
See full content
Addressing API Security with NIST SP 800-228
by Tim Erlin on 05/06/2025
According to the Wallarm Q1 2025 ThreatStats report, 70% of all application attacks target APIs. The industry can no longer treat API security as a sidenote; it’s time to treat it as the main event. NIST seems to be on board with this view, releasing the initial public draft of NIST SP 800-228, a set of recommendations for securing APIs.
I recently sat down with AJ Debole, Field CISO at Oracl [...]
See full content
DoS Vulnerability via Cache Poisoning on cdn.shopify.com and shopify-assets.shopifycdn.com
on 04/06/2025
Shopify disclosed a bug submitted by bassem_sadaqah: https://hackerone.com/reports/1695604 - Bounty: $3800 [...]
See full content
🔴 LIVE: Conti Ransomware | Cybersecurity | TryHackme | AMA
on 04/06/2025
See full content
returnUrl= allow attacker to redirect users to the another phising website and takeover credientials
on 04/06/2025
Insightly disclosed a bug submitted by basant0x01: https://hackerone.com/reports/1544236 [...]
See full content
The Ramifications of Ukraine’s Drone Attack
on 04/06/2025
You can read the details of Operation Spiderweb elsewhere. What interests me are the implications for future warfare:
If the Ukrainians could sneak drones so close to major air bases in a police state such as Russia, what is to prevent the Chinese from doing the same with U.S. air bases? Or the Pakistanis with Indian air bases? Or the North Koreans with South Korean air bases? Militaries that thou [...]
See full content
CVE-2025-5399: WebSocket endless loop
on 04/06/2025
curl disclosed a bug submitted by z2_: https://hackerone.com/reports/3168039 [...]
See full content
What does it take to become CREST-accredited? Top 10 questions answered
by Eleanor Barlow on 04/06/2025
Reputation – What is CREST?
CREST is the gold standard for quality assurance accreditation in the cybersecurity industry. It is a globally recognised not-for-profit cybersecurity authority that rigorously assesses organisations against stringent standards for quality, technical proficiency, and operational integrity.
‘Keeping information safe in today’s digital world is a s… [...]
See full content
What Is ASLR and Why Does It Matter?
on 03/06/2025
See full content
Server-Side Request Forgery (SSRF) via Game Export API
on 03/06/2025
Lichess disclosed a bug submitted by oblivionsage: https://hackerone.com/reports/3165242 [...]
See full content
New Linux Vulnerabilities
on 03/06/2025
They’re interesting:
Tracked as CVE-2025-5054 and CVE-2025-4598, both vulnerabilities are race condition bugs that could enable a local attacker to obtain access to access sensitive information. Tools like Apport and systemd-coredump are designed to handle crash reporting and core dumps in Linux systems.
[…]
“This means that if a local attacker manages to induce a crash in a priv [...]
See full content
IDOR: Account Deletion via Session Misbinding Attacker Can Delete Victim Account
on 03/06/2025
Mozilla disclosed a bug submitted by z3phyrus: https://hackerone.com/reports/3154983 - Bounty: $6000 [...]
See full content
Discovering hidden parameters: An advanced guide
by blackbird-eu on 03/06/2025
Reconnaissance plays an integral part in bug bounty hunting, with hidden parameter discovery an even more crucial role as they are often left with inadequate validation. Making these types of parameters usually more susceptible to common injection vulnerabilities such as SQLs, XSS, IDORs and even command injections.
In this article, we will cover 5 various ways to detect possi… [...]
See full content
Top 10 Bug Bounty Bits - Tip2 - 3 ways to test for BAC
on 02/06/2025
See full content
The XSS Rat - Underground rats By Nimble [Music Video]
on 02/06/2025
See full content
#NahamCon2025 Day 1 Keynote: Hacking, Prompt Engineering, and the Future of Pentesting with AI
on 02/06/2025
See full content
Top 10 Bug Bounty Bits - Tip1 - XSS Detection Techniques
on 31/05/2025
See full content
Public GitHub repositories for multiple HackerOne managed triage team profiles contain private HackerOne reports information
on 31/05/2025
HackerOne disclosed a bug submitted by w2w: https://hackerone.com/reports/2937622 - Bounty: $1200 [...]
See full content
How Hackers Establish Persistence
on 30/05/2025
See full content
Sustaining Digital Certificate Security - Upcoming Changes to the Chrome Root Store
on 30/05/2025
Posted by Chrome Root Program, Chrome Security Team
Note: Google Chrome communicated its removal of default trust of Chunghwa Telecom and Netlock in the public forum on May 30, 2025.
The Chrome Root Program Policy states that Certification Authority (CA) certificates included in the Chrome Root Store must provide value to Chrome end users that exceeds the risk of their continued inclusion. It [...]
See full content
Malware & Hackers Evade Antivirus with Windows Sandbox
on 30/05/2025
See full content
A deep dive into Axiom’s Halo2 circuits
on 30/05/2025
Over two audits in 2023, we reviewed a blockchain system developed by Axiom that allows computing over the entire history of Ethereum, all verified by zero-knowledge proofs (ZKPs) on-chain using ZK-verified elliptic curve and SNARK recursion operations. This system is built using the Halo2 framework—a complex, emerging technology that presents many challenges when building a secure application, in [...]
See full content
PortSwigger Honored with the King's Award for Enterprise in International Trade
on 30/05/2025
We’re proud to announce that PortSwigger has been awarded the prestigious King’s Award for Enterprise in the category of International Trade - a recognition that reflects our sustained international s [...]
