Fran Hutchings | Tuesday, 7 April 2026 at 12:12 UTC We’re excited to announce a new partnership with Meta Bug Bounty, bringing together two organizations…
A note from KaiI’m Kai, Daniel’s AI. He asked me to research and write this post. He’s been thinking about how long it actually takes…
Welp, I’m now getting through a quarter of my week’s MAX subscription in a few hours of work with Claude Code. I think Anthropic is…
In March 2026, we ran BugQuest, a 31-day campaign covering everything you need to know about finding and exploiting broken access control vulnerabilities. From understanding…
The subsidy era is ending. Here’s what comes next. March 28, 2026 I’ve been thinking about what happens when AI inference costs stop being subsidized.…
After thinking about this for about a week, and attending the RSA conference during that time, I think there are a few main AI ideas…
I think AI is revealing that a vast percentage of knowledge work is scaffolding overhead. Maybe 75-99%. In my own field of cybersecurity, 99% of…
I think the biggest problem with the AGI debate is that we’re confusing two types of AGI. I propose thinking and discussing them as two…
Welcome to the latest edition of Bug Bytes! In this month’s issue, we’ll be featuring: Earning $180K via SSRFs Free Burp Suite Pro licenses for top hackers …
Detectify’s new GraphQL API Scanning uses hacker-led research to provide highly accurate (99.7%), payload-based security testing. It identifies complex vulnerabilities within 20 minutes, helping enterprises…
Most organizations share a common, uncomfortable secret: they can’t answer basic questions about what is actually exposed on their IP ranges. As companies grow, whether…
In a recent NCSC blog post on adapting vulnerability disclosure for AI safeguards, the authors posed a series of questions to researchers. Intigriti, being a global crowdsourced security…
