Disclosed. January 26, 2026. AI Safe Harbor, Salesforce OAuth Token Theft, New Features, Masterclasses, and more.

Hey there!

Lately my content pipeline has been in a much better place. I’m finding more content, and the quality of these write-ups has been genuinely exciting to see. I’m still trying to strike the right balance between sharing useful things and not overwhelming your inbox, so if you have feedback, I’d love to hear it. You can always just reply to this email.

If you’re new here, welcome. I’ve been putting more effort into growing and reaching new people. And if you’ve been around for a while and find value in what I share, I’d really appreciate you passing this along to someone who might enjoy it too. Even one referral makes a big difference.

Behind the scenes, I’ve been doing a little less hacking in my free time and spending more energy building internal tooling to keep Disclosed running smoothly. If you know of any good tools for turning content into a clean, on-brand ebook design, I’d love recommendations. I’ve experimented with building my own, but the results have been a bit hit or miss.

On the personal side, a friend recently showed me some Claude agents he built that have already helped uncover bugs. The progress in this area feels like a major unlock, and it’s something I’m excited to spend more time exploring.

Anyway, let’s dive in.

P.S. I’m available for 1:1 calls if you want to chat about bug bounty, career growth, community building, or anything else you think I can help with. You can book time with me here.

Bug Bounty Launch Pad (Feb 21, 2026) [LIVE CLASS]
by Harrison Richardson (@rs0n)

Bug Bounty Launch Pad is a 9-hour live virtual workshop designed to help beginners and early-stage researchers build a strong foundation in bug bounty hunting.

The training covers core concepts, real-world workflows, and practical techniques, and includes live instructor-led sessions, supporting materials, and access to a private Discord community for continued learning and discussion.

If you’re looking for a structured way to level up your skills quickly, this workshop is a great place to start. Seats are limited.

Disclosed audience bonus: Use promo code DISCLOSEDAPPSEC to receive $10 off your registration.

HackerOne Announces Good Faith AI Research Safe Harbor [𝕏 Tweet]
by HackerOne

HackerOne introduced its Good Faith AI Research Safe Harbor, positioning it as a clearer authorization and liability framework for responsible AI security testing. The announcement extends the traditional safe-harbor model to AI-specific testing scenarios where legal ambiguity has historically chilled disclosure.

Salesforce OAuth Token Theft via WAF-Assisted XSS Escalation [𝕏 Tweet]
by Rafael Castilho (@castilho101)

A write-up where an XSS in an SFRA context is escalated into Salesforce OAuth token exfiltration, using WAF behavior as part of the chain. Its a useful case study in how token-handling and edge controls can combine into an unexpected account-takeover path.

Bug Bounty Masterclass Announcement (Nagli) [𝕏 Tweet]
by Wiz (@wiz_io)

Wiz promoted a paid Bug Bounty Masterclass led by Nagli, including hands-on challenges and a certification. The post is primarily an enrollment announcement, with minimal technical content in the thread itself.

Have something you want to Spotlight? Tell me.

Intigriti Ships Earnings API, Cross-Platform Reputation, and Dupe Resolution Alerts [📓 Blog]
by Intigriti

Intigriti rolled out three researcher-focused updates: an Earnings API for programmatic payout history, optional cross-platform reputation display on profiles, and notifications when dupes are resolved. The dupe alerts are particularly practical for retesting fixes and looking for bypasses once mitigations land.

PortSwigger Hiring On-Site Web and AI Security Researchers [𝕏 Tweet]
by James Kettle (@albinowax)

PortSwigger is recruiting on-site web and AI security researchers. The posting highlights work alongside the PortSwigger research team and links out to the full job description and application details.

HackerOne Publishes a List of 104 Hacking Tools and Resources [📓 Blog]
by HackerOne

HackerOne published a broad tooling roundup spanning web, API, cloud, mobile, and recon workflows (including staples like Burp, ZAP, sqlmap, Amass, and Frida). Its a practical index for refreshing a hunting stack or pointing newer teammates to commonly used utilities.

