Chrome's zero-day Whac-A-Mole continues with fifth exploited bug of the year
Google paid researcher a tidy $55K bounty for its discovery
Search fresh public links, source activity, and ready-to-use post angles for Bug Bounty.
Fresh curated links around bug bounty are collected here so marketers can spot useful updates and turn timely ideas into posts faster.
Recent items include:
Recent curated links from global sources. Generate one free draft from any story, then use SocialBu to schedule and refine your content calendar.
Google paid researcher a tidy $55K bounty for its discovery
Tags: android-security api-security mobile-pentesting bug-bounty burp-suite idor broken-authentication ethical-hacking cybersecurity…Continue reading on Medium »
A new open-source bug bounty hunting toolkit called BugHunter, built on top of Anthropic’s Claude Code and now extended to support free AI providers like Ollama and Groq, is gainin...
EXCLUSIVE 'Working as intended' for the win … again
Данные об уязвимостях в программном обеспечении или инфраструктуре — важнейшая информация. Она может быть использована как для усиления защиты систем, так и для проведения киберата...
"Never-ending" AI slop strains corporate hacking reward schemes.
Critical flaw payouts slashed by more than 75%
At least two vulnerabilities are already under attack
Cybersecurity researchers successfully demonstrated 47 unique zero-day exploits at Pwn2Own Berlin 2026, targeting major enterprise software and AI platforms.
A security startup’s autonomous AI agent found 21 previously unknown vulnerabilities in FFmpeg, the open-source media library embedded in almost everything that touches video. The...
Continue reading on Medium »
Flaws in iCagenda, Balbooa Forms extensions can impact open source CMS that powers a million sites worldwide
The research community was awarded $1.3m as it found dozens of novel vulnerabilities at Pwn2Own Berlin
Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in Python proof-of-concep...
WebScan — асинхронный CLI-сканер безопасности на чистом Python. За неделю вырос до 15 плагинов: XSS, SQL инъекции, CORS, Path Traversal, SSRF, утечки API ключей и многое другое. Sa...
A public spat between Microsoft and an independent security researcher reopens a long-running debate over who is responsible for securing software.
Verus bridge exploiter returned 4,052 ETH worth $8.5M, keeping 1,350 ETH as bounty after the $11.5M forged-transfer attack.
Revenge is a dish best served code
Six 0-days, three under active exploitation, more to come on July 14?
The hacker behind the Verus bridge exploit returned 75% of the stolen funds as part of a recovery deal negotiated with the protocol days after the incident.
Anthropic disclosed on Friday that Project Glasswing, its restricted cybersecurity initiative, has uncovered more than 10,000 high- or critical-severity vulnerability candidates ac...
A Bugcrowd researcher has unveiled ExploitBench, an independent benchmark of AI models for vulnerability exploitation
The US State Department has announced a $10 million bounty for information that may help identify or locate members of two Russian state-backed hacking groups behind a campaign tar...
Web3 teams move fast.Continue reading on Medium »
Use SocialBu to discover ideas, generate post drafts, and schedule them across your social channels.