Disclosed. July 6, 2025: Zhero & Geluchat Story Spotlights, Bug Bounty Village CTF & Badge, and more.

Each week, 3 readers will win a 1-month PentesterLab Pro license, completely free. Refer a friend to the newsletter to enter.

Shout out to this week’s winners (I will email you):

sarazf3
binsec01
demo.hack100

PentesterLab is one of the best hands-on platforms for learning web security, with real-world vulnerabilities, private labs, and practical exercises trusted by professionals and bug bounty hunters worldwide.

Huge thanks to PentesterLab for sponsoring this giveaway and supporting the Disclosed. community. ❤️

DEF CON 33 Bug Bounty Badge Revealed [🔗 Tweet]
by Bug Bounty Village

The tweet announces the giveaway of this year's Bug Bounty badge at DEF CON 33, sponsored by Inspectiv, with 400 badges available for free to in-person attendees.
Read more →

Bug Bounty Village Launches Their inaugural CTF [🔗 Tweet]
by Bug Bounty Village

Bug Bounty Village is hosting a Capture the Flag competition at DEF CON 33, both online & in-person. Pre-registration is now open at bbv.ctf.ae
Read more →

Insights and Strategies for a Successful Bug Bounty Journey [🔗 Blog ]
by zhero

Zhero distills years of bug bounty experience into a thoughtful guide: a candid look at how to turn curiosity and skill into a sustainable income. He emphasizes choosing clear goals, finding a niche, investing your time strategically, and continuously learning — all while giving back to the community that helped you grow.
Read more →

Transitioning from Pentester to Full-Time Bug Bounty Hunter [🔗 Blog ]
by Geluchat

The author shares their insights on transitioning from pentesting to full-time bug bounty hunting, discussing personal experiences and lessons learned.
Read more →

Have something you want to Spotlight? Tell me.

Designing Secure AI Systems [🔗 Tweet]
by HackerOne

HackerOne published a blog detailing how they ensure their AI security agent, Hai, operates securely and respects data privacy. A good read if you’re curious about how AI and bug bounty can coexist responsibly.
Read more →

Bugcrowd Enhances Triage Transparency for Security Programs [🔗 Tweet]
by bugcrowd

Bugcrowd introduces new in-platform features to enhance transparency for hackers regarding triage performance and speed of response from security programs.
Read more →

New Class of Desync Attack to Be Revealed at DEFCON [🔗 Tweet]
by James Kettle

The tweet announces the unveiling of a new class of desync attack at DEFCON, accompanied by a livestream that will explain the solution.
Read more →

Join the Free Hacking Meetup in Miami on September 20th [🔗 Tweet]
by xssdoctor

A free hacking meetup hosted by @Hacker0x01 Brand Ambassadors in Miami. It will feature remote hacking, talks, and food, scheduled for September 20th.
Read more →

Django Joins curl in Pushing Back on AI Slop Security Report... [📓 Blog]
by Sarah Gooding

Django has updated its security policies to reject AI-generated vulnerability reports that contain fabricated or unverifiable content. This move aims to combat misleading submissions from AI tools, emphasizing reporter responsibility for accuracy.
Read more →

Did I miss an important update? Tell me.

GitHub - sl4x0/ghmon: Automated GitHub/GitLab secret scanning with smart alerting & monitoring. [📁 Tool]
by Abdelrhman Allam (sl4x0)

Introducing 'ghmon,' a command-line tool for automated secret scanning of GitHub and GitLab repositories using TruffleHog. It features smart alerts via Discord and Telegram, enabling both one-time scans and continuous monitoring.
Read more →

New Custom Shortcut Keys Feature in Caido v0.49.0 [🔗 Tweet]
by Caido

Caido v0.49.0 introduces custom shortcut keys allowing users to trigger workflows instantly, enhancing efficiency in the tool's usage.
Read more →

Have a favorite tool? Tell me.

