HackerOne Bug Bounty Disclosure: sql-injection-in-column-type-parameter-allows-arbitrary-sql-execution-suul - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-sql-injection-in-column-type-parameter-allows-arbitrary-sql-execution-suul/

#HackerOne #CVE #Vulnerability #OSINT #ThreatIntel #Cyber

Vibe-chaos. Hacker zgłosił podatności do AI-owej platformy do tworzenia aplikacji bez kodowania (Lovable)…

Chodzi o ten incydent. Zgłoszenie poszło przez HackerOne. Ale ziomki z HackerOne zamknęły zgłoszenia (“no elo, duplikat, kaski nie będzie, have a nice day ;-) No to hacker poczekał 48 dni, z nadzieją że może jednak obsłużą tego buga, po czym ruszył do hackowania. Hackowanie: “Założyłem dziś bezpłatne konto w...

#Aktualności #Ai #BugBounty #Hackerone #IDOR #Websec

https://sekurak.pl/vibe-chaos-hacker-zglosil-podatnosci-do-ai-owej-platformy-do-tworzenia-aplikacji-bez-kodowania-lovable/

HackerOne Bug Bounty Disclosure: origin-ip-exposed-waf-bypass-r-tsid - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-origin-ip-exposed-waf-bypass-r-tsid/

#HackerOne #CVE #Vulnerability #OSINT #ThreatIntel #Cyber

HackerOne Bug Bounty Disclosure: kerberos-spnego-connection-reuse-vulnerability-rootofpi-ramesh - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-kerberos-spnego-connection-reuse-vulnerability-rootofpi-ramesh/

#HackerOne #CVE #Vulnerability #OSINT #ThreatIntel #Cyber

AWS Discloses Flaw in Quick Access Control

AWS swiftly addressed a security flaw in Quick Access, discovered by Fog Security, which could have allowed unauthorized users to bypass access controls, and fortunately, no customer data was compromised. The issue was resolved in March 2026, with no action required from customers.

https://osintsights.com/aws-discloses-flaw-in-quick-access-control?utm_source=mastodon&utm_medium=social

#Aws #QuickAccess #AuthorizationBypass #FogSecurity #Hackerone

HackerOne Bug Bounty Disclosure: liberapay-member-team-twitter-account-broken-link-hijacking-via-expired-twitter-account-link-rox - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-liberapay-member-team-twitter-account-broken-link-hijacking-via-expired-twitter-account-link-rox/

#HackerOne #CVE #Vulnerability #OSINT #ThreatIntel #Cyber

HackerOne Bug Bounty Disclosure: another-liberapay-member-team-twitter-account-broken-link-hijacking-via-expired-twitter-account-link-rox - https://www.redpacketsecurity.com/hackerone-bugbounty-disclosure-another-liberapay-member-team-twitter-account-broken-link-hijacking-via-expired-twitter-account-link-rox/

#HackerOne #CVE #Vulnerability #OSINT #ThreatIntel #Cyber

I would like to share a blog post by HackerOne. It is an interesting read, because it describes how AI vulnerability findings evolved from slop to verified exploitable risks. Verification and prioritization become increasingly important. Because the amount of reported vulnerabilities increases a lot more than teams are able to fix, it becomes inevitable to adapt remediation strategies. Periodic remediation becomes obsolete. We need to achieve continuous remediation processes that are automated as much as possible.

Blog post: https://www.hackerone.com/blog/continuous-threat-exposure-management-remediation-crisis

#cybersecurity #security #infosec #vulnerability #hacking #hackerone