InfoSec Planet
A collection of diverse security content from a curated list of sources. This website also serves as a demo for "worker-planet", the software that powers it.
Squid Dominated the Oceans in the Late Cretaceous
on 11/07/2025
New research:
One reason the early years of squids has been such a mystery is because squids’ lack of hard shells made their fossils hard to come by. Undeterred, the team instead focused on finding ancient squid beaks—hard mouthparts with high fossilization potential that could help the team figure out how squids evolved.
With that in mind, the team developed an advanced fossil discove [...]
See full content
Tradecraft in the Information Age
on 11/07/2025
Long article on the difficulty (impossibility?) of human spying in the age of ubiquitous digital surveillance.
[...]
See full content
How to Study for Cybersecurity (Even When You're Busy!)
on 11/07/2025
See full content
how hackers avoid getting caught
on 11/07/2025
See full content
Default Minimum TLS Version Set to TLS v1.0 (Cryptographic Weakness)
on 10/07/2025
curl disclosed a bug submitted by monkey_dee: https://hackerone.com/reports/3246519 [...]
See full content
BBGMA - Full Bug Bounty Guide - P1 - Explorations and enum
on 10/07/2025
See full content
Build a Bjorn in 3 Minutes!
on 10/07/2025
See full content
UK Arrests Four in ‘Scattered Spider’ Ransom Group
by BrianKrebs on 10/07/2025
Authorities in the United Kingdom this week arrested four people aged 17 to 20 in connection with recent data theft and extortion attacks against the retailers Marks & Spencer and Harrods, and the British food retailer Co-op Group. The breaches have been linked to a prolific but loosely-affiliated cybercrime group dubbed “Scattered Spider,” whose other recent victims include multip [...]
See full content
Using Signal Groups for Activism
on 10/07/2025
Good tutorial by Micah Lee. It includes some nonobvious use cases.
[...]
See full content
Understanding the NCSC’s New API Security Guidance
by Tim Erlin on 10/07/2025
Legislative, regulatory, and advisory bodies the world over are waking up to the importance of API security. Most recently, the UK’s National Cyber Security Centre (NCSC) has published detailed guidance on best practices for building and maintaining secure APIs. In this blog, we’ll break down that guidance and explore how Wallarm’s platform can help you align with each one.
Inside the NC [...]
See full content
Preventing the growing costs of repeat and duplicate bug bounty submissions
by Eleanor Barlow on 10/07/2025
What are duplicate submissions?
Within the bug bounty industry, duplicate submissions refer to when two or more researchers report the same issue or vulnerability.
When a researcher, who works with a bug bounty platform, identifies a vulnerability, they submit a report to the platform, such as Intigriti, where it is reviewed. If the issue has already been reported, then it is m… [...]
See full content
CVE-2025-48384: Git vulnerable to arbitrary file write on non-Windows systems
on 10/07/2025
Learn more about the emerging vulnerability affecting Git. [...]
See full content
LIVE: Web Hacking | Pentesting | AppSec | Cybersecurity | TryHackme | AMA
on 09/07/2025
See full content
Use-After-Free in OpenSSL Keylog Callback via SSL_get_ex_data() in libcurl
on 09/07/2025
curl disclosed a bug submitted by brobagazzzx: https://hackerone.com/reports/3242005 [...]
See full content
Yet Another Strava Privacy Leak
on 09/07/2025
This time it’s the Swedish prime minister’s bodyguards. (Last year, it was the US Secret Service and Emmanuel Macron’s bodyguards. in 2018, it was secret US military bases.)
This is ridiculous. Why do people continue to make their data public?
[...]
See full content
Arbitrary File Read via file:// Protocol in cURL
on 09/07/2025
curl disclosed a bug submitted by mr_tufan: https://hackerone.com/reports/3242087 [...]
See full content
Microsoft Patch Tuesday, July 2025 Edition
by BrianKrebs on 09/07/2025
Microsoft today released updates to fix at least 137 security vulnerabilities in its Windows operating systems and supported software. None of the weaknesses addressed this month are known to be actively exploited, but 14 of the flaws earned Microsoft’s most-dire “critical” rating, meaning they could be exploited to seize control over vulnerable Windows PCs with little or no help [...]
See full content
Chain Vulnerability lead to Full Control Group Live Accounts & Undeletable Creator
on 08/07/2025
TikTok disclosed a bug submitted by eneri: https://hackerone.com/reports/3027478 [...]
