Part-2️♂️Bug Bounty Secrets They Don’t Tell You: Tricks From 100+ Reported Bugs
✨Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwri … ⌘ Read more
Secret to find bugs in five minutes. Juicy reality. ⌘ Read more
Microsoft blinks, extends Office support for Windows 10 by three years
At the start of this year, Microsoft announced that, alongside the end of support for Windows 10, it would also end support for Office 365 (it’s called Microsoft 365 now but that makes no sense to me) on Windows 10 around the same time. The various Office applications would continue to work on Windows 10, of course, but would no longer receive bug fixes, security plugs, and so on. Well, it se … ⌘ Read more
Cracking the Dave & Buster’s anomaly
Let’s dive into a peculiar bug in iOS. And by that I mean, let’s follow along as Guilherme Rambo dives into a peculiar bug in iOS. The bug is that, if you try to send an audio message using the Messages app to someone who’s also using the Messages app, and that message happens to include the name “Dave and Buster’s”, the message will never be received. ↫ Guilherme Rambo As I read this first description of the bug, I had no idea what could possibly be causing th … ⌘ Read more
Bug Chain: pre-auth takeover to permanent access. ⌘ Read more
MacOS Sequoia 15.5 Update Released with Bug Fixes & Security Enhancements
MacOS Sequoia 15.5 is now available as a software update for Mac users running the Sequoia operating system. The system software update includes bug fixes and security enhancements, but does not appear to include any new features or other major changes. Additionally, Apple has also released MacOS Ventura 13.7.6 and macOS Sonoma 14.7.6 for Mac, … [Read More](https://osxdaily.com/2025/05/12/macos-sequoia-15-5-update-downlo … ⌘ Read more
iOS 18.5 Update Released for iPhone & iPad with Bug Fixes & Security Enhancements
iOS 18.5 for iPhone and iPadOS 18.5 for iPad have been released by Apple. According to the release notes accompanying the update download, the software updates primary focus is the introduction of a new Pride Harmony LGBTQ wallpaper. Additionally, parents will now receive a notification when the Screen Time passcode is used on a childs … [Read More](https://osxdaily.com/2025/05/12/ios-18-5-update-iphone-ip … ⌘ Read more
Raspberry Pi OS Update Finalizes Bookworm-Based Release Ahead of Debian Trixie
A new version of Raspberry Pi OS is now available, marking what is likely the final release based on Debian Bookworm before the upcoming transition to Debian Trixie later this year. The update introduces usability enhancements, bug fixes, and performance optimizations across the system. One notable addition is a customized screen locking mechanism based on […] ⌘ Read more
Master CRLF Injection: The Underrated Bug with Dangerous Potential
Learn how attackers exploit CRLF Injection to manipulate HTTP responses, hijack headers and unlock hidden vulnerabilities in modern web…
[Continue rea … ⌘ Read more
Bug Hunting in JS Files: Tricks, Tools, and Real-World POCs
✅Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/bug-hunting-in-js-files-tricks-tools-and-real-world-pocs-b4d43dd41d8e?source=rss—-7 … ⌘ Read more
Bug Bounty Race: Exploiting Race Conditions for Infinite Discounts ⌘ Read more
**Top 5 Easiest Bugs for Beginners in Bug Bounty **
Top 5 Easiest Bugs for Beginners in Bug Bounty 🐞
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/top-5-easiest-bugs-for-beginners-in-bug-bounty-45dd81c49e03?source=rss—-7b722bfd1b8d- … ⌘ Read more
️Recon Automation Like a Pro: My 5-Stage System to Catch More Bugs
✅Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/%EF%B8%8Frecon-automation-like-a-pro-my-5-sta … ⌘ Read more
Bug Hunting in JS Files: Tricks, Tools, and Real-World POCs
🗝️Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/bug-hunting-in-js-files-tricks-tools-and-real-world-pocs-70406e3eb72e?source=rss—-7 … ⌘ Read more
How to setup a Monthly Free VPS for Bug Hunting
In this article, I explained how to setup and use (GitHub CodeSpaces) for bug hunting
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-to-setup-a-monthly-free-vps-for-bug-hunting-d4 … ⌘ Read more
Revisiting the Past, Hacking the Future
From Invalid Reports to Real Vulnerabilities: The Path to Growth in Hacking
A Must-Have Tool for Bug Hunters: Find Open Redirect Vulnerabilities on Linux
Automate open redirection detection, save hours of manual testing, and level up your bug bounty recon game.
[Continue … ⌘ Read more
Ten Formidable Bugs and Insects That Scientists Recently Discovered
The insect world is home to strange, menacing creatures that, if you were a little bug, you would be wise to steer clear of. Year after year, researchers uncover new species of ferocious creepy crawlies, monsters of the minibeast world. Parasitic wasps, exploding ants, beetles with punky hairdos, there is no shortage of grisly wonders. […]
The post [Ten Formidable Bugs and Insects That Scientists … ⌘ Read more
** Bypassing Regex Validations to Achieve RCE: A Wild Bug Story**
✨Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/bypassing-regex-validations-to-achieve-rce-a-wild-bug-story-4c523f69b9f8?sourc … ⌘ Read more
Bug Hunting for Real: Tools, Tactics, and Truths No One Talks About
Let’s Skip the “Sign Up on HackerOne” Talk
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/bug-hunting-for-real-tools-tactics-and-truths-no … ⌘ Read more
↳
In-reply-to
»
@kat Have you rebuild from
⤋ Read More
main recently? 🤔
@kat@yarn.girlonthemoon.xyz Make sure you’re up-todate with main 🤣 I’m fixing little things here and there. Also please report bugs 🐞
Going to try and few up a few more UX bugs today with yarnd.