Triple Trouble: Bypassing Sanitization to Steal Microsoft Tokens [📓 Blog]
by Asem Eleraky

This post explores a DOM-based XSS vulnerability, including payload tests and analysis of site behavior during exploitation leading to user data extraction, including tokens.
Read more →

XBOW – CVE-2025-49493: XML External Entity (XXE) Injection in Akamai CloudTest [📓 Blog]
by Diego Jurado

The discovery and exploitation of an XXE vulnerability in Akamai CloudTest are detailed, emphasizing the need for vigilance against legacy components that harbor security flaws.
Read more →

Denial of Service via Uncontrolled Recursive JSON Parsing in run-llama/llama_index  [📓 Write-Up]
by @0xmrniko

The post explores a Denial of Service vulnerability in the JSONReader of the llama_index library, stemming from uncontrolled recursive processing of deeply nested JSON. A proof of concept demonstrates the exploit.
Read more →

Hunting SSRF in a Single Page Application (SPA) — A Bug Bounty Breakdown [📓 Blog]
by Jabaribrown

This blog post details the author's journey in discovering an SSRF vulnerability within a Single Page Application, covering request interception and exploitation techniques using Burp Suite.
Read more →

Did I miss an important update? Tell me.

Exploring Client-Side Hacking Tools and Resources [🔗 Tweet]
by Gunnar Andrews

This tweet shares a primer on client-side hacking tools and encourages others to contribute their experiences in the area.
Read more →

Is this how Bug Bounty Ends (Ep. 129) [🎥 Video]
by Critical Thinking - Bug Bounty Podcast

This episode discusses significant updates in the bug bounty landscape, exploring AI's role in hacking and its impacts on vulnerability hunting methodologies.
Watch video →

Train Your XSS Muscles With Me! [🎥 Video]
by Medusa

In this video, you will train your XSS (Cross-Site Scripting) skills by solving challenges together, focusing on crafting payloads and techniques.
Watch video →

Exploring Bug Bounty Trends with Greg Sunday [🔗 Video]
by YesWeHack ⠵

YesWeHack interviewed ethical hacker and YouTuber gregxsunday about his journey from pentesting to full-time bug bounty hunting and content creation. He shares why authentication flaws fascinate him, how the hacking community’s creativity keeps the field vibrant, and his advice to beginners: start hunting early and learn as you go.
Watch video →

Insights on Transitioning into Cybersecurity with James Kettle [🔗 Video]
by Tib3rius

James Kettle (albinowax), Director of Research at PortSwigger, shares how boredom at university led him into hacking and eventually to groundbreaking security research on topics like request smuggling and cache poisoning. In this interview, he explains his research process, advice for aspiring researchers, handling dead ends, and the importance of curiosity, persistence, and publishing findings to advance the field.
Watch video →

New SecMeet Episode with Justin Gardner on Bug Bounty Insights [🔗 Tweet]
by Amr Elsagaei (@amrelsagaei)

Justin Gardner (rhynorater), full-time bug bounty hunter and host of Critical Thinking Bug Bounty Podcast, shares his mindset, workflow, and advice for thriving in the competitive and collaborative world of bug bounty hunting. He emphasizes persistence, curiosity, collaboration, and self-reliance—urging beginners to dig deeper, keep learning, and treat hacking as a craft that rewards experience and innovation over shortcuts.
Read more →

Mozilla JUST Got HACKED [🎥 Video]
by DeadOverflow

This video delves into a privilege escalation vulnerability in Mozilla VPN, showcasing how attackers can gain root access on macOS and explore parallels with Windows systems.
Watch video →

Reverse Engineering a Remote Control Dog Collar's Transmission [🔗 Video]
by Matt Brown

In this video, Matt Brown reverse-engineers a remote-controlled shock collar, uncovering its RF protocol using a software-defined radio and tools like Universal Radio Hacker. He explores the device’s hardware, identifies packet structures and fields, and demonstrates how to analyze and decode its over-the-air signals despite challenges like missing FCC labeling and an unknown checksum algorithm.
Watch video →

Did I miss something? Tell me.

