bounty-hunters

Operation Bounty Hunter — Predator Squad "If it bleeds, we...

MAL-2025-6915 Malicious code in bug-bounty-hunter (npm)

The package communicates with a domain associated with malicious activity...

Malicious Package

Overview hach-package-manager-bounty-hunter is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerabl...

Malicious code in hach-package-manager-bounty-hunter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7830cdcbec685c8f75626afbd54124f9810cf68a721b063d9c4361cf3375c879 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-3549 Malicious code in hach-package-manager-bounty-hunter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7830cdcbec685c8f75626afbd54124f9810cf68a721b063d9c4361cf3375c879 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Twitter Algorithmic Bias: Underrepresentation Bias through Twitter's Cropping Algorithm

Bounty Hunter Name: CyberQueenMeg About You: Megan, also known as CyberQueenMeg, is a passionate rising cybersecurity professional who is interested in programming, cybersecurity, and web development. Megan is a high school senior in a rigorous computer science program at her high school where sh...

Flaw allowed bypassing verification code, log in to any Microsoft account

By Deeba Ahmed A bug bounty hunter has identified and reported a vulnerability that allowed an attacker to log in to any Microsoft account. This is a post from HackRead.com Read the original post: Flaw allowed bypassing verification code, log in to any Microsoft account...

Critical GitLab Flaw Earns Bounty Hunter $20K

A critical GitLab vulnerability, which could be leveraged by a remote attacker to execute code, recently netted a researcher a $20,000 bug-bounty award. The flaw was reported to GitLab by software developer William Bowling via the HackerOne bug bounty platform on March 23. It was then disclosed...

This Flaw Could Have Allowed Hackers to Hack Any Instagram Account Within 10 Minutes

Watch out! Facebook-owned photo-sharing service has recently patched a critical vulnerability that could have allowed hackers to compromise any Instagram account without requiring any interaction from the targeted users. Instagram is growing quickly—and with the most popular social media network ...

Google Patches Critical Vulnerabilities in Android OS

Google patched six critical remote code execution flaws in its Android operating system as part of its October Android Security Bulletin. Four of those remote code execution flaws are tied to Android’s Media framework and impact a wide range of Android devices including Google’s Pixel and Nexus...

Semrush: XSS on redirection page( Bypassed)

Hello Semrush Team, In this report id 311330, I was filled duplicate and redirection url is fixed which made me feel happy as deserving bounty hunter gets a reward. However, after fixing from last night, I finally bypassed the redirection method which not only Triggered Xss, but also it redirects...