May 12 · 3 min read · The Discovery The platform offered newly registered users a welcome voucher that could be redeemed for credit. At first glance, the implementation appeared secure. Manually modifying the visible vouch
Join discussion
May 5 · 11 min read · I wanted to re-open an old Binance API security issue. Not because I enjoy re-litigating old reports. Because the last thirteen days made the threat model painfully concrete. I found or stumbled into
LLaura commented
Apr 28 · 3 min read · Bug bounty hunting is one of the most exciting ways to learn cybersecurity while working on real-world applications. Unlike theoretical learning, it gives you the opportunity to test live systems, thi
Join discussion
Apr 26 · 6 min read · The harmless profile endpoint that taught me how real bugs work Early in my bug bounty journey, I found a bug that looked simple from the outside, but it changed the way I think about web security. At
Join discussion
Apr 26 · 3 min read · In cybersecurity, we often hunt for complex technical bugs. However, some of the most fun vulnerabilities aren’t found in the code's syntax, but in its Business Logic. I discovered a Medium-severity f
Join discussionApr 10 · 2 min read · This was my first ever valid bug bounty report through a VDP, and it got marked Medium severity. It was also not a duplicate, so for me this was a huge win. One thing I had heard a lot in bug bounty i
AArchit commented
Apr 9 · 9 min read · Overview During a recent pentest of an iOS health application (let's call it MedVault), I came across something interesting. The app was using custom URL schemes for deep linking but had no Universal
LALaura and 2 more commented
Apr 6 · 8 min read · The Bug This blog post outlines the chains of multiple gadgets to achieve a full read ssrf on a target. Open Dynamic client registration on the MCP server to create an open redirect gadget Path norm
Join discussion