Insights from 170+ Hours of Hacker Interviews [🔗 Blog ]
by Shreyas Chavhan

After studying 170 hours of interviews with top hackers, Shreyas Chavhan distilled their wisdom into an, actionable reflection.
Read more →

Insightful Story of LHE from LeHack Event [🔗 Blog ]
by Aituglo

The author recaps their experience at LeHack and the Live Hacking Event (LHE) by YesWeHack, where they found several critical vulnerabilities and secured first and second place with a teammate, earning a $20k bounty. They also reflect on recon tools, ongoing projects, and their personal goals, celebrating progress in both work and life.
Read more →

Essential Docker Commands for Ethical Hackers [🔗 Cheetsheet]
by Hacking Articles

This tweet provides a comprehensive cheat sheet of Docker commands beneficial for those engaged in infosec and bug bounty hunting.
Read more →

Uncovering Hidden Bug Bounty Programs with Advanced Search Engines [📓 Blog]
by AbhirupKonwar

This blog discusses advanced reconnaissance techniques for uncovering hidden bug bounty programs, focusing on tools like NerdyData for identifying opportunities.
Read more →

JWT Warfare: Obfuscation, Cracking, and Red Team Exploits [📓 Blog]
by Shadow Packet

This article explores JWT exploitation techniques, providing practical commands and defense strategies, and discusses algorithm confusion attacks.
Read more →

OAuth Misconfigurations: Real-World Examples and Exploitation Tips [📓 Blog]
by Karthikeyan Nagaraj

This article addresses common OAuth misconfigurations with practical exploitation tips, making it a valuable resource for security analysts and bug bounty hunters.
Read more →

Comprehensive Guide to CaidoIO on Bugcrowd [🔗 Tweet]
by Ninjeeter

This tweet shares a guide on using CaidoIO within Bugcrowd to assist researchers in improving their submissions.
Read more →

Log4Shell (Log4J): Advanced Exploitation Guide [📓 Blog]
by Intigriti

Exploring the Log4Shell vulnerability's implications in 2025, this article details techniques for identifying vulnerable targets and effective payload delivery.
Read more →

Did I miss something? Tell me.

Exploiting UUID Queries to Access Private Conversations [🔗 Tweet]
by sshell

This tweet shares a technique for exploiting UUID storage in Supabase, allowing access to private conversations within an AI application.
Read more →

Nginx Path Normalization vs. Backend Handling Vulnerabilities [🔗 Tweet]
by André Baptista

The tweet discusses potential bypassing of Nginx's path normalization by backend systems like Node.js or PHP, which can lead to unauthorized access.
Read more →

Finding UUIDs Through Community Discord Servers [🔗 Tweet]
by Rikesh Baniya

The tweet suggests joining community Discord servers to uncover UUIDs, as users frequently share error messages for assistance.
Read more →

Bypassing Cloudflare WAF Using Specific Payloads [🔗 Tweet]
by N$

The tweet presents payloads capable of bypassing Cloudflare's Web Application Firewall, showcasing an attack vector for bug bounty hunters.
Read more →

Escalate XSS Impact by Stealing Cookies [🔗 Tweet]
by piyushpcs1

The tweet emphasizes demonstrating real-world impact in XSS exploits through cookie theft escalation techniques.
Read more →

Effective Techniques for Discovering SSRF Vulnerabilities [🔗 Tweet]
by Pratik Dabhi

This tweet outlines strategies for identifying SSRF vulnerabilities, including testing specific parameters and utilizing Burp Collaborator.
Read more →

Did I miss something? Tell me.

Because Disclosure Matters: This newsletter was produced with the assistance of AI. While I strive for accuracy and quality, not all content has been independently vetted or fact-checked. Please allow for a reasonable margin of error. The views expressed are my own and do not reflect those of my employer.