Hello friends,

As many of you may have heard by now, HackerOne went through a restructuring this past week, which has impacted many of my coworkers and friends. I’m grateful that I wasn’t directly affected, but if any of you have job opportunities available that I could share with my colleagues, I know they would be deeply appreciative during this time of transition.

While this week has been a rough one for me personally, it has also been an exciting one when it comes to new research and write-ups. We have a ton of great content being released by incredibly talented researchers, so I put extra focus on the write-ups section this time around.

Additionally, I also wanted to share a training opportunity I think many of you may find useful. I recently connected with Harrison Richard (ars0n), a Bug Bounty Village speaker, security leader who worked at companies such as FloQast, Quanta, and Rapid7, and a creator who regularly publishes high-quality educational content on YouTube. He has hours of free content available that I strongly recommend checking out first. However, if you’re looking for something more structured to help you quickly level up your bug bounty skills, he’s running a new paid class this February. More information will be below.

Enough of that. Let’s dive in.

Bug Bounty Launch Pad (Feb 21, 2026) [LIVE CLASS]
by Harrison Richardson (@rs0n)

Bug Bounty Launch Pad is a 9-hour live virtual workshop designed to help beginners and early-stage researchers build a strong foundation in bug bounty hunting.

The training covers core concepts, real-world workflows, and practical techniques, and includes live instructor-led sessions, supporting materials, and access to a private Discord community for continued learning and discussion.

If you’re looking for a structured way to level up your skills quickly, this workshop is a great place to start. Seats are limited.

Disclosed audience bonus: Use promo code DISCLOSEDAPPSEC to receive $10 off your registration.

Register Now →

Eight Account Takeover Chains Against Meta's Client-Side Infrastructure [📓 Blog] by Sammouda (@samm0uda)

Sammouda published eight distinct account takeover chains against Meta this week, each exploiting different trust boundaries across Facebook and Instagram's authentication, messaging, and analytics infrastructure. The research focuses on client-side attack surfaces, OAuth flows, postMessage handlers, script-serving endpoints, and third-party integrations, and demonstrates how weak validation compounds into full account compromise.

OAuth & Token Theft:

  • datr Cookie Theft: Extracts the long-lived device identifier via OAuth/Graph API batch requests, then replays it to trigger trusted-device recovery with AI-generated identity documents ($24,000 bounty).

  • FXAuth Token via Native SSO: Bypasses native SSO redirect validation using double-URL-encoding and path traversal to steal FXAuth tokens from an iframe postMessage, linking victim Facebook accounts to attacker-controlled Instagram via Accounts Center.

  • FXAuth Token via apps.facebook.com: Exploits attacker-controlled application namespaces on apps.facebook.com to intercept FXAuth tokens despite Meta's domain-restriction fix, enabling two-click account takeover.

postMessage & Trust Boundaries:

  • Payment Flow XSS Escalation: Chains XSS in a third-party payment provider with Facebook's postMessage handler that trusts and injects attacker-controlled HTML from that origin, escalating to Instagram ATO via OAuth flows.

  • Meta Pixel Script Abuse: Leverages postMessage trust in fbevents.js (Meta Pixel) deployed across millions of third-party sites to steal Instagram OAuth authorization codes and generate first-party access tokens.

  • Facebook SDK RNG Weakness + XSS: Exploits Math.random() for callback token generation in the Facebook SDK, combined with XSS in the Customer Chat plugin and frame-ancestors bypass, to predict tokens and steal OAuth credentials in the mobile app webview.

XSS & Script-Serving:

  • Conversions API Gateway XSS: Identifies multiple XSS vectors in Meta's capig-events.js script (including postMessage origin trust issues) and demonstrates zero-click takeover by chaining CSP bypasses with script-serving vulnerabilities.

Information Disclosure:

  • Multiple Cross-Site Leaks: Documents XS-Leak primitives across Meta platforms that enable precise user ID de-anonymization and Meta employee identification on third-party websites via response-type differences and plugin behavior.

Caido’s Year in Review 2025 [📓 Blog]
by Caido

Caido’s 2025 recap covers major releases, performance and UX improvements, and continued investment in its plugin ecosystem. It also highlights new analysis capabilities (including Scanner and GraphQL-focused tooling) and broader efforts around AI-assisted workflows.

Read More →

Vote on the Top 10 Web Hacking Techniques of 2025 by Jan 22 [📓 Blog]
by PortSwigger

Review the nominations and rank the 10 entries you think contribute the most to the field before the deadline. Closing time: 22 January 2026 08:00:00 (UTC)

Read More →

Have something you want to Spotlight? Tell me.

Intigriti Platform Updates: New API, Profile Improvements, and Retest Alerts [📓 Blog]
by Intigriti

Intigriti announced multiple platform updates, including a new earnings API for researchers, optional cross-platform reputation display on profiles, and notifications when duplicated vulnerabilities are resolved, enabling researchers to retest fixes and hunt for bypasses.

