bug hunting
Claude helps researcher dig up decade-old Apache ActiveMQ RCE vulnerability (CVE-2026-34197)
In the latest demonstration of how AI assistants can help with bug hunting, Horizon3.ai researcher Naveen Sunkavally used Claude to unearth CVE-2026-34197, a remote code …
Microsoft announces Zero Day Quest hacking event with big rewards
Microsoft is enhancing its bug bounty initiatives with the launch of the Zero Day Quest hacking event. With $4 million in potential rewards, it focuses on driving research in …
x64dbg: Open-source binary debugger for Windows
x64dbg is an open-source binary debugger for Windows, designed for malware analysis and reverse engineering of executables without access to the source code. It offers a wide …
Apple offers security researchers specialized iPhones to tinker with
Apple is inviting security researchers to apply for its Security Research Device Program (SRDP) again, to discover vulnerabilities and earn bug bounties. Apple started the …
Google invites bug hunters to scrutinize its open source projects
Google wants to improve the security of its open source projects and those projects’ third-party dependencies by offering rewards for bugs found in them. …
The Intigriti Ethical Hacker Survey 2022
The Intigriti Ethical Hacker Survey 2022 highlights how ethical hacking continues to grow as a popular career choice for all levels of security experts. For the second year …
Cisco security devices targeted with CVE-2020-3580 PoC exploit
Attackers and bug hunters are leveraging an exploit for CVE-2020-3580 to compromise vulnerable security devices running Cisco ASA or FTD software. Active attacks apparently …
MindAPI makes API security research and testing easier
Security researcher David Sopas has published a new open-source project: MindAPI, a mind map with resources for making API security research easier. “I love mind maps. …
2021 Hacker Report: Hackers are not just driven by money
HackerOne released its 2021 Hacker Report that reveals a 63% increase in the number of hackers submitting vulnerabilities in 2020. As organizations’ attack surfaces have …
How much is a vulnerability worth?
As part of its crowdsourced security program, Zoom has recently increased the maximum payout for vulnerabilities to $50,000. Such figures make great headlines and attract new …
The effectiveness of vulnerability disclosure and exploit development
New research into what happens after a new software vulnerability is discovered provides an unprecedented window into the outcomes and effectiveness of responsible …
Study of global hackers and the economics of security research
Human ingenuity supported by actionable intelligence were found to be critical ingredients to maintaining a resilient infrastructure, Bugcrowd reveals. In fact, 78% of hackers …
Featured news
Resources
Don't miss
- ClickFix campaign delivers Mac malware via fake Apple page
- Poisoned “Office 365” search results lead to stolen paychecks
- What vibe hunting gets right about AI threat hunting, and where it breaks down
- Health insurance lead sites sell personal data within seconds of form submission
- Claude helps researcher dig up decade-old Apache ActiveMQ RCE vulnerability (CVE-2026-34197)