← Find more feeds

rss.ricterz.me

HackerOne Hacker Activity

Get the latest updates from HackerOne Hacker Activity directly as they happen.

Follow now 96 followers

Latest posts

Last updated 2 days ago

curl: HTTP/3 Stream Dependency Cycle Exploit

2 days ago

curl: HTTP/3 Stream Dependency Cycle Exploit

Read full

RubyGems: `/names.nsf` and all `/names*` files route to public API on rubygems.org

3 days ago

RubyGems: `/names.nsf` and all `/names*` files route to public API on rubygems.org

Read full

Fastly VDP: Open Redirect on https://api.fastly.com/

4 days ago

Fastly VDP: Open Redirect on https://api.fastly.com/

Read full

IBM: Middleware Authentication Bypass on IBM Portal

4 days ago

IBM: Middleware Authentication Bypass on IBM Portal

Read full

Dust: Stored XSS in File Upload Leads to Privilege Escalation and Full Workspace Takeover

4 days ago

Dust: Stored XSS in File Upload Leads to Privilege Escalation and Full...

Read full

WakaTime: Session Replay Attack Allows Authentication Bypass via Captured Login Responses Allowing Bypass of 429 Too many attempts for Multiple Failed Logins

5 days ago

WakaTime: Session Replay Attack Allows Authentication Bypass via Captured Login Responses Allowing...

Read full

Dust: Privilege Persistence via Cloned Agent

6 days ago

Dust: Privilege Persistence via Cloned Agent

Read full

curl: Use of a Broken or Risky Cryptographic Algorithm (CWE-327) in libcurl

7 days ago

curl: Use of a Broken or Risky Cryptographic Algorithm (CWE-327) in libcurl

Read full

curl: Double Free Vulnerability in `libcurl` Cookie Management (`cookie.c`)

7 days ago

curl: Double Free Vulnerability in `libcurl` Cookie Management (`cookie.c`)

Read full

Dust: Improper Session Invalidation – Auto Sign-In Without Credentials After Logout (Affects Chrome & Firefox)

7 days ago

Dust: Improper Session Invalidation – Auto Sign-In Without Credentials After Logout (Affects...

Read full

IBM: Information disclosure on IBM training service endpoint

7 days ago

IBM: Information disclosure on IBM training service endpoint

Read full

WakaTime: Broken Access Control Exposes Email Verification Status and Privacy Settings via API Endpoint

7 days ago

WakaTime: Broken Access Control Exposes Email Verification Status and Privacy Settings via...

Read full

Or log in

Everything you care about in one place

HackerOne Hacker Activity

Latest posts

curl: HTTP/3 Stream Dependency Cycle Exploit

RubyGems: `/names.nsf` and all `/names*` files route to public API on rubygems.org

Fastly VDP: Open Redirect on https://api.fastly.com/

IBM: Middleware Authentication Bypass on IBM Portal

Dust: Stored XSS in File Upload Leads to Privilege Escalation and Full Workspace Takeover

WakaTime: Session Replay Attack Allows Authentication Bypass via Captured Login Responses Allowing Bypass of 429 Too many attempts for Multiple Failed Logins

Dust: Privilege Persistence via Cloned Agent

curl: Use of a Broken or Risky Cryptographic Algorithm (CWE-327) in libcurl

curl: Double Free Vulnerability in `libcurl` Cookie Management (`cookie.c`)

Dust: Improper Session Invalidation – Auto Sign-In Without Credentials After Logout (Affects Chrome & Firefox)

IBM: Information disclosure on IBM training service endpoint

WakaTime: Broken Access Control Exposes Email Verification Status and Privacy Settings via API Endpoint

Try Feeder for free