Researcher Spotlight: Evan Connelly [📓 Blog]
by HackerOne

This profile covers Evan Connellys approach to research: starting from impact, looking for recurring failure modes, and prioritizing systems where mistakes cause real harm. Its less a technical write-up and more a perspective piece on methodology and communication in vulnerability work.

YesWeHack Launches 2 New Public Bug Bounty Programs (GoTo/GoJek, Zivver) [𝕏 Tweet]
by YesWeHack

YesWeHack announced two new public programs: GoTo/GoJek (rewards up to $7,000) and Zivver (rewards up to 310,000), spanning web/API and mobile scope. Both posts link directly to program pages and scope, making them immediately actionable for recon and triage.

cURL Ends Bug Bounty Program After AI-Generated Report Flood [𝕏 Tweet]
by WeldPond

cURL shut down its bug bounty program after maintainers were overwhelmed by high-volume, low-signal submissionsmany apparently AI-generated. Its a blunt indicator of how report quality and triage load can collapse disclosure channels when incentives arent paired with strong filtering.

Did I miss an important update? Tell me.

Trail of Bits Skills: Claude Code Workflows for Security Research and Audits [🛠️ Tool]
by Trail of Bits

Trail of Bits published a collection of Claude Code skills intended to modularize LLM-assisted security work, including audit helpers, differential review workflows, and specialized analyses (e.g., smart contracts and constant-time checks). The repo is structured as reusable building blocks for integrating agentic assistance into review and triage pipelines.

sec-context: AI Code Security Anti-Patterns Dataset for Safer LLM Output [🛠️ Tool]
by Jason Haddix (@Jhaddix)

This repository aggregates secure-coding anti-patterns pulled from 150+ sources, packaged as context to steer LLMs away from unsafe implementations. Its positioned as a practical dataset for prompt guardrails, internal checklists, or tooling that evaluates AI-generated code for known failure modes.

JSAnalyzer: Static JavaScript Analyzer for Endpoints and Secrets (Burp + Python) [🛠️ Tool]
by GitHub

JSAnalyzer performs static analysis on JavaScript to extract endpoints/URLs and flag potential secrets (tokens, keys, JWTs) with source attribution back to the originating file. It ships both as a Burp extension and as a standalone Python engine, making it useful for either interactive recon or batch processing.

burp_global_match_replace: Global Match & Replace for Burp Suite [🛠️ Tool]
by Dominic White (@singe)

This Burp extension adds a global Match & Replace table that applies across Burp tools, not just Proxy. Its useful for consistent payload transforms, header/body rewrites, or sanitization rules during testing, with support for literal and regex-based replacements.

Waymore v8.0 Adds GhostArchive Source and New Filtering Flags [𝕏 Tweet]
by XNL-H4CK3R

Waymore v8.0 adds GhostArchive as a data source and introduces an exclude flag for GhostArchive results, alongside provider list updates. The release also changes default filtering behavior to surface additional file types that were previously suppressed.

Caido Releases a Browser Extension for Automatic Proxy Routing [𝕏 Tweet]
by Caido

Caido released an official browser extension (Chrome/Firefox) that automates proxy configuration by routing traffic to a Caido instance. Its a quality-of-life improvement for quickly swapping environments without manual browser proxy setup.

Burp AI Agent Adds Sessions, Passive Scanning, and Multi-Provider LLM Backends [𝕏 Tweet]
by Six2dez (@Six2dez1)

This update outlines new Burp AI Agent features including session support, a chat-first UI, context actions that route into chat, issue creation, and a passive scanner. It also adds backend selection across multiple LLM providers (OpenAI, Claude, Gemini, Ollama, LM Studio, and others).

PayloadsAllTheThings Gets New SSTI-to-RCE Payloads (via Brumens2 Research) [𝕏 Tweet]
by YesWeHack

YesWeHack pointed to new PayloadsAllTheThings additions covering advanced SSTI payloads that can reach RCE in common templating contexts. Its a handy refresh for anyone expanding their SSTI test matrix and payload repertoire.

ffufr: CLI Parser and Filter for FFUF JSON Output [🛠️ Tool]
by Matt Greer (@VailSec)

ffufr is a lightweight CLI for searching and filtering FFUF JSON output to speed up fuzzing triage. It focuses on quickly isolating interesting responses from large runs with readable, color-coded output that fits into terminal-driven workflows.

