Latest updates for Hackerone

Fresh curated links around hackerone are collected here so marketers can spot useful updates and turn timely ideas into posts faster.

Recent items include:

  • HackerOne Launches H1 Platform for Continuous Threat Exposure Management
  • HackerOne takes an axe to its bug bounty rewards
  • Klue hack results in data breach at several cybersecurity firms

Post angles to try

Share the most useful takeaway for your audience.
Turn one article into a quick practical checklist.
Ask your audience how this shift affects their work.
Turn angles into scheduled posts

Fresh articles and ideas

Recent curated links from global sources. Generate one free draft from any story, then use SocialBu to schedule and refine your content calendar.

vmblog.com /1 month ago

HackerOne Launches H1 Platform for Continuous Threat Exposure Management

HackerOne has launched the H1 Platform, an agentic AI-powered platform designed to help organizations identify, validate, prioritize, and remediate security

Read source
theregister.com /1 month ago

HackerOne takes an axe to its bug bounty rewards

Critical flaw payouts slashed by more than 75%

Read source
techcrunch.com /3 weeks ago

Klue hack results in data breach at several cybersecurity firms

Huntress, HackerOne, Jamf, Recorded Future, and Tanium are among the cybersecurity companies that had data stolen following an earlier breach at market research firm Klue.

Read source
ministryoftesting.com /1 month ago

Hack

Read source
thehackernews.com /6 days ago

Exposed Hacker Server Reveals WP-SHELLSTORM Backdooring Thousands of WordPress Sites

A cybercrime crew left one of its own servers wide open on the internet for three weeks, and it exposed the operation's inner workings: the hacking tools, the activity logs, and ta...

Read source
theregister.com /2 weeks ago

Hackers shoveled snow for company, were rewarded with network admin access

Fortunately, they were professional red teamers. Unfortunately, they pwned the network

Read source
medium.com /1 month ago

Android API Security Testing: Where the Real Bounties Live in 2025

Tags: android-security api-security mobile-pentesting bug-bounty burp-suite idor broken-authentication ethical-hacking cybersecurity…Continue reading on Medium »

Read source
hackread.com /1 month ago

Pwn2Own Berlin 2026 Closes With $1.3 Million in Zero-Day Payouts

Cybersecurity researchers successfully demonstrated 47 unique zero-day exploits at Pwn2Own Berlin 2026, targeting major enterprise software and AI platforms.

Read source
techcrunch.com /1 month ago

Ghost hackers: the cybersecurity mystery that nobody has solved

A shadowy group that stole and dumped the NSA’s most powerful hacking tools still has implications for how companies think about digital risk today.

Read source
gbhackers.com /1 month ago

Hackers Abuse NinjaOne RMM Agent to Gain Remote Access to Brazilian Organizations

An active phishing campaign that weaponizes a legitimate NinjaOne Remote Monitoring and Management (RMM) agent to gain persistent remote access to Brazilian organizations. Rather t...

Read source
arstechnica.com /1 month ago

A hacker group is poisoning open source code at an unprecedented scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks.

Read source
thenextweb.com /1 month ago

Anthropic’s Claude Mythos found 10,000 critical vulnerabilities in one month. The patches can’t keep up.

Anthropic disclosed on Friday that Project Glasswing, its restricted cybersecurity initiative, has uncovered more than 10,000 high- or critical-severity vulnerability candidates ac...

Read source
cybersecuritynews.com /1 month ago

BugHunter – Bug Bounty Toolkit Powered by Claude and Free AI Providers

A new open-source bug bounty hunting toolkit called BugHunter, built on top of Anthropic’s Claude Code and now extended to support free AI providers like Ollama and Groq, is gainin...

Read source
venturebeat.com /2 weeks ago

The attack that hijacked Claude Code came through Sentry. Datadog, PagerDuty, and Jira have the same exposure.

A single fake error report hijacked Claude Code in controlled testing — the agent ran the attacker's code with the developer's full privileges, and not one alert fired. EDR, WAF, I...

Read source
theregister.com /2 weeks ago

Anonymous researcher drops 0-day 'exploitarium' repo

At least two vulnerabilities are already under attack

Read source
thehackernews.com /2 weeks ago

Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer

An unknown threat actor has been observed exploiting a recently disclosed maximum-severity security flaw in SimpleHelp to deliver two previously unreported malware families, TaskWe...

Read source
cointelegraph.com /1 month ago

White hat hacker recovers $2M from faulty 2016 ICO smart contract

A white-hat hacker has helped the creators of Hong Coin by showing them how to exploit a flawed admin function on a smart contract and ultimately refund investors after a decade.A...

Read source
thehackernews.com /1 month ago

ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More

Every time you think the industry has finally stopped doing some reckless, low-effort crap, somebody spins up a fresh box full of sketchy loaders, fake installers, recycled social-...

Read source
thehackernews.com /1 month ago

GitHub Breached — Employee Device Hack Led to Exfiltration of 3,800+ Internal Repos

GitHub on Tuesday said it's investigating unauthorized access to its internal repositories after the notorious threat actor known as TeamPCP listed the platform's source code and i...

Read source
techcrunch.com /1 month ago

Oracle warns of security bug that hackers abused to breach 100+ companies

The tech giant warned of a security flaw that a cybercrime gang said it's exploiting as part of a mass-hacking campaign. Google said it notified more than 100 organizations that ha...

Read source
socialmediatoday.com /1 month ago

Hackers got Meta AI to give them Instagram account access

A series of screenshots and videos revealed the steps taken to override security features and steal accounts, per a report from 404 Media.

Read source
gbhackers.com /2 weeks ago

ChocoPoC Campaign Abuses GitHub PoC Repositories to Steal Browser Credentials

A coordinated supply-chain campaign has been weaponizing GitHub proof-of-concept (PoC) repositories to compromise vulnerability researchers and penetration testers, delivering a st...

Read source
cybersecuritynews.com /1 month ago

Hackers Use OnyxC2 Malware-as-a-Service to Steal Credentials From 210 Applications

A new and dangerous credential-stealing tool called OnyxC2 has emerged in the cybercrime underground, showing just how easy it has become for even low-skilled attackers to run a pr...

Read source
thehackernews.com /4 weeks ago

Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline

A French-speaking attacker broke into a small French automotive business, planted a keylogger, and stole banking and email credentials. Ordinary stuff, until one move near the end...

Read source

Turn fresh research into a full content calendar

Use SocialBu to discover ideas, generate post drafts, and schedule them across your social channels.

Sources covering Hackerone

feeds.arstechnica.com

Recent coverage from public sources
Public source

feeds.feedburner.com

Recent coverage from public sources
Public source

blogs.vmware.com

Recent coverage from public sources
Public source

cointelegraph.com

Recent coverage from public sources
Public source

cybersecuritynews.com

Recent coverage from public sources
Public source

feeds.feedburner.com

Recent coverage from public sources
Public source