RT @Bugcrowd: Where there’s bug bounty, there’s #Bugcrowd. 😉✨ We’re honored to have supported the @BugBountyBr at H2HC in #Brazil, big tha…

RT @osec_io: NEW blog post: Netfilter Universal Root 1-day Our latest blog dives deep into the state of Linux kernel security and the open…

RT @alexjplaskett: ✍️ Pivoting Capabilities and Conquering the Linux Kernel by @_0xTen

RT @lbherrera_: Seeing that Pwn2Win isn't happening this year, here's an unreleased beginner-level XSS challenge I created for it (shouldn'…

@jobertabma I think it's cool, but I would put this in a mutual-only (the first reporter can see the name of the person who took dup and the dup see the name of the first reporter) and also as an optional flag and only allow to be shared if both sides have this enabled(just like WhatsApp)

RT @Hacker0x01: The results are in!🥇 Congratulations to these 32 teams who will move on to the Group Round of the 2024 #AmbassadorWorldCup…

RT @r3tr074: Excited to read about browsers??? 👻

RT @BalthasarMartin: Today at #Troopers24 we released Certiception – the ADCS honeypot we always wanted to have. Blog:

RT @lbherrera_: Decided to give my childhood game a try now that they relaunched Habbo's 2005 version back again, oops! (It was already rep…

RT @lbherrera_: "Additionally we set Attack Complexity to High because the attack depends on the victim being authenticated in their defaul…

RT @cloud11665: casual CSS injection on github using the math mode

RT @r3tr074: Just dropped my exploit with new cross-{cache,bucket} techniques (I love the creativity of kernel exploits, it gave me a very…

RT @bl4sty: auth bypass confirmed! > INFO:paramiko.transport:Authentication (password) successful! mm_keyallowed_backdoor cmd 1 allows to…

@arthurair_es @pqcorvo @BolhaSec @Highustavo @f6xSec @0xTeles @gui_scombatti Você n né? Kkkk

RT @RenwaX23: XSS to OAuth access token leak in office online which can be used to account takeover Includes strict CSP bypass, postMessag…

@albinowax Please include the researchers @ handles

RT @obsdmd: Obsidian has been independently audited by the security firm @cure53berlin — you can find the report on our new /security page.���

RT @timolongin: Just dropped a blog post about SMTP smuggling, a novel technique for e-mail spoofing!

RT @sirdarckcat: Google's Product Security Team (my broader team!) is hiring in Brazil! Here's the link for the Manager we want to hire the…

@LiveOverflow When logged into machines on an Active Directory network...