⤷ Title: Time-of-check Time-of-use (TOCTOU) Race Condition Leads to Broken Authentication | Critical Finding
════════════════════════
𐀪 Author: Irsyad Muhammad Fawwaz
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 09:20:18 GMT
════════════════════════
⌗ Tags: #infosec #security #cybersecurity #bug_bounty #information_security
════════════════════════
𐀪 Author: Irsyad Muhammad Fawwaz
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 09:20:18 GMT
════════════════════════
⌗ Tags: #infosec #security #cybersecurity #bug_bounty #information_security
Medium
Time-of-check Time-of-use (TOCTOU) Race Condition Leads to Broken Authentication
Time-of-check Time-of-use (TOCTOU) Race Condition Leads to Broken Authentication How I started I was bored and started poking at random public bug bounty programs. As usual I began with subdomain …
⤷ Title: From 404 to $4,000: Real Bugs Found in Forgotten Endpoints
════════════════════════
𐀪 Author: Monika sharma
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 08:41:03 GMT
════════════════════════
⌗ Tags: #vulnerability #bug_bounty_tips #bug_bounty_writeup #technology #bug_bounty
════════════════════════
𐀪 Author: Monika sharma
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 08:41:03 GMT
════════════════════════
⌗ Tags: #vulnerability #bug_bounty_tips #bug_bounty_writeup #technology #bug_bounty
Medium
From 404 to $4,000: Real Bugs Found in Forgotten Endpoints
Most hunters scroll past a 404. I didn’t and that single dead-looking endpoint turned into a $4,000 bounty.
⤷ Title: When AI Hacks AI: The Next Frontier of Cybersecurity You’re Not Ready For
════════════════════════
𐀪 Author: NidoDesigns
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 09:59:00 GMT
════════════════════════
⌗ Tags: #artificial_intelligence #money #generative_ai_tools #hacking #technology
════════════════════════
𐀪 Author: NidoDesigns
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 09:59:00 GMT
════════════════════════
⌗ Tags: #artificial_intelligence #money #generative_ai_tools #hacking #technology
Medium
When AI Hacks AI: The Next Frontier of Cybersecurity You’re Not Ready For
The tools meant to protect us are now being turned against us — and it’s happening faster than we realise.
⤷ Title: How I turned Membership into a Paycheck
════════════════════════
𐀪 Author: StvRoot
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 09:19:53 GMT
════════════════════════
⌗ Tags: #technology #penetration_testing #hacking #programming #cybersecurity
════════════════════════
𐀪 Author: StvRoot
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 09:19:53 GMT
════════════════════════
⌗ Tags: #technology #penetration_testing #hacking #programming #cybersecurity
Medium
How I turned Membership into a Paycheck
Hacking leaderboard on chess.com to get paid
⤷ Title: CVE-2025–63644: Stored Cross-Site Scripting (XSS) Vulnerability in pH7 Social Dating CMS
════════════════════════
𐀪 Author: Rudransh Singh Rajpurohit
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 09:04:06 GMT
════════════════════════
⌗ Tags: #ethical_hacking #hacking #penetration_testing #cybersecurity #cve
════════════════════════
𐀪 Author: Rudransh Singh Rajpurohit
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 09:04:06 GMT
════════════════════════
⌗ Tags: #ethical_hacking #hacking #penetration_testing #cybersecurity #cve
Medium
CVE-2025–63644: Stored Cross-Site Scripting (XSS) Vulnerability in pH7 Social Dating CMS
Will be published in the next 24 hours
⤷ Title: CVE-2025–63645: Stored Cross-Site Scripting (XSS) Vulnerability in pH7 Social Dating CMS
════════════════════════
𐀪 Author: Rudransh Singh Rajpurohit
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 09:02:05 GMT
════════════════════════
⌗ Tags: #penetration_testing #cve #cybersecurity #ethical_hacking #hacking
════════════════════════
𐀪 Author: Rudransh Singh Rajpurohit
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 09:02:05 GMT
════════════════════════
⌗ Tags: #penetration_testing #cve #cybersecurity #ethical_hacking #hacking
Medium
CVE-2025–63645: Stored Cross-Site Scripting (XSS) Vulnerability in pH7 Social Dating CMS
“CVE-2025–63645:” is published by Rudransh Singh Rajpurohit.
⤷ Title: I Was Rejected From Every Cyber Internship. This Is My Comeback.