Read More →

OpenProject Launches Public Bug Bounty [📓 Blog]
by YesWeHack

OpenProject is now running a public bug bounty on YesWeHack. This is a sizable open-source surface area with plenty of room for auth, permission, and data exposure issues.

Read More →

BugBop Bug Bounty Platform: First Year in Review [📓 Blog]
by BugBop (@BugbopApp)

BugBop’s first-year retrospective shares platform metrics and operational lessons around triage quality and report disposition. It also outlines planned product changes, including more pre-report filtering to reduceNot Applicable submissions.

Read More →

Did I miss an important update? Tell me.

waymore v7.5: IntelX Free Academia Integration [🛠️ Tool]
by XNL-H4CK3R

waymore v7.5 adds IntelX support via the Free Academia tier, enabling eligible researchers to pull IntelX data directly into waymore-driven recon. The release is mainly an integration update, but it can meaningfully expand OSINT coverage when IntelX data is part of the workflow.

Read More →

1.7B Public Domains Dataset for Large-Scale Recon [🛠️ Tool]
by Md Ismail (@0x0SojalSec)

This repo publishes a large, pre-sorted public domains dataset intended for recon, OSINT, and threat intel workflows. Its primarily a raw input for building domain-based pipelines (discovery, enrichment, monitoring, and blocklist research) rather than a standalone scanner.

Read More →

mongodb/kingfisher: Secret Detection and Live Validation) [🛠️ Tool]
by Mongodb

Kingfisher is a Rust-based secret scanner that pairs high-performance matching (Hyperscan) with validators to reduce false positives via live verification. It supports broad sourceslocal files, Git repos, popular VCS providers, S3, Docker images, and SaaS targets like Jira/Slack/Confluencemaking it practical for large-scale automated secret hunting.

Read More →

clairvoyance: Recover GraphQL Schemas Without Introspection) [🛠️ Tool]
by Nikita Stupin (@_nikitastupin)

Clairvoyance reconstructs GraphQL schemas even when introspection is disabled by probing and leveraging error-driven hints to enumerate types and fields. Its a solid option for GraphQL recon pipelines, and a reminder that disabling introspection alone doesnt meaningfully reduce schema discoverability without tighter error handling and rate limits.

Read More →

Have a favorite tool? Tell me.

Pwning Claude Code in 8 Different Ways [📓 Blog]
by RyotaK (@ryotkak)

This post breaks down eight paths to command execution in Claude Code by exploiting permission gaps and argument parsing edge cases across Git, sed, Bash expansion, and wrapper-layer interpretation. Its a strong reminder that LLM runtime hardening has to be end-to-end: strict parsing, sandboxing, and least-privilege controls beat prompt-based permission prompts.

Read More →

YesWeHack Dojo #47 (APICrash) Solution [📓 Blog]
by YesWeHack

This Dojo solution demonstrates a race condition triggered by batching GraphQL mutations with aliases against a TinyDB-backed service that spawns threads for updates. Concurrent file writes corrupt the JSON store and can leak the flag via error handling, highlighting how seemingly valid GraphQL usage can amplify concurrency bugs in file-based persistence layers.

Read More →

Stored XSS via AI-Generated Slides in Genspark [📓 Blog]
by P1njc70r ed about this (@p1njc70r)

This report claims Genspark’s slide-generation flow could emit unsanitized HTML that executed when shared via public conversation links, resulting in stored XSS for viewers. The thread notes disclosure attempts and suggests the behavior has since been mitigated, reinforcing the need to sandbox and sanitize AI-generated markup before rendering.

Read More →

Turning List-Unsubscribe into an SSRF/XSS Gadget [📓 Blog]
by Lauritz (@lauritz)

This post shows how RFC2369 List-Unsubscribe handling can become an attack primitive in webmail and mail clients, leading to stored XSS and blind SSRF. It includes concrete cases in Horde Webmail (javascript: handling) and Nextcloud Mail, plus practical guidance for safer parsing and URL scheme restrictions.

Read More →

ElysiaJS Cookie Signature Validation Bypass [📓 Blog]
by Devansh (@0xasm0d3us)

This analysis documents a cookie signature validation bypass in ElysiaJS tied to how signing secrets and rotation were handled. The write-up includes a PoC, links to the affected code paths, and the upstream fix, making it a useful reference for auditing similar cookie-signing implementations.

Read More →

Critical Supabase JWT Exposure Found with rep+ [📓 Blog]
by Bour Abdelhadi (@BourAbdelhadi)

This report walks through finding an exposed Supabase anon JWT in client-side assets and validating real impact by probing Supabase APIs and Row Level Security behavior. It also covers safe verification steps and disclosure, underscoring how anon tokens can still be highly sensitive when RLS and endpoint exposure arent tightly controlled.

Read More →

LangSmith Playground RCE via Unsafe Template Formatting [📓 Blog]
by Critical Thinking Podcast

This write-up describes an RCE chain in LangSmith Playground stemming from unsafe manifest deserialization and dangerous template formats (f-string/mustache/jinja2). The key escalation uses jinja2 alongside Pydantic parse_raw behavior to reach pickle deserialization, with request-level details and vendor fixes included.

