43962
Happy hunting! thebugbountyhunter.com hello@thebugbountyhunter.com
CVE-2025-55182 and CVE-2025-66478 ("React2Shell") - All you need to know
https://jfrog.com/blog/2025-55182-and-2025-66478-react2shell-all-you-need-to-know/
SonarQube Compare Community vs Developer vs Enterprise vs Data Center
https://www.sonarsource.com/blog/sonarqube-compare-editions/
Intigriti insights: React2Shell CVE-2025-55182
https://www.intigriti.com/blog/business-insights/intigriti-insights-react2shell-cve-2025-55182
Introducing audit logs in SonarQube Cloud: Enhancing compliance and security
https://www.sonarsource.com/blog/introducing-audit-logs-in-sonarqube-cloud-enhancing-compliance-and-security/
Release v3.6.0 · projectdiscovery/nuclei
https://github.com/projectdiscovery/nuclei/releases/tag/v3.6.0
SVG Filters - Clickjacking 2.0
https://lyra.horse/blog/2025/12/svg-clickjacking/
Critical RCE Vulnerabilities Discovered in React & Next.js | Wiz Blog
https://www.wiz.io/blog/critical-vulnerability-in-react-cve-2025-55182
Reverse engineering Bluetooth on Amazon Kindle eReaders
https://sighery.com/posts/reverse-engineering-bluetooth-on-kindle-ereaders/
Introducing audit logs in SonarQube Cloud: Enhancing compliance and security
https://www.sonarsource.com/blog/introducing-audit-logs-in-sonarqube-cloud-enhancing-compliance-and-security/
Introducing constant-time support for LLVM to protect cryptographic code
https://blog.trailofbits.com/2025/12/02/introducing-constant-time-support-for-llvm-to-protect-cryptographic-code/
https://octayus.com/blog/DependencyConfusionRCE
Читать полностью…
PortSwigger x TryHackMe: Supporting Advent of Cyber
https://portswigger.net/blog/portswigger-x-tryhackme-supporting-advent-of-cyber
Nuclei Templates - November 2025 — ProjectDiscovery Blog
https://projectdiscovery.io/blog/nuclei-templates-november-2025
Introducing audit logs in SonarQube Cloud: Enhancing compliance and security
https://www.sonarsource.com/blog/introducing-audit-logs-in-sonarqube-cloud-enhancing-compliance-and-security/
Sonar launches integration program to unify code governance across the SDLC
https://www.sonarsource.com/blog/sonar-launches-integration-program/
PyTorch tensors, neural networks and Autograd: an introduction
https://www.sonarsource.com/blog/pytorch-tensors-neural-networks-and-autograd/
How to detect React2Shell with Burp Suite
https://portswigger.net/blog/how-to-detect-react2shell-with-burp-suite
When AI Turns on Its Team: Exploiting Agent-to-Agent Discovery via Prompt Injection
https://appomni.com/ao-labs/ai-agent-to-agent-discovery-prompt-injection/
Arista Firewall XSS to RCE Chain
https://bishopfox.com/blog/arista-nextgen-firewall-xss-to-rce-chain
Prompt Injection Inside GitHub Actions: The New Frontier of Supply Chain Attacks
https://www.aikido.dev/blog/promptpwnd-github-actions-ai-agents
Android expands pilot for in-call scam protection for financial apps
http://security.googleblog.com/2025/12/android-expands-pilot-in-call-scam-protection-financial-apps.html
[Beginners] All About Android Pentesting: A Complete Methodology
https://xcheater.medium.com/all-about-android-pentesting-f047b7c7e0f1
InQL v6.1.0 Just Landed with New Features and Contribution Swag! 🚀 · Doyensec's Blog
https://blog.doyensec.com/2025/12/02/inql-v610.html
Introducing Neo, an AI security engineer for complex security tasks — ProjectDiscovery Blog
https://projectdiscovery.io/blog/introducing-neo
How AI is leveraged to enhance the Intigriti platform.
https://www.intigriti.com/blog/news/how-ai-is-leveraged-to-enhance-the-intigriti-platform
SonarQube Compare Community vs Developer vs Enterprise vs Data Center
https://www.sonarsource.com/blog/sonarqube-compare-editions/
CSP Bypasses: Advanced Exploitation Guide
https://www.intigriti.com/researchers/blog/hacking-tools/content-security-policy-csp-bypasses
Cache Poisoning: $100K+ Case Studies Part 1 | Herish Blog
https://herish.me/blog/cache-poisoning-case-studies-part-1-foundational-attacks/
How I Hacked an AI Chatbot to Expose Thousands of Customer Records (IDOR + Prompt Injection)
sumitshahorg/how-i-hacked-an-ai-chatbot-to-expose-thousands-of-customer-records-idor-prompt-injection-760092ed99a4" rel="nofollow">https://medium.com/@sumitshahorg/how-i-hacked-an-ai-chatbot-to-expose-thousands-of-customer-records-idor-prompt-injection-760092ed99a4
⏳ Time is ticking! Black Friday is your chance to get 𝗕𝘂𝗿𝗽 𝗕𝗼𝘂𝗻𝘁𝘆 𝗣𝗿𝗼 and 𝗕𝘂𝗿𝗽 𝗕𝗼𝘂𝗻𝘁𝘆 𝗚𝗼 with 40% OFF!
🎯Advanced customization, faster audits, and the power to detect vulnerabilities with less effort.
🔗Don’t wait! bountysecurity.ai