════════════════════════
𐀪 Author: 4yu5h
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 08:04:07 GMT
════════════════════════
⌗ Tags: #tech_career #security_operation_center #cybersecurity #hacking #internships
════════════════════════
𐀪 Author: 4yu5h
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 08:04:07 GMT
════════════════════════
⌗ Tags: #tech_career #security_operation_center #cybersecurity #hacking #internships
Medium
I Was Rejected From Every Cyber Internship. This Is My Comeback.
I have a passion for offensive security, but I couldn’t even get an interview. Here’s my new $0 plan to break into cybersecurity, starting…
⤷ Title: Detecting Joomla Admin GUI Attacks with Wazuh: A Rule-Based Approach
════════════════════════
𐀪 Author: Oliver Roca
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 09:27:25 GMT
════════════════════════
⌗ Tags: #threat_detection #cybersecurity #joomla #wazuh #information_security
════════════════════════
𐀪 Author: Oliver Roca
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 09:27:25 GMT
════════════════════════
⌗ Tags: #threat_detection #cybersecurity #joomla #wazuh #information_security
Medium
Detecting Joomla Admin GUI Attacks with Wazuh: A Rule-Based Approach
Joomla remains one of the most popular CMS platforms for small-to-medium businesses. However, its administrator interface is a frequent…
⤷ Title: Set Up Slack Leak Alerts in 60 Seconds
════════════════════════
𐀪 Author: Alexandre Vandamme
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 09:02:02 GMT
════════════════════════
⌗ Tags: #incident_response #data_breach #slack #cybersecurity #information_security
════════════════════════
𐀪 Author: Alexandre Vandamme
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 09:02:02 GMT
════════════════════════
⌗ Tags: #incident_response #data_breach #slack #cybersecurity #information_security
Medium
Set Up Slack Leak Alerts in 60 Seconds
Get LeakRadar alerts straight into Slack in one minute.
⤷ Title: We can’t trust even windows built in features
════════════════════════
𐀪 Author: Piyusha Akash
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 08:54:50 GMT
════════════════════════
⌗ Tags: #windows_exploitation #cybersecurity #api #windows #exploitation
════════════════════════
𐀪 Author: Piyusha Akash
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 08:54:50 GMT
════════════════════════
⌗ Tags: #windows_exploitation #cybersecurity #api #windows #exploitation
Medium
We can’t trust even windows built in features
Executing Shellcode with ReadDirectoryChanges’s Hidden Callback
⤷ Title: Why Passwords Are Dying and Passwordless Systems Are the Future
════════════════════════
𐀪 Author: Mohammad Soqar
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 08:51:58 GMT
════════════════════════
⌗ Tags: #cybersecurity #technology #user_experience #security #authentication
════════════════════════
𐀪 Author: Mohammad Soqar
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 08:51:58 GMT
════════════════════════
⌗ Tags: #cybersecurity #technology #user_experience #security #authentication
Medium
Why Passwords Are Dying and Passwordless Systems Are the Future
Passwords are broken. The future of login is smarter, faster, and finally human.
⤷ Title: Breaking Stored XSS Through Filter Bypass
════════════════════════
𐀪 Author: Abhishek Kumar
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 08:20:56 GMT
════════════════════════
⌗ Tags: #xss_attack #xss_bypass #cybersecurity #pentesting #web_application_security
════════════════════════
𐀪 Author: Abhishek Kumar
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 08:20:56 GMT
════════════════════════
⌗ Tags: #xss_attack #xss_bypass #cybersecurity #pentesting #web_application_security
Medium
Breaking Stored XSS Through Filter Bypass
Summary
⤷ Title: How I found SSTI into an AI model due to unsafe argument
════════════════════════
𐀪 Author: JEETPAL
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 10:51:54 GMT
════════════════════════
⌗ Tags: #ai_model #bug_bounty #ssti #bug_bounty_writeup #cybersecurity
════════════════════════
𐀪 Author: JEETPAL
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 10:51:54 GMT
════════════════════════
⌗ Tags: #ai_model #bug_bounty #ssti #bug_bounty_writeup #cybersecurity
Medium
How I found SSTI into an AI model due to unsafe argument
Hello
⤷ Title: JAuth picoCTF
════════════════════════
𐀪 Author: Aderogbarufai
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 09:57:37 GMT
════════════════════════
⌗ Tags: #picoctf #bug_bounty #ctf_writeup #jwt_authentication
════════════════════════
𐀪 Author: Aderogbarufai
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 09:57:37 GMT
════════════════════════
⌗ Tags: #picoctf #bug_bounty #ctf_writeup #jwt_authentication
Medium
JAuth picoCTF
This write-up is from picoGym Exclusive and it’s all about JavaScript Object Notation Web Token(JSON WEB TOKEN).
