RT @MrTuxracer: As promised! Here's a root/SYSTEM-level RCE (aka CVE-2025-47812) affecting Wing FTP Server in versions before 7.4.4. Enjoy….

RT @sw33tLie: I've recently put more work into my ffuf fork, uff, and I think every ffuf user should at least give it a try - and maybe eve….

RT @VakninHai: CONTEXT-only injection. No VirtualAllocEx. No WriteProcessMemory. We show how pure register-/stack manipulation can:.Load a….

RT @therceman:

Had to focus on my main biz this month, so no bug bounty grinding. 😥. But past-me came through — got rewarded for a few older reports and even unlocked a Hacker Achievement from @Hacker0x01 for a vuln in @ASWatsonGroup! 🔥. #TogetherWeHitHarder

RT @MalDevAcademy: Loading a DLL into lsass.exe by editing a registry key value:.

RT @RedByte1337: 📧 GraphSpy 1.5.0 is out now and brings a brand new Outlook Graph module!. ✅Read emails in any folder.✅Send HTML-formatted….

Yay! Just scored a $5,000 bounty on @Hacker0x01! 🎉💰 #TogetherWeHitHarder. Seems unreal, but. another one, this time on a different app! 😆 This one was a bit trickier—a bypass of OTP leading to full account takeover. The flaw? In summary, the OTP could.

Yay! Just scored a $5,000 bounty on @Hacker0x01! 💰🔥 #TogetherWeHitHarder. The bug? A mobile quiz app that awarded points when requests were sent in the right order with the correct answers. Once completed, the quiz disappeared from the UI—but the server.

RT @orangecyberch: 💻🛡️In this blog post, Clément Labro explains how he developed a tool that lets you run Powershell without the various sy….

RT @Burp_Suite: AI-powered extensibility in Burp 🛠️ #BurpAI

Yay, I was awarded a $1,000 bounty on @Hacker0x01! #TogetherWeHitHarder. Multiple Stored XSS vulnerabilities, exploitable in three different ways—plus one triggered via a PDF. 🔥.

RT @ArchAngelDDay: 100 (very) short bug bounty rules:.

Stumbled upon a self-triggering XSS today - looks like someone tried patching it before (rediscovery?). Observation: When finding these, sometimes just opening a support ticket for “account review” lets the payload execute by someone else…

RT @PortSwigger: Burp AI is coming. #BurpAI.

Yay, I was awarded a $3,000 bounty on @Hacker0x01! #TogetherWeHitHarder . The vulnerability I discovered was a critical Remote Code Execution (RCE) that leads access to Domain Admin access in a billion-dollar revenue company. While the bounty is.

RT @rootedcon: That's right, the hacker night is back for another year! 🔥. As every year, the outstanding HackerNight will take place 🙌 A n….

RT @RedByte1337: GraphSpy just hit 600 stars on GitHub after releasing version 1.4!✨. This version introduces the new Entra ID module, bett….

During the weeks I won't be publishing, I will improve my articles to make them more readable!.