Have a favorite tool? Tell me.

Copilot or Coconspirator: Tricking GitHub Copilot and Exfiltrating Secrets [📓 Blog]
by Adnan Khan (@adnanthekhan)

This post describes an attack chain against GitHub Copilot Agent that results in secrets exfiltration via a poisoned CI pipeline run. The core mechanism combines prompt injection, a TOCTOU-style workflow gap, and a malicious issue assignment that maintainers cannot fully inspect at assignment time.

BodySnatcher (CVE-2025-12420): Auth Bypass in ServiceNow Virtual Agent Integrations [📓 Blog]
by Aaron Costello (@ConspiracyProof)

AppOmnis AO Labs details BodySnatcher (CVE-2025-12420), a broken authentication issue in ServiceNow Virtual Agent integrations that enabled user impersonation with only an email address, bypassing MFA/SSO. The write-up connects the bug to broader risks in agentic workflows and includes remediation guidance and defensive controls.

Hunting Account Takeovers in MCP OAuth Servers via Open Dynamic Client Registration [📓 Blog]
by SickSec (@OriginalSicksec)

This research surveys common MCP OAuth server misconfigurations, focusing on open Dynamic Client Registration combined with weak redirect URI validation and non-mandatory PKCE. It walks through a one-click ATO path by registering an attacker-controlled client and hijacking OAuth flows, plus practical discovery tips for finding exposed MCP endpoints.

Impact of a Leaked AWS Cognito Identity Pool ID [📓 Blog]
by Hazem (@H4cktus)

This write-up shows how a leaked Cognito Identity Pool ID can be exchanged for unauthenticated temporary AWS credentials when the unauthenticated role is overly permissive. It includes the exact Cognito/ST S calls and a concrete impact case (writing to a production S3 bucket), along with IAM hardening recommendations (prefix scoping via cognito:sub and server-side ownership checks).

Breaking Multi-Tenant Isolation in Heroku Postgres [📓 Blog]
by Allistair Hakim

This post describes a Heroku Postgres issue affecting multi-tenant clusters where user-controlled scripts could be executed, enabling cross-tenant read/write access. It covers the underlying architecture, the isolation failure mode, and the remediation that blocked execution of user-controlled scripts.

SvelteKit (CVE-2025-67647): Native Full-Read SSRF and One-Shot DoS in the Node Adapter [📓 Blog]
by Zhero

Zhero analyzes CVE-2025-67647 in SvelteKits Node adapter, detailing how origin construction and internal fetch conditions can be abused into full-read SSRF, alongside a one-shot DoS. The post includes a working exploit chain and discusses why adapter-level trust boundaries are easy to get wrong.

Privilege Escalation via a Service Account Impersonation Chain [📓 Blog]
by Jakub Domeracki (@j_domeracki)

This live-bounty write-up details an authenticated privilege escalation in Google SecOps SOAR using a service-account impersonation chain. It combines sandbox escape techniques and token/JWT abuse to pivot into higher-privilege identities, with mitigations focusing on IAM binding hardening and stricter isolation around embedded execution environments.

HackerNotes Ep. 158: Charity Hack-Along Technical Findings Roundup [📓 Blog]
by Critical Thinking Podcast

This roundup aggregates multiple practical findings from a charity hack-along, including postMessage race tactics, iframe permission delegation pitfalls, auth/header edge cases across redirects, and several real-world bypass patterns. Its dense and reproduction-oriented, making it a strong grab-bag for expanding test checklists.

Dependency Confusion in Ruby Gems Leading to Developer Machine RCE [📓 Blog]
by Ahmed Tarek

This write-up demonstrates a dependency confusion PoC where a higher-version malicious gem is published to RubyGems and pulled onto developer machines via direct installs outside Bundler controls. It includes end-to-end recon and payload behavior, plus mitigations around dependency pinning and safer install workflows.