⤷ Title: Security researchers have identified two sophisticated Android malware strains — BankBot-YNRK and…
════════════════════════
𐀪 Author: SCtoCS
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 11:43:41 GMT
════════════════════════
⌗ Tags: #malware #bankbot #android #cybersecurity
════════════════════════
𐀪 Author: SCtoCS
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 11:43:41 GMT
════════════════════════
⌗ Tags: #malware #bankbot #android #cybersecurity
Medium
Security researchers have identified two sophisticated Android malware strains — BankBot-YNRK and…
Read the detailed breakdown here: https://sctocs.com/bankbot-ynrk-deliveryrat-android-trojans-financial-data/
⤷ Title: Chaos and Logistic Map Encryption
════════════════════════
𐀪 Author: Prof Bill Buchanan OBE FRSE
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 11:42:00 GMT
════════════════════════
⌗ Tags: #cybersecurity
════════════════════════
𐀪 Author: Prof Bill Buchanan OBE FRSE
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 11:42:00 GMT
════════════════════════
⌗ Tags: #cybersecurity
Medium
Chaos and Logistic Map Encryption
I’ve been reading Fluke: Chance, Chaos and Why Everything We Do Matters by Dr Brian Klaas and John Murray [here], and it outlines that…
⤷ Title: Cybercriminals Abuse Remote Monitoring Tools to Infiltrate Logistics and Freight Networks
════════════════════════
𐀪 Author: SCtoCS
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 11:39:48 GMT
════════════════════════
⌗ Tags: #remote #cybercriminals #cybersecurity #monitoring_tools
════════════════════════
𐀪 Author: SCtoCS
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 11:39:48 GMT
════════════════════════
⌗ Tags: #remote #cybercriminals #cybersecurity #monitoring_tools
Medium
Cybercriminals Abuse Remote Monitoring Tools to Infiltrate Logistics and Freight Networks
A recent wave of attacks is targeting the logistics and freight industry by abusing legitimate remote monitoring and management tools…
⤷ Title: CyberDefenders — Black Basta Lab (Writeup)
════════════════════════
𐀪 Author: Muhammed Alaa
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 11:39:25 GMT
════════════════════════
⌗ Tags: #cyber_kill_chain #cyberdefenders_writeup #splunk #threat_hunting #cybersecurity
════════════════════════
𐀪 Author: Muhammed Alaa
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 11:39:25 GMT
════════════════════════
⌗ Tags: #cyber_kill_chain #cyberdefenders_writeup #splunk #threat_hunting #cybersecurity
Medium
CyberDefenders — Black Basta Lab (Writeup)
Lab Link: https://cyberdefenders.org/blueteam-ctf-challenges/black-basta/
⤷ Title: Day 1: Rules of engagement
════════════════════════
𐀪 Author: Chloe Bridgens
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 11:39:16 GMT
════════════════════════
⌗ Tags: #cybersecurity
════════════════════════
𐀪 Author: Chloe Bridgens
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 11:39:16 GMT
════════════════════════
⌗ Tags: #cybersecurity
Medium
Day 1: Rules of engagement
What I Focused On:
⤷ Title: From Phishing to Persistent Malware: Breaking Down the Tax Violation MSI Attack
════════════════════════
𐀪 Author: CipherX9F Security
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 11:36:58 GMT
════════════════════════
⌗ Tags: #cybersecurity #phishing #cipherx9f_security #threat_intelligence #malware_analysis
════════════════════════
𐀪 Author: CipherX9F Security
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 11:36:58 GMT
════════════════════════
⌗ Tags: #cybersecurity #phishing #cipherx9f_security #threat_intelligence #malware_analysis
Medium
From Phishing to Persistent Malware: Breaking Down the Tax Violation MSI Attack
Cybersecurity researchers constantly face threats delivered via sophisticated malware campaigns. In this blog, we analyze the malicious Tax…
⤷ Title: Digital Landlords
════════════════════════
𐀪 Author: Diogo Vicente Mendes
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 11:36:47 GMT
════════════════════════
⌗ Tags: #artificial_intelligence #cybersecurity #society #technology #startup
════════════════════════
𐀪 Author: Diogo Vicente Mendes
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 11:36:47 GMT
════════════════════════
⌗ Tags: #artificial_intelligence #cybersecurity #society #technology #startup
Medium
Digital Landlords
How our computers learned to rule us