Welcome to Disclosed.
Hey there! I’m finally back home from my trip around the world (literally!) and super excited about all the announcements this week. Between crowning the LHE winners, announcing new H1-Elites, and sharing a bunch of new program updates, there’s a lot to cover!
Let’s dive in.
In This Issue
H165 Live Hacking Event Winners Announced in Singapore [🔗 Tweet]
by Hacker0x01
H1-65 live hacking event with @tiktok_us and @okx in Singapore wrapped up and winners have been crowned:
Overall:
Most Valuable Hacker: corraldev
Community Choice: nadino
Best Collab: kevin_mizu, shubs, hashkitten & hackerontwowheels, ledz1996
For TikTok:
Vigilante: m4II0K
Eliminator: avishai
Exterminator(s): kevin_mizu, shubs, hashkitten
For OKX:
Vigilante: corraldev
Eliminator: hackerontwowheels, ledz1996
Exterminator: corraldev
Our #H165 live hacking event with @tiktok_us and @okx in Singapore was a big success! It's time to celebrate this year's winners. Here we go... 🥁
For TikTok:
Eliminator: avishai
Exterminator: kevin_mizu, shubs, hashkitten
Vigilante: m4II0KFor OKX:
Eliminator:— #HackerOne (#@Hacker0x01)
5:39 PM • Oct 6, 2025
HackerOne H1-468 Winners Announced [🔗 Tweet]
by HackerOne
H1-468 live hacking event in Stockholm wrapped up and winners have been crowned:
Winners:
Most Valuable Hackers & Best Collaboration: blaklis, snorlhax, doomerhunter
Eliminator: holyfield
Eradicator & Exterminator: rhynorator
Community Choice: joaxcar
Epic Unreal Hacker: ali
Congratulations to the #H1468 award winners! 🎉 Thank you for your incredible work in Stockholm. Your contributions help make the digital world safer for everyone.
Most Valuable Hackers & Best Collaboration:
-blaklis
-snorlhax
-doomerhunterEliminator:
-holyfieldEradicator &
— #HackerOne (#@Hacker0x01)
6:34 PM • Sep 29, 2025
New H1-Elite Members Announced📍 Global HackerOne Community [🔗 Tweet]
HackerOne welcomes five new H1-Elite members for 2025 — a recognition reserved for the platform’s top security researchers.
New H1-Elites:
Congratulations to the 2025 H1-Elites — a milestone for excellence in ethical hacking!
Explore →
Congratulations to the new @Hacker0x01 H1-Elite members, @niemand_sec, @ArchAngelDDay and @mallocsys. Well deserved. Some More to come soon! Stay tuned!
— #Ariel Garcia (#@Arl_rose)
10:48 AM • Sep 26, 2025
AI Bug Research Awarded at Google VRP Mexico [🔗 Tweet]
by busf4ctor
busfactor and monkehack celebrate a strong finish at Google VRP Mexico BugSwat, earning Best AI VRP Researchers and securing 2nd place overall.
Explore →
Today was huge! @monkehack and I took 2nd place in the @GoogleVRP Mexico BugSwat and won Best AI VRP Researchers!
— #Vitor Falcão "busfactor" (#@busf4ctor)
3:58 AM • Oct 5, 2025
Have something you want to Spotlight? Tell me.
European Commission’s latest bug bounty tender won by YesWeHack [🔗 Tweet]
by YesWeHack
YesWeHack has secured a significant four-year contract with the European Commission to provide bug bounty services focused on enhancing security for open source assets and improving vulnerability disclosure policies. The initiative aims to strengthen the digital security of EU entities and highlights the value of community-built software in mitigating cyberthreats.
Read More →
HackerOne paid $81 million in bug bounties over the past year [📓 Blog]
by Sergiu Gatlan
HackerOne has distributed $81 million in rewards to ethical hackers within the past year, showing a 13% increase compared to previous years. The platform now hosts over 1,950 bug bounty programs, with the average payout reaching approximately $42,000 per program. This report highlights a sharp rise in AI-related vulnerabilities, particularly with prompt injection flaws increasing by 540%, while traditional vulnerabilities like XSS are on the decline.