@andros@twtxt.andros.dev @eapl.me@eapl.me Still lots of bugs in my client. 🥴 I’ll try to fix it next week.
And yes, using the same timestamp twice will very likely break threads.
How To Set Up Your Ultimate OOB Bug-Hunting Server
Having your own hacking server is one of the most important investments you can make in your bug bounty journey.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-to-set-up-your-ultimate … ⌘ Read more
Hey @kat@yarn.girlonthemoon.xyz If you see this, I’m aware of a bug. I’m trying to figure it out and fix it. bare with me 🤗 It is what’s causing things to “stall” and to have to “restart”. Sorry 😞
** The $2500 bug: Remote Code Execution via Supply Chain Attack** ⌘ Read more
@kat@yarn.girlonthemoon.xyz @xuu@txt.sour.is Recommend you git checkout main && git pull && make build. Few bug fixes 😄
↳
In-reply-to
»
@kat Unless you've found buds in this branch it should be fine 😆 Um running yhe dame!
⤋ Read More
@bender@twtxt.net Fuck I meant “bugs” 🐞 Geez 🙄
$500 Bug Bounty:Open Redirection via OAuth on Shopify
Exploiting OAuth Errors: A Real-World Open Redirect Bug on Shopify
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/500-bug-bounty-open-redirection-via-oauth-on-shopif … ⌘ Read more
How i Access The Deleted Files of Someone in Google Drive | Bug Bounty ⌘ Read more
↳
In-reply-to
»
@xuu or @kat Do either of you have time this weekend to test upgrading your pod to the new
⤋ Read More
cacher branch? 🤔 It is recommended you take a full backup of you pod beforehand, just in case. Keen to get this branch merged and to cut a new release finally after >2 years 🤣
@kat@yarn.girlonthemoon.xyz Yes see UPGRADE.md – I believe @xuu@txt.sour.is is now running this live after a couple of hiccups and a bug fix. So yeah if you can, that would be cool, basically looking for early beta testers (I was the alpha tester 🤣)
Another war story: the hardest bug I ever debugged
I recently stumbled on Jacob Voytko’s Google Docs bug story and it reminded me of the weirdest bug I ever chased.
It started with a user reporting their webcam was rotated by 90° — but only sometimes. This turned into a wild hunt across browsers, OS quirks, WebRTC, and even HTTP redirects.
How a 20 year old bug in GTA San Andreas surfaced in Windows 11 24H2
The headline sets the stage, and the article delivers. This was the most interesting bug I’ve encountered for a while. I initially had a hard time believing that a bug like this would directly tie to a specific OS release, but I was proven completely wrong. At the end of the day, it was a simple bug in San Andreas and this function should have never worked right, and yet, at least on PC it hid i … ⌘ Read more
10 Unusual Beverages Made with Strange Ingredients
Thirsty? You just might want to double-check what’s in your glass before taking that first sip. Around the world, people apparently have a way of turning the bizarre into a beverage. I mean, hey, why not? From bug-based protein smoothies to alcohol infused with things that might make you scream rather than cheer, humans have […]
The post [10 Unusual Beverages Made with Strange Ingredients](https://listverse.com/2025/04/23/10-unusu … ⌘ Read more
I Lost $3,750 in 30 Seconds — The ATO Bug 99% of Hackers Miss (Here’s How to Avoid It)
The 1 Burp Suite Mistake That Cost Me $3,750 — Fix It in 30 Seconds
[Continue reading on InfoSec Writ … ⌘ Read more
How to Start Bug Bounty in 2025 (No Experience, No Problem)
✅Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-to-start-bug-bounty-in-2025-no-experience-no-problem-89adc68da592?source=rss—-7b … ⌘ Read more
↳
In-reply-to
»
Hmmm?
⤋ Read More
@movq@www.uninformativ.de Yeah I know 🤣 I found another bug in lextwt 🤦♂️ This whole DM / bang-mention thingy has thrown a spanner in the works 🔧 – Even if I wanted to implement it, I’m not even ready to try at the moment 😢
↳
In-reply-to
»
Hmmm?
⤋ Read More
@xuu@txt.sour.is As I also mentioend on IRC I think this is a. bug?
I Clicked a Random Button in Google Slides — Then Google Paid Me $2,240
The strange trick that exposed a hidden security flaw (and how you can find bugs like this too).
[Continue reading on InfoSec Write-ups »](https://in … ⌘ Read more
Chaining Bugs Like a Hacker: IDOR to Account Takeover in 10 Minutes
🚀Free Article Link…
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/chaining-bugs-like-a-hacker-idor-to-account-takeover-in-1 … ⌘ Read more
**How I Hijacked OAuth Tokens Through a Parallel Auth Flow Race Condition — $8500 P1 Bug Bounty ** ⌘ Read more