Yay, I was awarded a $10,000 bounty on @Hacker0x01! . My First Five Digits on @Hacker0x01 . #TogetherWeHitHarder

Host Header Injection🤝Cache Poisoning 🤝 Path Traversal = Stored XSS via Path Confusion❤️. #bugbounty #intigriti

RT @H4ckmanac: 🚨Chrome Zero-day Alert: PATCH NOW‼️. Google released an emergency security update for Chrome to patch CVE-2025-6558, a high-….

RT @NahamSec: This Tiny JWT Mistake = Massive Bug Bounty (with a real world example!) . watch here 👉🏼 https://t.co/….

Yay, I was awarded a $2,000 bounty on @Hacker0x01! .High Impact on Amazon!.#TogetherWeHitHarder

Always try to escalate an XSS to ATO. The program did not accept XSS but with 1-Click ATO it went to critical. #bugbounty #hackerone

Full Account Takeover via Open Redirect in the Authentication Flow using an OOS Open Redirect I had found 1 year ago. #Hackerone #BugBounty

In January, I submitted 40 vulnerabilities to 35 programs on @Hacker0x01. #TogetherWeHitHarder

Another contribution to the security of the global open-source community:.CVE-2025-0557 - Vulnerability identified in Alfresco.

RT @CVEnew: CVE-2024-49505 A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in openSUSE….

Today I received a bounty from @intigriti with the most random vulnerability I've ever found, an SSRF Request Stored via Cache Poisoning. #bugbounty #intigriti

If the WAF doesn't allow the creation of a JavaScript term like 'alert' or 'confirm' in any way, write it inverted and then use reverse() with self[]. Payload:. <a%20href=%0dj&Tab;avascript&colon;x='trela'.split('').reverse().join('');self[x](origin)>. #Bugbounty #AkamaiBypass

Just got a reward for a high vulnerability submitted on @yeswehack -- Cross-site Scripting (XSS) - Stored (CWE-79). #YesWeRHackers

According to the CVE-2024-4956 - Path Traversal in Nexus Repository is the most discussed in the world in the last 48 hours!

RT @CVEShield: Top 5 Trending CVEs:. 1 - CVE-2024-4985. 2 - CVE-2024-21683. 3 - CVE-2020-17519. 4 - CVE-2024-4956. 5 - CVE-2….

Since the exploit for CVE-2024-4956 has already been leaked on Twitter, I have written a detailed explanation of the CVE payload on my GitHub, including the PoC and the Nuclei template.

RT @HunterMapping: 🚨Alert🚨CVE-2024-4956:Nexus Repository Flaw Exposed, Software Supply Chains Threatened.⚠This vulnerability, discovered an….

I found my CVE-2024-4956 - Unauthenticated Path Traversal in Nexus Repository 3 in several Bug Bounty programs!. #bugbounty #cve #pathtraversal #hackerone #bugcrowd #intigriti

RT @CVEnew: CVE-2024-4956 Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in v….

Yay, I was awarded a $6000 bounty on.@Hacker0x01.! #togetherwehitharder #bugbounty #hackerone