The danger of disabling automatic updates on WordPress
As soon as WordPress launch a new version they publish a changelog on their website where you can find what has been changed. This also…
Category: Mix
Design the next HackerOne T-Shirt
What’s your favorite T-shirt? Maybe one from that conference you went to 5 years ago, a sleek threadless tee, or the one you earned from…
CDNs – Minimize damages if the CDN is hacked
Many are most likely already familiar with CDNs, Content Delivery Networks, but in short, a CDN is a service where a site owner can place…
Introducing Hacker Task Manager and Statistics
Continuous improvement is at our heart, and the Hacker Dashboard is an excellent example of how we’ve been iterating based on feedback from the community.…
[Alert] Critical authentication bypass + privilege escalation exploit in Joomla
A critical authentication bypass and privilege escalation exploit has been discovered by Melvin Lammerts. The exploit affects all Joomla versions from 3.4.4 through 3.6.3. The vulnerability is extremely…
Program Insights from the PayPal Security Team
PayPal’s digital payments platform gives 267 million active account holders in more than 200 markets around the world the confidence to connect and transact in…
Chrome extensions still track user data
It will soon be a year since we published our article exposing how Chrome extensions track their users. The research received worldwide attention and was…
Q&A with HackerOne’s VP of Customer Success Jeff McBride
“As cliche as it sounds, customer success is everyone’s job. Everyone’s,” said Jeff McBride when we asked him about his relatively new role as the…
Detectify launches a crowd-based security program to ensure an always updated service
We have strengthened our security team with a crowdsourced bug bounty program (currently in beta phase). The initiative, known as Detectify Crowdsource, allows us to…
@try_to_hack First Hacker to Earn a Million
19-year-old Argentinian @try_to_hack just made history as the first to earn over $1,000,000 in bounty awards on HackerOne. Since joining HackerOne in 2015, Santiago has…
Kristian Bremberg, Detectify Crowdsource community manager: “Crowdsourced security gives researchers freedom”
The Detectify Crowdsource platform allows security researchers to submit newly discovered exploits and incorporate them into Detectify’s automated security service. At the heart of the…
Q&A with Brian Neely, CIO & CISO of AMERICAN SYSTEMS
The only constant in life is change. That statement couldn’t be more true in the world of cybersecurity, and no one knows that better than…