See full content
ReDoS in IPAddr
on 08/07/2025
Ruby disclosed a bug submitted by ooooooo_q: https://hackerone.com/reports/1485717 [...]
See full content
ReDoS in Psych
on 08/07/2025
Ruby disclosed a bug submitted by ooooooo_q: https://hackerone.com/reports/1487889 [...]
See full content
Learn Google Dorking!
on 08/07/2025
See full content
access notes without permission
on 08/07/2025
curl disclosed a bug submitted by haydradz: https://hackerone.com/reports/3241304 [...]
See full content
Disclosure of email addresses
on 08/07/2025
curl disclosed a bug submitted by haydradz: https://hackerone.com/reports/3241308 [...]
See full content
Clear Authentication Deficiencies & Potential for Man-in-the-Middle Attacks
on 08/07/2025
Sony disclosed a bug submitted by trapedev: https://hackerone.com/reports/2642615 [...]
See full content
Advancing Protection in Chrome on Android
on 08/07/2025
Posted by David Adrian, Javier Castro & Peter Kotwicz, Chrome Security Team
Android recently announced Advanced Protection, which extends Google’s Advanced Protection Program to a device-level security setting for Android users that need heightened security—such as journalists, elected officials, and public figures. Advanced Protection gives you the ability to activate Google’s strongest sec [...]
See full content
Information disclosure identified on IBM endpoint.
on 08/07/2025
IBM disclosed a bug submitted by devire: https://hackerone.com/reports/2402842 [...]
See full content
CSRF at Network feature
on 08/07/2025
Lichess disclosed a bug submitted by psfauzi: https://hackerone.com/reports/3230359 [...]
See full content
Are CTFs Actually Good for Learning Cybersecurity Skills?
on 08/07/2025
See full content
Inside the AI Threat Landscape: From Jailbreaks to Prompt Injections and Agentic AI Risks
by Tim Erlin on 08/07/2025
AI has officially moved out of the novelty phase. What began with people messing around with LLM-powered GenAI tools for content creation has rapidly evolved into a complex web of agentic AI systems that form a critical part of the modern corporate landscape. However, this transformation has given new life to old threats, transforming the API security landscape all over again.
I recently sat [...]
See full content
Investigate your dependencies with Deptective
on 08/07/2025
Deptective, our new open-source tool, automatically finds the packages needed to install software dependencies. It does so not based on the software’s self-reported requirements, but by observing what the software needs at runtime. [...]
See full content
PortSwigger at Black Hat & DEF CON 33
on 08/07/2025
Las Vegas. August. Protocols are getting torn apart. This summer, PortSwigger returns to Black Hat USA and DEF CON 33 with a host of new talks, events and ways to meet PortSwigger and the the teams be [...]
See full content
Hiding Prompt Injections in Academic Papers
on 07/07/2025
Academic papers were found to contain hidden instructions to LLMs:
It discovered such prompts in 17 articles, whose lead authors are affiliated with 14 institutions including Japan’s Waseda University, South Korea’s KAIST, China’s Peking University and the National University of Singapore, as well as the University of Washington and Columbia University in the U.S. Most of the pap [...]
See full content
curl --continue-at confusion
on 07/07/2025
curl disclosed a bug submitted by nyymi: https://hackerone.com/reports/2859735 [...]
See full content
Information Disclosure at : https://curl.se/.mailmap
on 07/07/2025
curl disclosed a bug submitted by haithamzakaria: https://hackerone.com/reports/2853023 [...]
See full content
information disclosure
on 07/07/2025
curl disclosed a bug submitted by rono_07: https://hackerone.com/reports/2841436 [...]
See full content
netrc crlf injection
on 07/07/2025
curl disclosed a bug submitted by nyymi: https://hackerone.com/reports/2831558 [...]
See full content
curl mishandles `%0c%0b` sequences in HTTP responses leading to CRLF confusions, Headers and Cookies Injection
on 07/07/2025
curl disclosed a bug submitted by mdakh404: https://hackerone.com/reports/2861797 [...]
See full content
Arbitrary File Deletion Vulnerability in curl Source Code via os.unlink()
on 07/07/2025
curl disclosed a bug submitted by aadityaathehacker: https://hackerone.com/reports/2864414 [...]
See full content
-H with space prefix leads to previous header injection when used with --proxy
on 07/07/2025
curl disclosed a bug submitted by spongebhav: https://hackerone.com/reports/2864859 [...]
