@bug_vs_me There will be more dupes in future - different people same agents finding the same stuff
Complex and impactful chaining is what will make difference
Ai has made suddenly everyone a JS analysis expert - anybug that works on bruteforce or pattern matching will be goneโฆ.
Man man just got a crazy bug ! Domain was behind SSO gave few JS to claude and found an endpoint that lets you chat with a chatbot.
Fun part that chatbot can literally invoke every action on their deployment pipeline โก๏ธโก๏ธ
@4osp3l Well technically valid but for me I consider this more of a defense in depth issue and would lean towards info
This already requires you to have either the reset password (old) link access or the old email access beofore it was changed
Pretty unrealistic