Blog's up!
"Firebase Cloud Messaging Service Takeover: A small research that led to 30k$+ in bounties"
#GoogleVRP writeup included that relays how business rep & every user of Hangouts,Google Play Music, YouTube Go etc were affected!
https://t.co/CCTHyYDVMf
#bugbounty#infosec
RCE in Warp Terminal! I believe the attack surface is broadening with every new tool you use. Every OAuth app you authorise with elevated scopes.. we'd see more breaches via targeting tools/SaaS.. the attack surface is everyone and everything now - https://t.co/ewgu3KupWT
Found a cool bug at Meta.
From misconfigured Grafana instance to R/W access on 507 private Meta repositories.
Wrote up the full chain here:
https://t.co/LYQ0prc68d
$157k bounty awarded by @metabugbounty
This incredibly gentle 2-year-old cat is fully vetted (neutered, vaxxed, litter-trained) and promises to purr your ears out. 🐈🐾
📍 South Delhi
📨 [email protected]
Even if you can't give him a home today, a RT could change his life! 🙏
Excited to disclose my research allowing RCE in Kubernetes
It allows running arbitrary commands in EVERY pod in a cluster using a commonly granted "read only" RBAC permission. This is not logged and and allows for trivial Pod breakout.
Unfortunately, this will NOT be patched.
@ryotkak discovered 8 ways to achieve RCE in Claude Code without user approval 🤯
@claudeai allowlisted "safe" commands like echo, sed, and sort, then used regex blocklists to prevent dangerous arguments.
All fixed in v1.0.93 by switching from blocklists to allowlists.
Blog link 👇
https://t.co/1jCHd7AMtm
With only 48 hours remaining in a bug bounty event, I used @HacktronAI CLI to perform large-scale analysis of several JDBC drivers. Netting $85,000 in total rewards.
This write-up shows how AI-assisted vulnerability research is speeding up the work of researchers and leading to high-impact findings.
Read here - https://t.co/voMin9l8Dx
This was a fun find during a recent pentest! CDN eventually displays images leaking AWS temp creds.
https://t.co/uGKLix45Ps
OG Read: https://t.co/HfsYABduRN
Just published my first blog post "Cache Deception + CSPT: Turning Non Impactful Findings into Account Takeover"
You can read the full write-up here:
https://t.co/pfLArv8zUu