See full content
OS Command Injection (subprocess Module Usage)
on 07/07/2025
curl disclosed a bug submitted by bulter: https://hackerone.com/reports/2904921 [...]
See full content
Git repository found
on 07/07/2025
curl disclosed a bug submitted by tefa_: https://hackerone.com/reports/2915426 [...]
See full content
Integer Overflow Risk in HTTP/2 Proxy Window Size Calculations
on 07/07/2025
curl disclosed a bug submitted by extramayoextracheeseextrafries: https://hackerone.com/reports/3238249 [...]
See full content
[MK8DX] Improper ranking/replay file parsing
on 06/07/2025
Nintendo disclosed a bug submitted by crazy_man123: https://hackerone.com/reports/1813453 [...]
See full content
TLS Cipher Misconfiguration in HTTP/3/QUIC Support
on 06/07/2025
curl disclosed a bug submitted by zzq1015: https://hackerone.com/reports/2981303 [...]
See full content
Reverse Engineering Anti-Debugging Techniques (with Nathan Baggs!)
on 05/07/2025
See full content
Friday Squid Blogging: How Squid Skin Distorts Light
on 04/07/2025
New research.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Blog moderation policy.
[...]
See full content
Build a Structured Threat Hunting Methodology
on 04/07/2025
See full content
CRLF injection in libcurl's SMTP client via --mail-from and --mail-rcpt allows SMTP command smuggling
on 03/07/2025
curl disclosed a bug submitted by skrcprst: https://hackerone.com/reports/3235428 [...]
See full content
HackerOne Leading AI Agent ... Should We Be Worried?
on 03/07/2025
See full content
Inside Axis’s Approach to Cybersecurity with Bugcrowd
on 03/07/2025
See full content
Big Tech’s Mixed Response to U.S. Treasury Sanctions
by BrianKrebs on 03/07/2025
In May 2025, the U.S. government sanctioned a Chinese national for operating a cloud provider linked to the majority of virtual currency investment scam websites reported to the FBI. But a new report finds the accused continues to operate a slew of established accounts at American tech companies — including Facebook, Github, PayPal and Twitter/X.
On May 29, the U.S. Department of the Treasur [...]
See full content
MozillaVPN: Elevation of Privilege via a Logic Vulnerability
on 03/07/2025
Mozilla disclosed a bug submitted by northsea: https://hackerone.com/reports/2686750 [...]
See full content
MozillaVPN: Elevation of Privilege via a Race Condition Vulnerability
on 03/07/2025
Mozilla disclosed a bug submitted by northsea: https://hackerone.com/reports/2261577 [...]
See full content
Surveillance Used by a Drug Cartel
on 03/07/2025
Once you build a surveillance system, you can’t control who will use it:
A hacker working for the Sinaloa drug cartel was able to obtain an FBI official’s phone records and use Mexico City’s surveillance cameras to help track and kill the agency’s informants in 2018, according to a new US justice department report.
The incident was disclosed in a justice department inspector general’s audit [...]
See full content
Subdomain takeover on live.firefox.com
on 03/07/2025
Mozilla disclosed a bug submitted by martinvw: https://hackerone.com/reports/2899858 - Bounty: $500 [...]
See full content
What CISA’s BOD 25-01 Means for API Security and How Wallarm Can Help
by Tim Erlin on 03/07/2025
The US government has taken another significant step towards strengthening cloud security with the release of CISA’s Binding Operational Directive (BOD) 25-01. Aimed at improving the security posture of federal cloud environments, BOD 25-01 mandates robust configuration, visibility, and control across cloud-based services. While the directive doesn’t explicitly name API security, securing mo [...]
See full content
curl doesn't hide credentials in /proc/XXX/cmdline provided via CLI arguments
on 03/07/2025
curl disclosed a bug submitted by stogusho: https://hackerone.com/reports/3000639 [...]
See full content
Elevation of Privileges (EoP) vulnerabilities related to the some easy_options on Windows
on 03/07/2025
curl disclosed a bug submitted by justlikebono_official: https://hackerone.com/reports/2941920 [...]
See full content
Authorization Header Leak via --location-trusted in Curl
on 03/07/2025
curl disclosed a bug submitted by voggerloops: https://hackerone.com/reports/2946924 [...]
