HackerOne Professional Free For Open Source Projects
Here at HackerOne, open source runs through our veins. Our company, product, and approach is built-on, inspired by, and driven by open source and a…
Month: May 2023
PREDATOR Spyware – Delivered Through Zero-Click Exploit
A commercial spyware product offered by the spyware company Intellexa (formerly Cytrox) has been described by Cisco Talos. By designing deployment procedures that frequently call for…
HackerOne, Bountycraft, and Nullcon | HackerOne
Around the world in seven days! My name’s Adam Bacchus, Chief Bounty Officer of HackerOne, and I’m here to tell you about the adventures I…
Introducing CWE-based Weaknesses | HackerOne
Letting go is hard. Today we say goodbye to the original 18 vulnerability types on HackerOne. They’ve been with us since the very beginning. Fortunately, we…
H1-415 Live Hacking Event Delivers to Customers, Community, and Hackers
Just a few short weeks ago, an elite group of hackers were at it again, spending a day finding bugs for Airbnb and Shopify. But…
Bug Bounty Field Manual: The Definitive Guide for Planning, Launching, and Operating a Successful Bug Bounty Program
Writing the Bug Bounty Field Manual was a herculean task. Just ask Adam Bacchus, the distinguished author of this manual. But as he’ll tell you,…
Tapping Hackers for Continuous Security
Last week, I attended the FinDEVr conference in New York City. The 2-day conference is focused on the technology aspect of fintech. Attendees ranged from…
Bi-directional JIRA integration at HackerOne
It’s now possible to view updates on JIRA issues right inside your HackerOne Reports. The two-way integration means that whenever a JIRA issue changes state,…
Bandit Stealer Hits Windows Devices
A new info-stealing malware called Bandit Stealer is capable of evading detection and stealing personal and financial banking data stored in cryptocurrency wallets and web…
Hot Pixels attack checks CPU temp, power changes to steal data
A team of researchers at Georgia Tech, the University of Michigan, and Ruhr University Bochum have developed a novel attack called “Hot Pixels,” which can…
Zero Daily Newsletter: Fun, yet informative, AppSec, bug bounty, and hacker news
Read the news every day, and check the usual websites? Want to get your industry news and have a little humor dashed in? With Zero…
QBot malware abuses Windows WordPad EXE to infect devices
The QBot malware operation has started to abuse a DLL hijacking flaw in the Windows 10 WordPad program to infect computers, using the legitimate program…