Due to the government shutdown, this account is not being updated.

AUG 2025 @DeptofDefense Defense Industrial Based Vulnerability Disclosure Program #DIBVDP received a medium-severity report showing unauthenticated request manipulation could allow attackers to modify victim accounts without logging in. Read all about it in the #KnowledgeByte

AUG 2025 @DeptofDefense Vulnerability Disclosure Program #VDP @Hacker0x01 #Hackers reported a high severity submission, identifying a path traversal vulnerability within Grafana that could lead to arbitrary code execution. Read all about it in the #Knowledgebyte

Huge congratulations to @sherifx_x for being named Researcher of the Month. @sherifx_x is being recognized for finding an arbitrary file upload vulnerability and producing a full RCE payload within an Avaya Aura Device Services deployment. Well deserved! #CyberSecurity #VDP

Shoutout 2 @valentim_m17823 for spotting unauthenticated request manipulation! Left unchecked, the vulnerability could enable data tampering, unauthorized actions & system disruption. Staying proactive keeps users safe. #DIBVDP #CyberSecurity #InfoSec #WebSecurity #EthicalHacking

Big shoutout to @0x2458 for being named Researcher of the Month by the DoD VDP! 🔍💥 Thanks for helping keep systems safe — awesome work! 🙌#DoD #VDP #CyberSecurity

Shoutout to @Ha0ker for responsibly disclosing a token generation flaw—tokens could be created before account sync completes, opening the door to potential abuse. Great catch! #DIBVDP #CyberSecurity #InfoSec #WebSecurity #EthicalHacking

Congrats to @kingcoolvikas for being named DoD VDP Researcher of the Month! Awarded for reporting a high severity information disclosure vulnerability, showcasing sharp technical insight and real-world impact. #Bugbounty #InfoSec #WebSecurity

Huge thanks to @hipdead010 for responsibly disclosing a reflected XSS vulnerability via /ssl-vpn/getconfig.esp on a GlobalProtect VPN portal. A sharp reminder of how overlooked endpoints can pose real risks. #DIBVDP #CyberSecurity #InfoSec #WebSecurity #EthicalHacking

Kudos to Himanshu Nautiyal for the responsible disclosure of hardcoded public/private API keys in a JavaScript file — a critical exposure of sensitive credentials. Your vigilance helps keep the web safer! #DIBVDP #CyberSecurity #InfoSec #WebSecurity #EthicalHacking

MAR 2025 @DeptofDefense Vulnerability Disclosure Program #VDP @Hacker0x01 #Hackers reported a high severity submission identifying misconfigured access controls which could have led to disclosure of unauthorized information. Read all about it in the #Knowledgebyte.

MAR 2025 @DeptofDefense Defense Industrial Based Vulnerability Disclosure Program #DIBVDP #Hackers reported a vulnerability involving Improper Authentication that could lead to unauthorized access and system compromise. Read all about it in the #KnowledgeByte.

Huge thanks to @j0nasdias for identifying an exposed debug file containing a full database dump—with plaintext passwords. A sharp catch that reinforces the importance of secure development practices. Your work is truly appreciated! #CyberSecurity #InfoSec #DoDSecurity

Huge thanks to @Kaenne for uncovering critical vulnerabilities in Authentication Bypass via Response Manipulation! These findings highlight serious security risks that need urgent attention. Stay vigilant, update systems, and prioritize cybersecurity! 🔒 #DIBVDP #CyberSecurity

FEB 2025 @DeptofDefense Vulnerability Disclosure Program (#VDP) #Hacker0x01 #Hackers reported a critical severity vulnerability identifying a security misconfiguration discovered in a DoD Salesforce deployment. Read all about it in the #Knowledgebyte.

FEB 2025 @DeptofDefense Defense Industrial Based Vulnerability Disclosure Program (#DIBVDP) #Hackers reported a vulnerability involving exposed PII which could have led to an advisory obtaining sensitive data. Read all about it in the #KnowledgeByte.

Thank you, @nzhg3i_nzm, for exposing the serious vulnerability of PII and CAC ID being accessible on an unauthenticated page. This kind of oversight opens the door to identity theft, unauthorized access, and privacy breaches. Your vigilance is critical! #DIBVDP #CyberSecurity

A big shoutout to @hussain_saadi0, our February 2025 Researcher of the Month, for uncovering a misconfigured API endpoint leaking PII. Their efforts play a key role in safeguarding sensitive information and reinforcing DoD cybersecurity. Well deserved! #InfoSec #DoDSecurity

2024 Finale: Celebrating @Krevetk0Valeriy—our Researcher of the Year! His tireless work uncovering multiple PII leaks has raised the bar in cybersecurity. Your vigilance inspires and strengthens our defenses. Hats off! #ResearcherOfTheYear #CyberSecurity #DoDSecurity

Congratulations to Mohamed Aziz Hassine (@aziz0x48) for his outstanding achievement as Researcher of the Year! 🏆 His research on the dangers of chaining IDOR + Stored XSS is crucial for enhancing online security. Keep up the amazing work! #DIBVDP #CyberSecurity #EthicalHacking