Read More →
Immunefi Introduces New Anti-Spam Rules [🔗 Tweet]
by immunefi
Immunefi has rolled out new anti-spam rules as of October 1st to enhance the experience for genuine researchers, affecting new users and those with no paid reports.
Explore →
Starting Oct 1st, new anti-spam rules go live on Immunefi for Audit Competitions and Bug Bounty Programs.
They cut spam and improve the experience for good-faith researchers.
Important: these rules only apply to new users and SRs with 0 paid reports.
1/6
— #Immunefi (#@immunefi)
10:19 AM • Oct 1, 2025
SimpliSafe Program Launches with Up to $6,000 Payouts [🔗 Tweet]
by Bugcrowd
The SimpliSafe Bug Bounty Program has officially opened, offering rewards of up to $6,000 for identifying vulnerabilities in their smart home security systems.
Explore →
Hackers, it’s go time. 🚨
The SimpliSafe Bug Bounty is now open to the public. With payouts up to $6,000, this is your chance to dig into one of the most widely used smart home security systems out there.
Whoooooo's ready 🙋: bugcrowd.com/engagements/si…
— #bugcrowd (#@Bugcrowd)
1:19 PM • Oct 1, 2025
KuCoin Launches Program with Up to $15,000 Rewards [🔗 Tweet]
by TomKuCoin
The KuCoin Bug Bounty Program is now available on Bugcrowd, offering rewards up to $15,000 for vulnerabilities such as RCE, XSS, and beyond across both web and mobile platforms.
Explore →
🚨 Calling all security researchers!
KuCoin’s Bug Bounty Program is live on @Bugcrowd.
💰 Rewards up to $15,000
🔒 Scope: Web & Mobile
🛡️ Risks: RCE, XSS, IDOR, 2FA bypass, API abuse, and more
Join us in strengthening the security of the ecosystem 👇
bugcrowd.com/engagements/ku…— #Tom (#@TomKuCoin)
3:52 AM • Oct 2, 2025
HackerOne & Portswigger Bionic Hacking Webinar [🔗 Tweet]
by albinowax
Announcing a webinar titled 'Bionic Hacking,' the tweet explores how AI is revolutionizing hacker techniques and strategies for deepening and accelerating exploits.
Explore →
Hackers are becoming builders - by integrating AI enhancements they’re amplifying their unique tradecraft to hack deeper, faster. I'll be sharing my vision of the future of hacking in @Hacker0x01's 'Bionic Hacking' webinar on October 15! Register here:
— #James Kettle (#@albinowax)
2:43 PM • Oct 3, 2025
HackerOne Releases 2025 Hacker-Powered Security Report [🔗 Tweet]
by Hacker0x01
The 2025 report, The Rise of the Bionic Hacker, highlights a 210% increase in AI vulnerabilities, a 540% surge in prompt injection reports, and that 67% of researchers use AI to speed up their workflows.
Explore →
It's here! The 2025 Hacker-Powered Security Report: The Rise of the Bionic Hacker.
Key findings:
📈 210% increase in valid AI vulns
💥 540% surge in prompt injection reports
🤖 67% of researchers use AI to speed up workflowsCybersecurity Awareness Month is the perfect time to
— #HackerOne (#@Hacker0x01)
1:03 PM • Oct 1, 2025
NetScaler Launches Public Bug Bounty Program [🔗 Tweet]
by Hacker0x01
Cloud Software Group has officially launched a public bug bounty for NetScaler on HackerOne — inviting global security researchers to help uncover vulnerabilities and strengthen defenses.
Explore →
HTB x HackerOne AI Red Teaming CTF Concludes [🔗 Tweet]
by Hacker0x01
The HTB x HackerOne AI Red Teaming CTF wrapped up with 500+ participants testing AI systems’ limits.
🏆 Congrats to the Top 3 and Top 10 for their creativity and persistence.
Explore →
The HTB x HackerOne AI Red Teaming CTF has wrapped!
Congratulations to our winning teams 🏆 and a shoutout to the Top 3 and Top 10 for their creativity and persistence in pushing AI systems to their limits.