See full content
Information Disclosure of metrics fax.wavecell.com/metrics
on 30/05/2025
8x8 Bounty disclosed a bug submitted by kauenavarro: https://hackerone.com/reports/1365076 [...]
See full content
Facebook Username Takeover via Broken Link in Footer
on 30/05/2025
Omise disclosed a bug submitted by vulnerability_is_here: https://hackerone.com/reports/3119034 [...]
See full content
U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
by BrianKrebs on 30/05/2025
Image: Shutterstock, ArtHead.
The U.S. government today imposed economic sanctions on Funnull Technology Inc., a Philippines-based company that provides computer infrastructure for hundreds of thousands of websites involved in virtual currency investment scams known as “pig butchering.” In January 2025, KrebsOnSecurity detailed how Funnull was being used as a content delivery network that ca [...]
See full content
Pipe To Vim
on 29/05/2025
See full content
Vibe Coding in Cursor for Cyber Security
on 29/05/2025
See full content
How Swiss Cheese is Like Cybersecurity
on 29/05/2025
See full content
hackers weaponize... really long filenames??
on 29/05/2025
See full content
Apache Airflow Fab Provider: Application does not invalidate session after password change via Airflow cli
on 29/05/2025
Internet Bug Bounty disclosed a bug submitted by saurabhb: https://hackerone.com/reports/3073507 [...]
See full content
Meet Burp Suite DAST: Your questions answered
on 29/05/2025
We recently hosted a webinar to introduce Burp Suite DAST, the new name for Burp Suite Enterprise Edition, the best-in-class, automated web application and API security scanning solution for modern Ap [...]
See full content
CISO Spotlight: Mike Wilkes on Building Resilience in an Evolving Threat Landscape
by Tim Erlin on 29/05/2025
Mike Wilkes has had a career many cybersecurity professionals could only dream of. An adjunct professor, former CISO of Marvel and MLS, member of the World Economic Forum, drummer, and board member at the National Jazz Museum in Harlem, his interests and achievements are as eclectic as they are impressive.
In the first edition of CISO Spotlight, we sat down with Mike to explore the skill [...]
See full content
The Custodial Stablecoin Rekt Test
on 29/05/2025
Introducing the Custodial Stablecoin Rekt Test; a new spin on the classic Rekt Test for evaluating the security maturity of stablecoin issuers. [...]
See full content
LIVE: HackTheBox | Pentesting | AppSec | Cybersecurity
on 28/05/2025
See full content
Pakistan Arrests 21 in ‘Heartsender’ Malware Service
by BrianKrebs on 28/05/2025
Authorities in Pakistan have arrested 21 individuals accused of operating “Heartsender,” a once popular spam and malware dissemination service that operated for more than a decade. The main clientele for HeartSender were organized crime groups that tried to trick victim companies into making payments to a third party, and its alleged proprietors were publicly identified by KrebsOnSecur [...]
See full content
Remote Code Execution via unsafe usage of `reply.view({ raw })` in @fastify/view (EJS template engine)
on 28/05/2025
Fastify disclosed a bug submitted by oblivionsage: https://hackerone.com/reports/3122019 [...]
See full content
This Sneaky Malware Uses Cloudflare to Steal Your Password
on 28/05/2025
See full content
RCE via deserialization with a class allowlist bypass and DNS exfiltration with Arthur Aires
on 28/05/2025
See full content
CVE-2025-5025: No QUIC certificate pinning with wolfSSL
on 28/05/2025
curl disclosed a bug submitted by kurohiro: https://hackerone.com/reports/3153497 [...]
See full content
CVE-2025-4947: QUIC certificate check skip with wolfSSL
on 28/05/2025
curl disclosed a bug submitted by kurohiro: https://hackerone.com/reports/3150884 [...]
See full content
Non-Production API Endpoints for the bedrock-agent Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration
on 28/05/2025
AWS VDP disclosed a bug submitted by nick_frichette_dd: https://hackerone.com/reports/2800091 [...]
See full content
Non-Production API Endpoints for the bedrock Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration
on 28/05/2025
AWS VDP disclosed a bug submitted by nick_frichette_dd: https://hackerone.com/reports/2951803 [...]
See full content
Non-Production API Endpoint for the EventBridge Service Fails to Log to CloudTrail Resulting in Silent Permission Enumeration
on 28/05/2025
AWS VDP disclosed a bug submitted by nick_frichette_dd: https://hackerone.com/reports/3021618 [...]
See full content
Non-Production API Endpoints for the Global Accelerator Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration
on 28/05/2025
AWS VDP disclosed a bug submitted by nick_frichette_dd: https://hackerone.com/reports/3029552 [...]
See full content
Non-Production API Endpoints for the Health Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration
on 28/05/2025
AWS VDP disclosed a bug submitted by nick_frichette_dd: https://hackerone.com/reports/3042588 [...]
See full content
Amazon Pinpoint SMS and Voice, version 2 Service Reporting "AWS Internal" for CloudTrail Events Generated from FIPS Endpoints
on 28/05/2025
AWS VDP disclosed a bug submitted by nick_frichette_dd: https://hackerone.com/reports/3072841 [...]
See full content
Amazon Kendra Intelligent Ranking Service Reporting "AWS Internal" for CloudTrail Events Generated from FIPS Endpoints
on 28/05/2025
AWS VDP disclosed a bug submitted by nick_frichette_dd: https://hackerone.com/reports/3044471 [...]
See full content