See full content
LIVE: Memory Forensics | Cybersecurity | Blue Team
on 03/07/2025
See full content
this malware hides a payload in a WALLPAPER
on 02/07/2025
See full content
Ubuntu Disables Spectre/Meltdown Protections
on 02/07/2025
A whole class of speculative execution attacks against CPUs were published in 2018. They seemed pretty catastrophic at the time. But the fixes were as well. Speculative execution was a way to speed up CPUs, and removing those enhancements resulted in significant performance drops.
Now, people are rethinking the trade-off. Ubuntu has disabled some protections, resulting in 20% performance boost.
A [...]
See full content
Buckle up, Buttercup, AIxCC’s scored round is underway!
on 02/07/2025
Our CRS (Cyber Reasoning System), Buttercup, is now competing in the one and only scored round of DARPA’s AI Cyber Challenge (AIxCC) against six other teams to see which autonomous AI-driven system can find and patch the most software vulnerabilities. [...]
See full content
The One Thing Vulnerability Scanners Can't Do!
on 01/07/2025
See full content
Memory leak of ftp (with proxy reuse)
on 01/07/2025
curl disclosed a bug submitted by catenacyber: https://hackerone.com/reports/3023139 [...]
See full content
HTTP Proxy Bypass via `CURLOPT_CUSTOMREQUEST` Verb Tunneling
on 01/07/2025
curl disclosed a bug submitted by alphox: https://hackerone.com/reports/3231321 [...]
See full content
Speculative Execution Side-Channel in `curl`
on 01/07/2025
curl disclosed a bug submitted by evilginx1: https://hackerone.com/reports/3124490 [...]
See full content
arbitrary file read via `file://` path traversal with `--path-as-is`
on 01/07/2025
curl disclosed a bug submitted by demsese: https://hackerone.com/reports/3226502 [...]
See full content
Heap buffer overflow vulnerability in conncache.c: incorrect use of pointer arrays resulting in out-of-bounds memory writes.
on 01/07/2025
curl disclosed a bug submitted by freak_coding: https://hackerone.com/reports/3156384 [...]
See full content
curl -OJ allows creating custom .curlrc file which allows exfiltrating private data, among other things
on 01/07/2025
curl disclosed a bug submitted by wolfsage: https://hackerone.com/reports/3135673 [...]
See full content
curl_easy_header runs at O(N) or worse and can be abused to use minute(s) of CPU time
on 01/07/2025
curl disclosed a bug submitted by wolfsage: https://hackerone.com/reports/3133253 [...]
See full content
hackers trick everyone to run malware (FileFix)
on 01/07/2025
See full content
Iranian Blackout Affected Misinformation Campaigns
on 01/07/2025
Dozens of accounts on X that promoted Scottish independence went dark during an internet blackout in Iran.
Well, that’s one way to identify fake accounts and misinformation campaigns.
[...]
See full content
[High] MITM via Insecure CA Path Handling in cURL (--capath, CURLOPT_CAPATH) (CWE-494: Download of Code Without Integrity Check)
on 30/06/2025
curl disclosed a bug submitted by oicus: https://hackerone.com/reports/3120969 [...]
See full content
[High] Arbitrary File Write via Path Traversal in cURL CLI (`-o`, `--output`) (CWE-22: Improper Limitation of a Pathname to a Restricted Directory)
on 30/06/2025
curl disclosed a bug submitted by oicus: https://hackerone.com/reports/3120987 [...]
See full content
Potential XSS vector in curl via unsanitized URL parameter handling
on 30/06/2025
curl disclosed a bug submitted by redfoxsec: https://hackerone.com/reports/3118915 [...]
See full content
Double free caused by mqtt_doing()
on 30/06/2025
curl disclosed a bug submitted by tdp3kel9g: https://hackerone.com/reports/3045390 [...]
See full content
Buffer Overflow in curl's Rustls Backend
on 30/06/2025
curl disclosed a bug submitted by cyberguardianrd: https://hackerone.com/reports/3037583 [...]
See full content
Stack-based Buffer Overflow in TELNET NEW_ENV Option Handling
on 30/06/2025
curl disclosed a bug submitted by agent_0: https://hackerone.com/reports/3230082 [...]
See full content
Senator Chides FBI for Weak Advice on Mobile Security
by BrianKrebs on 30/06/2025
Agents with the Federal Bureau of Investigation (FBI) briefed Capitol Hill staff recently on hardening the security of their mobile devices, after a contacts list stolen from the personal phone of the White House Chief of Staff Susie Wiles was reportedly used to fuel a series of text messages and phone calls impersonating her to U.S. lawmakers. But in a letter this week to the FBI, one of the Sena [...]