Thank you to all 500 researchers who joined, played, and shared their
— #HackerOne (#@Hacker0x01)
9:49 PM • Sep 29, 2025
Mind Cathedral in Progress [🔗 Tweet]
by Bugcrowd
In just one week of Hacker Showdown: Mind Cathedral:
🐞 50+ teams found high-impact vulnerabilities
📬 300+ submissions logged
👑 Black Hat Cartel led with 20+ vulnerabilities
Top finds: Broken Access Control, Privilege Escalation, Sensitive Data Exposure, XSS.
Explore →
In just one week of Hacker Showdown: Mind Cathedral 👇
🐞 50+ teams hit high-impact vulnerabilities
📬 300+ submissions rolled in
👑 Black Hat Cartel took the early lead with 20+ vulnerabilities
😈 Top finds: Broken Access Control, Privilege Escalations, Sensitive Data Exposure,— #bugcrowd (#@Bugcrowd)
5:18 PM • Oct 6, 2025
ProConnect Launches Public Program [🔗 Tweet]
by YesWeHack
YesWeHack launches a public bounty for ProConnect, an open-source authentication platform supported by @Numerique_Gouv.
💰 Rewards up to €5,000 for valid reports.
Explore →
🚨 New Public #BugBounty Program!
All hackers on @yeswehack can now test #ProConnect - the open-source, unified authentication solution designed for private and public pros, and supported by @Numerique_Gouv.
💰 Rewards up to €5K.
Ready to try? 👉 yeswehack.com/programs/proco…
— #YesWeHack ⠵ (#@yeswehack)
6:45 AM • Sep 29, 2025
Google Announces Dedicated AI Vulnerability Reward Program [🔗 Tweet]
by GoogleVRP
Google has introduced a new AI Vulnerability Reward Program (AI VRP) that builds on its earlier efforts to reward security and abuse-related bug reports in AI products, offering up to $30,000 for high-impact findings. The updated program clarifies scope, unifies abuse and security reporting, and focuses on technical vulnerabilities—excluding content-related issues like jailbreaks or alignment flaws, which should instead be reported through in-product feedback.
Explore →
📣 We're delighted to announce our new, dedicated AI Vulnerability Reward Program 🥳 🎉!
Join us in taking a look back at two years of AI bug bounties at Google and exploring the new AI VRP 👇
— #Google VRP (Google Bug Hunters) (#@GoogleVRP)
3:30 PM • Oct 6, 2025
Did I miss an important update? Tell me.
graphql-cop [📁 Tool]
by dolevf
GraphQL Cop is a Python utility built for security audits of GraphQL APIs, targeting vulnerabilities like alias overloading and information leaks. It boasts CI/CD integration, providing detailed vulnerability outputs with reproducible cURL commands. This lightweight tool is designed for both manual and automated security testing in GraphQL environments.
View the tool →
HTML-Search-Engine---Chrome-extension [📁 Tool]
by dirtycoder0124
This Chrome extension autonomously scans web pages and internal links for user-defined keywords, storing results and issuing alerts. Its functionality is crucial for bug hunters looking to pinpoint vulnerabilities like XSS via parameter discovery. The extension is lightweight, easy to install, and provides real-time scanning, making it effective for security testing across diverse web applications.
View the tool →
file_upload_payloads [📁 Tool]
by h6nt3r
This GitHub repository offers a collection of payloads specifically for exploiting reflected cross-site scripting (rxss) vulnerabilities in file uploads. Each payload highlights different attack vectors relevant in bug bounty contexts, providing various file formats and exploiting methods, to assist researchers in real-world applications.
View the tool →
Gemini-API-Key-Exposure-Scanner [📁 Tool]
by MuhammadKhizerJaved
The Gemini API Key Exposure Scanner validates Google API keys against Gemini endpoints to assess their capabilities. It provides a capability matrix of available models, conducts safe probes for diverse functionalities, and can auto-generate comprehensive Markdown reports for seamless integration into bug bounty platforms. User-friendly and easy to install, the tool is crafted for active researchers.
View the tool →
Have a favorite tool? Tell me.
