Meta Pays Bug Bounty for an MFA Bug
Meta has paid a bug bounty to a researcher for disclosing the details of a two-factor authentication vulnerability for confirming a phone number, and the email address did not have…
Twitter data breach is due to a ZeroDay Vulnerability
A threat actor has leaked data of 5.4 million Twitter accounts last month that were obtained by exploiting a now-fixed vulnerability in the popular social media platform. Stolen data offered for sale…
HackerOne Bug Bounty Report Leak
HackerOne says an employee stole vulnerability disclosure reports submitted via its platform to claim the bounty from the company's partners for themselves. Bug bounty programs are initiated by companies to…
LinkedIn Bug Bounty with bumped rewards goes public
LinkedIn’s invite-only bug bounty program has been running since 2014 getting replaced by a public bug bounty. Security vulnerabilities that are rated critical which are discovered on the business-oriented platform…
A Hefty Bug Bounty Payed Out By Apple !
Security vulnerabilities in Apple iCloud and Safari 15 could have enabled attackers to compromise macOS webcams and can victimise online users A reward of $100,500 bug bounty for the universal…
CDN Cache Poisoning DDoS’ed Cloud Apps
Researchers has discovered more than 70 flaws in combinations of cloud applications and content delivery networks (CDNs) that could be used to poison the CDN caches and result in DoS…
Bug Bounty Programs Flooded With Log4j Findings
Big hunters have already submitted thousands of vulnerability reports related to the Apache Log4j bug that continues to send shockwaves through the global software ecosystem. The critical, CVSS 10-rated flaw…
Posted inSecurity
Zerodium Looking for VPN Zero Days
Zerodium an exploit purchase agency announced that it’s looking to buy zero-day exploits targeting popular VPN software. Specifically wants to acquire exploits that work against the Windows versions of the…