Y Hacker News new | ask | show | jobs

user: infosecau created: 2013-09-07 karma: 1088 submissions: The down fall of bug bounties 2 points | 0 comments High fidelity check for Next.js/RSC RCE (CVE-2025-55182 and CVE-2025-66478) 3 points | 0 comments Analyzing the Next.js Middleware Bypass (CVE-2025-29927) 2 points | 0 comments 0 points | 0 comments 0 points | 0 comments So, you want to get into bug bounties? 2 points | 0 comments Exploiting Static Site Generators: When Static Is Not Static 21 points | 0 comments 0 points | 0 comments Abusing functionality to exploit a super SSRF in Jira Server (CVE-2022-26135) 1 points | 0 comments Cloudflare Pages, part 1: The fellowship of the secret 28 points | 2 comments Hacking a Bank by Finding a 0day in DotCMS 3 points | 0 comments 0 points | 0 comments Eliminating Dangling Elastic IP Takeovers with Ghostbuster 2 points | 0 comments 0 points | 0 comments 0 points | 0 comments Turning Bad SSRF to Good SSRF: Websphere Portal 2 points | 0 comments 0 points | 0 comments 0 points | 0 comments Exploiting GraphQL 2 points | 0 comments 0 points | 0 comments Taking over Uber accounts through voicemail 15 points | 5 comments Hacking IIS 1 points | 0 comments 0 points | 0 comments Attack of the clones: Git clients remote code execution 5 points | 0 comments Finding Hidden Files and Folders on IIS Using BigQuery 1 points | 0 comments 0 points | 0 comments 0 points | 0 comments Hacking on Bug Bounties for Four Years 89 points | 10 comments Taking over Azure DevOps accounts with one click 118 points | 25 comments Expanding the Attack Surface: React Native Android Applications 37 points | 11 comments