Exposure of Personal Information of Oscar Nominees [🔗 Tweet]
by galnagli
A significant data leak revealing home addresses and phone numbers of Academy Award nominees underscores vulnerabilities in data management processes leading up to the Oscars.
Explore →
We accidentally got access to every Academy Award nominee's home address and phone number.
Before last year's Oscars Ceremony, together with @iangcarroll and @samwcyo, we found a way to leak every nominee's PII, including phone numbers and home addresses of the biggest actors
— #Nagli (#@galnagli)
7:30 AM • Oct 5, 2025
Deep Dive into NPM Software Supply Chain Attack Techniques [🔗 Tweet]
by 0xLupin
Teasing an upcoming in-depth article, this tweet will detail innovative techniques for hacking the npm software supply chain, offering valuable insights for bug bounty hunters.
Explore →
We Hacked the npm #SoftwareSupplyChain of 36 Million Weekly Installs with @adnanthekhan 🔥
In a few hours, the article will release online 😁
This will be a huge deep dive with a lot of takeaways for #BugBounty hunters with crazy attack chains ;D
I'm looking forward to it 🤟
— #Lupin (#@0xLupin)
12:16 PM • Oct 3, 2025
Did I miss an important update? Tell me.
World's First Hackbot Show & Tell Video of @BugBountyDEFCON’s CTF [🔗 Tweet]
by ethiack
This tweet announces a video showcasing a hackbot demonstration, though it lacks specific insights into security techniques.
Explore →
You’re about to see the world’s first show & tell from a hackbot. Enjoy!
— #Ethiack (#@ethiack)
5:30 PM • Oct 3, 2025
These Hackers Made $40,000 Doing This [🎥 Video]
by NahamSec
Using Caido and ffuf, the video chains an LFI-exposed incident report, extracted admin credentials, and a Groovy console RCE to replicate a $40K bounty.
Watch full video →
All You Need to Start Bug Bounty: The 3 Essentials [🎥 Video]
by AmrSec
A focused, beginner-friendly guide that strips down bug bounty to just three must-have tools or techniques.
Watch full video →
Gr3pme’s Full-Time Hunting Journey & AI Research Update [🎥 Video]
by Critical Thinking - Bug Bounty Podcast
In this episode of Critical Thinking – Bug Bounty Podcast, Rez0 and Gr3pme discuss WebSocket research, Meta’s $111,750 bug, PROMISQROUTE, and what it’s like going full-time in bug bounty.
Watch full video →
Automate Bug Bounty Using Kali Linux AI MCP Server [🎥 Video]
by ZeroDay Gym
The video demonstrates how to install and configure the new MCP Kali server on Kali Linux, connect it to an LLM (the creator uses GitHub Copilot in VS Code), and run commands through the model to control the machine. The presenter then tests the setup against a portfiger.net reflected XSS lab — the LLM quickly finds and proves the XSS with a pop-up alert while a Nikto scan fails to detect it.
Watch full video →
Did I miss something? Tell me.
How to find RCE: A list of pathways and detection methods | Bugcrowd [📓 Blog]
by Luke (hakluke) Stephens
This comprehensive guide details techniques for identifying and exploiting Remote Code Execution (RCE) vulnerabilities, focusing on command injection, unsafe code evaluations, and server-side template injections. It discusses various contexts and offers practical tips for confirming and escalating RCE vulnerabilities effectively.
Read more →
How to test NextJS applications [📓 Blog]
by Daoud Youssef
This security testing guide for Next.js applications addresses vulnerabilities like SSRF, XSS, CSTI, SSTI, and CSRF. It explains Next.js features crucial for assessments, and recommends testing strategies for template injections and data leaks while discussing specific payloads and tools. The article emphasizes different attack vectors and best practices for safeguarding applications.
Read more →
Hunting for secrets in bug bounty targets | Intigriti [📓 Blog]
by blackbird-eu
This article reviews techniques for discovering secrets in bug bounty programs, including methods like GitHub dorking and analyzing JavaScript files. It guides researchers in locating hard-coded secrets, API keys, and misconfigured files, encouraging the use of practical tools for better reconnaissance outcomes.
