🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

cant wait to file an expense report for the genshin impact apple pies i just purchased

New writeup from ꙅɿɘƚɔɘqꙅ and I: we're finally allowed to disclose a vulnerability reported to Kia which would've allowed an attacker to remotely control almost all vehicles made after 2013 using only the license plate. Full disclosure: samcurry.net/hacking-kia

New episode focused on Browser Extension Hacking is live with Matan Berson! We cover the structure of browser extensions, the threat model for each component, and some practical vulnerabilities/common mistakes. Very practical episode. youtube.com/watch?v=ziP4cx…

We're proud to announce LIGHTYEAR, a tool that let you dump files, blind, in PHP, based on a new algorithm. ambionics.io/blog/lightyear…

🚨 Security Alert: Over 2 billion Android users and 100 million Pixel users may be at risk of file theft, VPN bypass, unauthorized Bluetooth access, and geolocation leaks. Visit our blog for details. blog.oversecured.com/Disclosure-of-…

🎉 Announcing ⇧Shift - The Cursor of Hacking Justin Gardner and I have been cooking up an awesome AI hacking tool and releasing it to beta testers starting today. ⇧ Shift is a Caido plugin that makes hacking faster and easier so you can make more money in less time. Read on 👇

🎄❄️❄️❄️❄️❄️❄️❄️❄️❄️❄️🎄 This holiday season, as the children of NX City prepare to celebrate Rustmas and await the arrival of Rusty Claws, a band of ruthless Rogue Mechs emerges from the Wasteland. Their plan? to steal the Naughty & Nice list and ruin Rustmas forever. Their

🚨 NEW BLOG POST: How I Became the Most Valuable Hacker 🚨 🔥 My best hacking month ever 🥇 1st place 🏆 MVH belt Here's what I used to snag HackerOne 's ultimate prize. 2025 is YOUR year to get the belt! douglas.day/2024/12/13/How… #BugBounty #Hacking #MVH

Good day to remember just how big that green tree is

shift is officially launched for anyone!

h-hey!

HUGE personal life update! 💻😊 Yesterday was my last day as a Principal AI Engineer at AppOmni. Today, I'm a full time bug bounty hunter and solo founder. - AppOmni is amazing, and I still support them fully. I was there almost 5 years! - I’m freaking pumped to do full-time

Please stop posting your five second grep of strings from a Chinese app and making wild claims 😭

New blog post with shubs: We found a vulnerability in Subaru where an attacker, with just a license plate, could retrieve the full location history, unlock, and start vehicles remotely. The issue was reported and patched. Full post here: samcurry.net/hacking-subaru

The DOGE website appears to be developed and hosted by Outburst Data, run by current DOGE employee Kyle Schutt. If you view the source of any page on the DOGE website, you'll see that the images are proxied through Cloudflare's ImageDelivery service.

I'm a hacker and AI researcher who has reported vulnerabilities to OpenAI, Google, and others. I wrote this guide as a reference of all of the ways that you can hack AI. It has saved me hours. Bookmark this if you need a reference for what all to try (AND includes mitigations).

We heard you needed some more time, so we wanted to let you cook. We decided to push the Phrack 72 CFP deadline back until June 15th. Stay tuned for upcoming Phrack events. Print this flyer out and give it to someone IRL!!

LISTEN UP ⬇️

Why hack one device, when you can hack a million of them? My latest blogpost based on my NULLCON talk explores hacking smart weighing machines and health devices by hijacking their user-device association flows. spaceraccoon.dev/pwning-million…