Gift Card and Promo Code Security Research: Races, IDORs, and Injection [📓 Blog]
by Max Yaremchuk (@0xw2w)

This post analyzes a set of weaknesses in gift card and promo flows, including redemption race conditions, IDORs over gift card objects, and HTML injection into notification emails. It focuses on realistic fraud impact and includes concrete exploitation narratives and remediation guidance (idempotency, locking, and strict authorization).

Did I miss something? Tell me.

Favicon Similarity Search Using Perceptual Hashing, LSH Indexing, and CNN Re-Ranking [📓 Blog]
by Profundis Blog (@profundisio)

Profundis details a production favicon similarity system operating over a 50M+ corpus, combining perceptual hashes and segmented LSH for retrieval with CNN-based re-ranking. Its a useful reference for building OSINT-style similarity search thats fast, incremental, and operationally robust.

Testing GraphQL for Recursive Query DoS (Resource Exhaustion) [𝕏 Tweet]
by the_IDORminator (@the_idorminator)

This tweet highlights a DoS class in GraphQL where deeply nested or recursive queries can exhaust CPU/memory. It suggests a safer testing approach (start shallow, watch timing/limits) and reinforces the need for query depth/complexity controls on production schemas.

On the Coming Industrialisation of Exploit Generation with LLMs [📓 Blog]
by Sean Heelan (@seanhn)

Sean Heelan reports on reproducible experiments where agentic LLM setups automatically discovered and exploited a QuickJS zero-day, generating dozens of exploit variants across scenarios. The post frames token throughput as a potential scaling bottleneck for exploitation, and includes code to reproduce and extend the evaluation.

Practical Mobile Traffic Interception Using Frida and Burp [📓 Blog]
by Juan Urbano Stordeur (@juanurss)

This guide covers practical interception setups for Android and iOS, including certificate installation pitfalls and common SSL pinning bypass approaches using Frida tooling. It also touches Flutter-specific considerations and alternative workflows for newer platform constraints.

Did I miss something? Tell me.

This Hacker Made $70,000 With This Simple Bug [🎥 Video]
by Ben Sadeghipour (@NahamSec)

NahamSec interviews Teflon on two similar 2FA bypasses that reportedly paid $70,000 in total. The walkthrough focuses on token/cookie handling during the login flow and how swapping pre-2FA artifacts into the post-2FA step led to full account access, likely driven by code reuse and weak server-side binding.

10hr Marathon Hack-Along Recap + $300k Client-side Bugs (Ep. 158) [🎥 Video]
by Critical Thinking Podcast

This recap covers a charity hack-along and several client-side lessons, including postMessage race tactics and avoiding background JS throttling by controlling window.open dimensions. The hosts also discuss partial auth states across SaaS portfolios and why enumerating API/SPA behavior with those tokens can uncover high-impact issues.

Broken Access Control Tutorial: Hacking Feedback Forms [🎥 Video]
by Medusa (@medusa_0xf)

This video demonstrates practical testing of feedback form features for broken access control, including IDOR-style parameter swaps and privilege escalation paths. It focuses on Burp-driven workflows and how to turn small authorization gaps into clear proof-of-impact.

Talkie Pwnii Android Special #2: APK Extraction & Mapping Attack Surfaces [🎥 Video]
by YesWeHack

YesWeHack walks through Android recon from APK acquisition to static analysis with apktool/jadx and automated extraction with tools like MobSF. The episode emphasizes quickly identifying exposed components, permissions, and embedded endpoints, then validating impact beyond found a key-style reporting.

Breaking LLMs in the Wild (IdentityShield '26) [🎥 Video]
by miniOrange

This talk surveys real-world failure modes in deployed LLM systems, including prompt leakage, jailbreaks, indirect prompt injection, and unsafe output handling. It frames the issues as engineering and control-plane problemsnot just model behaviorand discusses monitoring and mitigation strategies.

