43961
Happy hunting! thebugbountyhunter.com hello@thebugbountyhunter.com
Introducing audit logs in SonarQube Cloud: Enhancing compliance and security
https://www.sonarsource.com/blog/introducing-audit-logs-in-sonarqube-cloud-enhancing-compliance-and-security/
Release v3.6.0 · projectdiscovery/nuclei
https://github.com/projectdiscovery/nuclei/releases/tag/v3.6.0
SVG Filters - Clickjacking 2.0
https://lyra.horse/blog/2025/12/svg-clickjacking/
Critical RCE Vulnerabilities Discovered in React & Next.js | Wiz Blog
https://www.wiz.io/blog/critical-vulnerability-in-react-cve-2025-55182
Reverse engineering Bluetooth on Amazon Kindle eReaders
https://sighery.com/posts/reverse-engineering-bluetooth-on-kindle-ereaders/
Introducing audit logs in SonarQube Cloud: Enhancing compliance and security
https://www.sonarsource.com/blog/introducing-audit-logs-in-sonarqube-cloud-enhancing-compliance-and-security/
Introducing constant-time support for LLVM to protect cryptographic code
https://blog.trailofbits.com/2025/12/02/introducing-constant-time-support-for-llvm-to-protect-cryptographic-code/
https://octayus.com/blog/DependencyConfusionRCE
Читать полностью…
PortSwigger x TryHackMe: Supporting Advent of Cyber
https://portswigger.net/blog/portswigger-x-tryhackme-supporting-advent-of-cyber
Nuclei Templates - November 2025 — ProjectDiscovery Blog
https://projectdiscovery.io/blog/nuclei-templates-november-2025
Introducing audit logs in SonarQube Cloud: Enhancing compliance and security
https://www.sonarsource.com/blog/introducing-audit-logs-in-sonarqube-cloud-enhancing-compliance-and-security/
Sonar launches integration program to unify code governance across the SDLC
https://www.sonarsource.com/blog/sonar-launches-integration-program/
Apple Developer Stored XSS — $5,000 Bounty | Writeup 2025
ZombieHack/apple-developer-stored-xss-5-000-bounty-writeup-2025-cc34a030a5bf" rel="nofollow">https://medium.com/@ZombieHack/apple-developer-stored-xss-5-000-bounty-writeup-2025-cc34a030a5bf
Sonar launches integration program to unify code governance across the SDLC
https://www.sonarsource.com/blog/sonar-launches-integration-program/
An Evening with Claude (Code) - SpecterOps
https://specterops.io/blog/2025/11/21/an-evening-with-claude-code/
Arista Firewall XSS to RCE Chain
https://bishopfox.com/blog/arista-nextgen-firewall-xss-to-rce-chain
Prompt Injection Inside GitHub Actions: The New Frontier of Supply Chain Attacks
https://www.aikido.dev/blog/promptpwnd-github-actions-ai-agents
Android expands pilot for in-call scam protection for financial apps
http://security.googleblog.com/2025/12/android-expands-pilot-in-call-scam-protection-financial-apps.html
[Beginners] All About Android Pentesting: A Complete Methodology
https://xcheater.medium.com/all-about-android-pentesting-f047b7c7e0f1
InQL v6.1.0 Just Landed with New Features and Contribution Swag! 🚀 · Doyensec's Blog
https://blog.doyensec.com/2025/12/02/inql-v610.html
Introducing Neo, an AI security engineer for complex security tasks — ProjectDiscovery Blog
https://projectdiscovery.io/blog/introducing-neo
How AI is leveraged to enhance the Intigriti platform.
https://www.intigriti.com/blog/news/how-ai-is-leveraged-to-enhance-the-intigriti-platform
SonarQube Compare Community vs Developer vs Enterprise vs Data Center
https://www.sonarsource.com/blog/sonarqube-compare-editions/
CSP Bypasses: Advanced Exploitation Guide
https://www.intigriti.com/researchers/blog/hacking-tools/content-security-policy-csp-bypasses
Cache Poisoning: $100K+ Case Studies Part 1 | Herish Blog
https://herish.me/blog/cache-poisoning-case-studies-part-1-foundational-attacks/
How I Hacked an AI Chatbot to Expose Thousands of Customer Records (IDOR + Prompt Injection)
sumitshahorg/how-i-hacked-an-ai-chatbot-to-expose-thousands-of-customer-records-idor-prompt-injection-760092ed99a4" rel="nofollow">https://medium.com/@sumitshahorg/how-i-hacked-an-ai-chatbot-to-expose-thousands-of-customer-records-idor-prompt-injection-760092ed99a4
⏳ Time is ticking! Black Friday is your chance to get 𝗕𝘂𝗿𝗽 𝗕𝗼𝘂𝗻𝘁𝘆 𝗣𝗿𝗼 and 𝗕𝘂𝗿𝗽 𝗕𝗼𝘂𝗻𝘁𝘆 𝗚𝗼 with 40% OFF!
🎯Advanced customization, faster audits, and the power to detect vulnerabilities with less effort.
🔗Don’t wait! bountysecurity.ai
How to Research & Reverse Web Vulnerabilities 101 — ProjectDiscovery Blog
https://projectdiscovery.io/blog/how-to-research-web-vulnerabilities
November CTF Challenge: Exploiting JWT vulnerabilities to achieve RCE
https://www.intigriti.com/researchers/blog/hacking-tools/november-ctf-challenge-exploiting-jwt-vulnerabilities
🔥 Intigriti Challenge 1125 — JWT Confusion to SSTI → RCE (My Fastest CTF Solve Ever)
https://savi0r.medium.com/intigriti-challenge-1125-jwt-confusion-to-ssti-rce-my-fastest-ctf-solve-ever-43d43df4182c