HackerOne: Being able to disclose IBB bounty table of any public program

A private Internet Bug Bounty IBB bounty table was disclosed. The IBB bounty table contained information about the reward amounts for critical, high, medium, and low vulnerabilities in open-source projects...

HackerOne: Takeover of hackerone.engineering via Github

The hacker was able to take over the hackerone.engineering domain after a brief misconfiguration window on GitHub. They claimed the domain in their own repository while the DNS records were still pointing towards GitHub. The issue has been resolved and no malware was found on the site during the...

HackerOne: Denial Of Service (Out Of Memory) on Updating Bounty Table [Urgent]

Hello, Summary: There is a bug in Updating Bounty Table section causing Denial Of Service , specifically loading up the memory usage Out Of Memory. This happens when you visit a corrupted bounty table of a target program. I didn't figure out yet how this issue happened but I am reporting it now...

HackerOne: Response program can create bounty table

Summary: Follow h1 document https://docs.hackerone.com/programs/bounty-tables.htmlgatsby, create bounty table only available for bounty program. Description: Step1: Create request to graphql entrypoint Step2: Change team id in parameter like this: "teamid":"Z2lkOi8vaGFja2Vyb25lL1RlYW0vMzYyOTE="...