Read More →

Modifying Netflix OTP Messages via an Unauthenticated Endpoint [📓 Blog]
by Sijan Mainali (@sijan2003)

This post describes research into Netflixs SMS OTP delivery flow, focusing on reversing and instrumenting the Android client to understand how OTP messaging is triggered. It highlights the risk of weaknesses around provider integrations and unauthenticated endpoints in SMS-based auth flows, where message tampering can have outsized account security impact.

Read More →

Did I miss something? Tell me.

AI Is the New Magical Master Key: How Attackers Are Using AI as a Tool [📓 Blog]
by Bugcrowd

This piece surveys how threat actors are operationalizing AI for phishing and impersonation, recon automation, and malware development, while also touching on AI-specific abuse like prompt injection and data poisoning. It stays high-level, but frames practical defensive priorities around securing the AI development lifecycle, inventorying AI-exposed surfaces, and adding adversarial testing.

Read More →

Exploiting Information Disclosure Vulnerabilities [📓 Blog]
by Intigriti

The link appears to return cookie/consent content instead of the actual article, so the technical material couldnt be reviewed. This likely needs a re-fetch to capture the intended coverage of disclosure primitives and exploitation patterns.

Read More →

Burp Suite MCP Server + Codex CLI Integration [📓 Blog]
by Six2dez (@Six2dez1)

This guide shows how to connect Burps MCP Server to the Codex CLI so an agent can reason over intercepted HTTP traffic. It covers extracting the MCP proxy JAR, configuring Codex, and using a local reverse proxy to work around Origin validation issues.

Read More →

Did I miss something? Tell me.

Crushing Pwn2Own & H1 with Kernel Driver Exploits (Ep. 157) [🎥 Video]
by Critical Thinking Podcast

This episode interviews Hypr on exploiting a MediaTek kernel driver heap overflow, covering ioctl analysis, debugging workflows, and the steps needed to turn a memory corruption bug into reliable privilege escalation. It also compares the incentives and constraints of Pwn2Own-style exploitation versus bug bounty hunting.

Read More →

Three Common OAuth Misconfigurations That Lead to Account Takeover [🎥 Video]
by Harrison Richardson (@rs0n)

This video reviews three OAuth misconfigurations that led to account takeovers, using real bug bounty reports as case studies. It maps the broken flows back to OAuth guidance and highlights defensive fixes like strict redirect_uri validation and safer token handling.

Read More →

Hacking Google Drive Integrations [🎥 Video]
by JakSec

This demo focuses on common weaknesses in Google Drive integrations, including XSS via WebContentLink rendering and SSRF via ThumbnailLink fetching. It provides concrete PoCs and highlights where developers typically mishandle untrusted URLs and embedded content.

Read More →

AI Red Teaming: What Breaks, How It Breaks, and the Human Role [🎥 Video]
by HackerOne

rez0 outlines how AI red teaming differs from jailbreak-focused testing by prioritizing application-level failure modes like prompt injection in real product surfaces. The talk emphasizes where automation helps and where human-led investigation is still required to find exploitable behaviors and meaningful impact.

Read More →

How Hackers Exploit Open Redirect Vulnerabilities [🎥 Video]
by zack0x01

This walkthrough demonstrates how open redirects are found and bypassed, including common normalization and encoding tricks that break weak allowlists. It also covers how redirects get weaponized for phishing and token capture, alongside straightforward mitigations.

Read More →

Office Hours 001: Emile (TheSytten) on Caido [🎥 Video]
by Intigriti

This session features an interview with Emile (TheSytten) from Caido, covering tool development and bug hunting perspectives in a longer-form Q&A format. The recording is hosted as an X Spaces replay.

Read More →

Did I miss something? Tell me.

Mixed-Case XSS Payload Using confirm() for Filter Bypass [𝕏 Tweet]
by Will Gates (@WllGates)

This tweet shares a compact mixed-case <script> payload that uses unconventional delimiters around confirm() to slip past naive filters. It credits the original payload to @viehgroup.

Read More →

Reusable XSS Payload Demonstrating alert(origin) [𝕏 Tweet]
by Adem Suslu (@suslu7616)

This tweet posts an XSS payload that triggers alert(origin) as a quick execution proof. Its useful as a minimal PoC pattern when validating similar injection points.

Read More →

DNS Rebinding Bypassed Slack SSRF Filters (,000) [𝕏 Tweet]
by Abhishek Meena (@aacle_)

This thread describes using DNS rebinding to bypass Slack SSRF defenses by exploiting inconsistent resolution/validation behavior. It includes enough implementation detail to understand the failure mode and why one-time IP checks are fragile.

Read More →

Did I miss something? Tell me.

Did you like this week's drop?

Please share feedback.

Login or Subscribe to participate

Because Disclosure Matters: This newsletter was produced with the assistance of AI. While I strive for accuracy and quality, not all content has been independently vetted or fact-checked. Please allow for a reasonable margin of error. The views expressed are my own and do not reflect those of my employer.

Keep Reading

No posts found