Sacrificial Nameservers: DNS Hijacking via EPP Loopholes (VULNCON 2025) [🎥 Video]
by Devansh (@0xasm0d3us)

Devansh Batham explains how sacrificial nameservers and EPP/registrar workflow gaps can enable large-scale DNS hijacking. The talk maps the root causes to protocol and operational constraints and outlines registrar-side mitigations to prevent orphaned nameserver abuse.

IDOR Infinite Money: Bug Bounty Hacktivity Explained [🎥 Video]
by JakSec

This video breaks down several real IDOR reports with financial impact, showing how object-level authorization failures translate into balance manipulation and unauthorized actions. It focuses on the common anti-patterns behind infinite money outcomes and what strong authorization and logging should look like on payment flows.

Did I miss something? Tell me.

Large-Scale Scanning Automation Hits 1M Monitored Hosts [𝕏 Tweet]
by drop (@dropn0w)

drop shared a milestone: their monitoring setup now tracks 1M live hosts across major bug bounty platforms. Its a notable signal of how far automated recon and change-detection pipelines can scale in practice.

Hunting PII in JavaScript via .json Mock File References [𝕏 Tweet]
by the_IDORminator (@the_idorminator)

This tip suggests grepping JavaScript for .json references to uncover mock/test response files (often under assets/mock-style paths) that can leak PII or secrets. Its a simple heuristic that pairs well with JS endpoint extraction and static analysis workflows.

Five Practical JWT Attack Techniques for Token Testing [𝕏 Tweet]
by André Baptista (@0xacb)

André Baptista lists common JWT test cases including alg=none handling, weak HMAC secret cracking, RS256HS256 confusion, kid manipulation, and token reuse across environments. Its a compact checklist for quickly validating whether a JWT implementation is actually enforcing its security assumptions.

ETag Length as a Cross-Origin Side-Channel (CTF PoC) [𝕏 Tweet]
by Critical Thinking Podcast

This tweet points to Arkarks SECCON CTF technique where single-byte response differences shift ETag length, turning it into a measurable oracle. Its a good reminder that caching metadata can leak cross-origin state when combined with careful client-side measurement.

Patched YouTube Bug Reportedly Exposed Partnered Creators Emails ($20K) [𝕏 Tweet]
by DramaAlert

This tweet claims a patched YouTube issue could reveal email addresses for partnered creators and resulted in a $20,000 bounty. Details are limited in the post, but its a reminder that privacy-impacting enumeration bugs can still land high payouts when scope and exploitation are clear.

CVE-2025-2294: Unauthenticated Spring SpEL RCE via Gateway + Bypass Tricks [𝕏 Tweet]
by 0x0smilex

This tweet highlights CVE-2025-2294, described as an unauthenticated SpEL injection leading to RCE through a gateway exposure. It also references pragmatic path/header bypass patterns (e.g., /..;/ and X-Original-URL) commonly used to reach protected backend routes.

Tiny 403 Bypass Payload Report: ';%09..' [𝕏 Tweet]
by A.Mugh33ra

A.Mugh33ra shared a minimal payload (;%09..) that reportedly bypassed a 403 filter in testing. Its a quick addition to a path-bypass toolkit when probing access control or filter-based blocking in front of sensitive endpoints.

GraphQL-to-REST Path Variable Traversal: Checking for Internal Endpoint Exposure [𝕏 Tweet]
by rikeshbaniya (@rikeshbaniya)

This tweet notes a common GraphQL anti-pattern where variables are interpolated into REST paths, creating a path traversal surface. It suggests testing for directory traversal and path manipulation to reach internal/admin REST routes that were never intended to be exposed via GraphQL.

Did I miss something? Tell me.

Did you like this week's drop?

Please share feedback.

Yes|
No

Because Disclosure Matters: This newsletter was produced with the assistance of AI. While I strive for accuracy and quality, not all content has been independently vetted or fact-checked. Please allow for a reasonable margin of error. The views expressed are my own and do not reflect those of my employer.

Disclosed. January 26, 2026. AI Safe Harbor, Salesforce OAuth Token Theft, New Features, Masterclasses, and more.

Did you like this week's drop?

Keep Reading