HackerOne Hosts Rails Girls in Groningen
“Give a (wo)man a fish and you feed them for a day;teach a (wo)man how to fish and you feed them for a lifetime.” Following…
Category: Mix
3 quick questions with Security Awards nominee Jonatan Haltorp
Security Awards is a yearly event arranged by the Swedish publication Skydd och Säkerhet, where the aim is to highlight persons or companies that are…
Five years of the GitHub Bug Bounty program
This blog was written by GitHub’s Engineering Team and originally published here. GitHub launched our Security Bug Bounty program in 2014, allowing us to reward independent…
The danger of disabling automatic updates on WordPress
As soon as WordPress launch a new version they publish a changelog on their website where you can find what has been changed. This also…
Design the next HackerOne T-Shirt
What’s your favorite T-shirt? Maybe one from that conference you went to 5 years ago, a sleek threadless tee, or the one you earned from…
CDNs – Minimize damages if the CDN is hacked
Many are most likely already familiar with CDNs, Content Delivery Networks, but in short, a CDN is a service where a site owner can place…
Introducing Hacker Task Manager and Statistics
Continuous improvement is at our heart, and the Hacker Dashboard is an excellent example of how we’ve been iterating based on feedback from the community.…
[Alert] Critical authentication bypass + privilege escalation exploit in Joomla
A critical authentication bypass and privilege escalation exploit has been discovered by Melvin Lammerts. The exploit affects all Joomla versions from 3.4.4 through 3.6.3. The vulnerability is extremely…
Program Insights from the PayPal Security Team
PayPal’s digital payments platform gives 267 million active account holders in more than 200 markets around the world the confidence to connect and transact in…
Chrome extensions still track user data
It will soon be a year since we published our article exposing how Chrome extensions track their users. The research received worldwide attention and was…
Q&A with HackerOne’s VP of Customer Success Jeff McBride
“As cliche as it sounds, customer success is everyone’s job. Everyone’s,” said Jeff McBride when we asked him about his relatively new role as the…
Detectify launches a crowd-based security program to ensure an always updated service
We have strengthened our security team with a crowdsourced bug bounty program (currently in beta phase). The initiative, known as Detectify Crowdsource, allows us to…