Read more →
Workshop on React createElement XSS Now Available [🔗 Tweet]
by ctbbpodcast
Promoting a workshop that focuses on employing React's createElement for identifying XSS vulnerabilities, this tweet is accessible for community members via Discord.
Explore →
If you haven’t seen it yet, @7urb01 gave us a full workshop on React createElement XSS.
It’s up and available for all Critical Thinkers in our Discord!- CTBB Ep. 141
— #Critical Thinking - Bug Bounty Podcast (#@ctbbpodcast)
5:37 PM • Oct 5, 2025
Hunting for SSRF vulnerabilities in Next.js targets [📓 Blog]
by blackbird-eu
This blog post examines SSRF vulnerabilities within Next.js, discussing how the framework's functionalities could lead to exposure. It highlights specific vulnerabilities linked to the Next.js Image component and provides examples for exploiting these weaknesses, urging safe testing through public bug bounty programs on Intigriti.
Read more →
Did I miss something? Tell me.
Escalating XSS to SSRF via PDF Generators [🔗 Tweet]
by intigriti
The tweet outlines methods for escalating XSS vulnerabilities into SSRF through misconfigurations in PDF generators, highlighting the risk of sensitive information leakage, including AWS metadata.
Explore →
🔁 XSS can (on some occasions) be escalated into an SSRF!
That's at least when a PDF generator is incorrectly implemented... 👀
In our comprehensive article, we show you exactly how you can start hunting for injection vulnerabilities in PDF generators to achieve SSRF and leak
— #Intigriti (#@intigriti)
9:07 AM • Oct 6, 2025
Leverage Response Manipulation to Discover Hidden Routes [🔗 Tweet]
by 4osp3l
This tweet advises using response manipulation techniques on login panels to uncover hidden routes, potentially leading to the exposure of sensitive user information.
Explore →
Bug Bounty Tip :
It's a login panel, try response manipulation, this could force the webapp to disclose hidden routes ( e.g. /v1/users ); accessing "/v1/users" returned a list of users PII.
Tamper login response --> app shows hidden path --> PII leak.
— #Gospel (#@4osp3l)
10:57 AM • Oct 5, 2025
Learn 4 Vulnerability Types in 400 Seconds [🔗 Tweet]
by intigriti
In this tweet, a thread is introduced that aims to teach beginners about four different types of vulnerabilities relevant to bug bounty hunting.
Explore →
Just getting started with bug bounty? Learn 4 vulnerability types in 400 seconds! 🤠
A thread! 🧵 👇
— #Intigriti (#@intigriti)
9:08 AM • Oct 3, 2025
Team Secures $125,000 Bug Bounty on Hacker0x01 [🔗 Tweet]
by Blaklis_
A team, including Blaklis, boasts a $125,000 bounty secured on Hacker0x01 for identifying a singular bug, illustrating the potential rewards within bug bounty programs.
Explore →
Yay, we (@DoomerOutrun Snorlhax and I) were awarded a $125,000 bounty on @Hacker0x01, for a single bug! Thanks, Epic!
hackerone.com/blaklis #TogetherWeHitHarder
— #Blaklis (#@Blaklis_)
8:37 AM • Sep 30, 2025
In-Depth Guide to Reflected XSS Attacks [🔗 Tweet]
by Bugcrowd
This tweet leads to a detailed guide on reflected XSS attacks, covering their mechanics, identifying common vulnerability locations, and exploitation methods, underlining the necessity for practice with vulnerable targets.
Explore →
Reflected XSS [EXPLAINED]
🪲 Injected JavaScript executed via URL
A reflected XSS occurs when attacker-supplied JavaScript is embedded in a URL parameter, reflected by the server or client, and executed in the browser. This yields immediate script execution in the victim’s
— #bugcrowd (#@Bugcrowd)
6:07 PM • Sep 30, 2025
Did I miss something? Tell me.
Because Disclosure Matters: This newsletter was produced with the assistance of AI. While I strive for accuracy and quality, not all content has been independently vetted or fact-checked. Please allow for a reasonable margin of error. The views expressed are my own and do not reflect those of my employer.