See full content
RXSS AT https://proze.yelp.com/tmsubscribe.net/vidsn.aspx
on 30/06/2025
Yelp disclosed a bug submitted by 0xold: https://hackerone.com/reports/2947762 [...]
See full content
Making transfer v2 channel unupgradable through the forwarding
on 30/06/2025
Cosmos disclosed a bug submitted by unknown_feature: https://hackerone.com/reports/2914705 [...]
See full content
Replacing ICA active channel during the upgrade and a bit more
on 30/06/2025
Cosmos disclosed a bug submitted by unknown_feature: https://hackerone.com/reports/2917368 [...]
See full content
Unlock underage blocked app without support interaction using airplane mode
on 30/06/2025
Tools for Humanity disclosed a bug submitted by polem4rch: https://hackerone.com/reports/3136790 - Bounty: $300 [...]
See full content
How Cybersecurity Fears Affect Confidence in Voting Systems
on 30/06/2025
American democracy runs on trust, and that trust is cracking.
Nearly half of Americans, both Democrats and Republicans, question whether elections are conducted fairly. Some voters accept election results only when their side wins. The problem isn’t just political polarization—it’s a creeping erosion of trust in the machinery of democracy itself.
Commentators blame ideological tr [...]
See full content
GraphQL CSRF via the HEAD method #bugbounty #bugbountytips #bugbountyhunter
on 30/06/2025
See full content
Heap Buffer Overflow in libcurl curl_slist_append via Unterminated String
on 30/06/2025
curl disclosed a bug submitted by geeknik: https://hackerone.com/reports/3229490 [...]
See full content
Memory leak from doh_write_cb
on 29/06/2025
curl disclosed a bug submitted by catenacyber: https://hackerone.com/reports/3089595 [...]
See full content
Unauthorized coins transfer from locking account(s)
on 29/06/2025
Cosmos disclosed a bug submitted by unknown_feature: https://hackerone.com/reports/2976481 [...]
See full content
Exploiting Log4Shell (Log4J) in 2025
by blackbird-eu on 29/06/2025
It's been a few years since Log4Shell, an injection attack in Log4J Apache logging software, has struck thousands of companies around the world. And despite all the efforts organisations took to patch this critical flaw in their systems, some web services running in 2025 are still vulnerable to Log4Shell, often due to legacy systems still relying on vulnerable versions, (hidden… [...]
See full content
CNWPP - This Is Why You Suck At Pentesting
on 28/06/2025
See full content
HTTP/2 CONTINUATION Flood Vulnerability
on 28/06/2025
curl disclosed a bug submitted by evilginx1: https://hackerone.com/reports/3125820 [...]
See full content
Path Traversal Vulnerability in curl via Unsanitized IPFS_PATH Environment Variable
on 28/06/2025
curl disclosed a bug submitted by ziad616: https://hackerone.com/reports/3100073 [...]
See full content
Buffer Overflow in curl MQTT Test Server (tests/server/mqttd.c) via Malicious CONNECT Packet
on 28/06/2025
curl disclosed a bug submitted by deep-hackerone: https://hackerone.com/reports/3101127 [...]
See full content
Free of uninitialized pointer in doh_decode_rdata_name()
on 28/06/2025
curl disclosed a bug submitted by tdp3kel9g: https://hackerone.com/reports/3037326 [...]
See full content
Improper Restriction of Authentication Attempts in cURL
on 28/06/2025
curl disclosed a bug submitted by irfanmughal1122: https://hackerone.com/reports/3030158 [...]
See full content
Stack Buffer Overflow in curl's OpenSSL Provider Handling
on 28/06/2025
curl disclosed a bug submitted by oblivionsage: https://hackerone.com/reports/3153971 [...]
See full content
OS Command Injection in scripts/firefox-db2pem.sh via untrusted certificate nicknames
on 28/06/2025
curl disclosed a bug submitted by behindtheblackwall: https://hackerone.com/reports/3225565 [...]
See full content
10/10 GraphQL SQL injection bug #bugbounty #bugbountytips #bugbountyhunter
on 28/06/2025
See full content
Unauthorized Access to Private Video Description via Translation API for Private Accounts
on 27/06/2025
TikTok disclosed a bug submitted by z3phyrus: https://hackerone.com/reports/2921830 [...]
See full content