Intigriti Bug Bytes #234 – March 2026
Welcome to the latest edition of Bug Bytes! In this month’s issue, we’ll be featuring: Earning $180K via SSRFs Free Burp Suite Pro licenses for top hackers …
Category: Mix
Introducing GraphQL Support for API Scanning
Detectify’s new GraphQL API Scanning uses hacker-led research to provide highly accurate (99.7%), payload-based security testing. It identifies complex vulnerabilities within 20 minutes, helping enterprises…
Introducing IP Range Scanning: continuous Surface Monitoring for your entire network
Most organizations share a common, uncomfortable secret: they can’t answer basic questions about what is actually exposed on their IP ranges. As companies grow, whether…
Vulnerability disclosure for AI safeguards. How open should programs be and what incentives are necessary?
In a recent NCSC blog post on adapting vulnerability disclosure for AI safeguards, the authors posed a series of questions to researchers. Intigriti, being a global crowdsourced security…
Chaining DOM clobbering and CSP bypasses for XSS
At Intigriti, we host monthly web-based Capture The Flag (CTF) challenges as a way to engage with the security researcher community. This month’s challenge, brought…
Claude Code Hacking Skills Video · Joseph Thacker
Hey y’all, Very short post today. This video below went live yesterday. It’s one of my favorite episodes we’ve ever done on the podcast I…
Baking accessibility into our product foundation
TL;DR: Building for everyone, faster. We’re moving from the why to the how. To scale accessibility without losing speed, we’ve overhauled our foundation: A New…
Our 20,000 Eyes and Hands
Here’s a different way to think about the change coming to the workforce and economy from AI. Imagine everyone in the world has 10,000 brains,…
When to Use Claude Code Skills vs Workflows vs Agents
When Anthropic released Skills in October 2025, I faced a confusing problem: Skills, Workflows (formerly Commands), and Agents are all essentially markdown files containing prompts.…
The Bubble Is Labor | Daniel Miessler
I can’t remember when I realized this, but I want to say it was less than five or ten years ago. Scared the crap out…
Information Overload Is an Invisibility Cloak
Too much news is the same as no news, and too much coverage is the same as no coverage March 13, 2026 I just realized…
Hacking with permission. The Rules that make it ethical.
Ethical hacking, often via Bug Bounty Programs or VDPs, operates within defined frameworks. These include a community Code of Conduct (CoC), setting program Rules of…