Hacking Google Support: Leaking millions of customer records ($14k bounty) How I found my first vulnerability in Google - a way to leak private customer data for all cases in Google's internal support systems

I'm excited to finally publish the writeup for my first Google vulnerability, leaking phone numbers and other sensitive information of Google Support customers (rewarded with a $14k bounty).
#Cybersecurity #Google #GoogleVRP #ResponsibleDisclosure

Google Paid $17.1M For Bugs In 2025
Read More: buff.ly/sGUNuDf

#BugBounty #GoogleVRP #VulnerabilityResearch #SecurityResearchers #ResponsibleDisclosure #CyberInnovation #AppSec #Infosec

Responsible Disclosure: o que fazer quando você acha um zero-day

Você sabe o que é responsible disclosure e por que ele é ESSENCIAL contra zero-days? 👇

• O que é:
- Responsible disclosure (divulgação responsável) = agir com ética: avisar a empresa antes de […]

[Original post on mastodon.social]

Nationstates Confirms Breach Shuts Site
Read More: buff.ly/borSs5y

#DataBreach #OnlineGames #WebSecurity #ResponsibleDisclosure #IncidentResponse #UserDataProtection #CyberIncident #PlatformSecurity

Microsoft Bounty Covers All Service Flaws
Read More: buff.ly/i1GlZVU

#Cybersecurity #BugBounty #Microsoft #VulnerabilityResearch #Infosec #SecurityResearch #BlackHat #ResponsibleDisclosure

Responsible Disclosure si Stato: il Portogallo avvia questa rivoluzione nella PA

📌 Link all'articolo : www.redhotcyber.com/post/res...

#redhotcyber #news #responsibledisclosure #hackeretiche #sicurezzainformatica #normativaitaliana

Instead of immediate public disclosure, some suggest a staged approach where corporations offer remediation support or private disclosure periods tailored to project capacity. Balancing transparency with maintainer capacity is key. #ResponsibleDisclosure 5/6

White Hat Hackers: Crypto's Unsung Digital Guardians The Unseen Guardians of Your Digital Gold Let's talk about the crypto world. It’s a place of incredible innovation, dizzying profits, and, let's be honest, heart-stopping risks. You hear the…

White Hat Hackers: Crypto's Unsung Digital Guardians #DeFisecurity #cryptovulnerabilities #smartcontractaudit #preventingcryptohacks #BlockchainSecurity #cybersecurityincrypto #BugBountyPrograms #Web3security #responsibledisclosure #penetrationtesting

Beyond Silent Adoption:Responsible Disclosure and Verification in SPC and High-Risk AI Research

zenodo.org/records/1700...

#ResponsibleDisclosure #AIgovernance #HighRiskAI #SilentAdoption #EpistemicGatekeeping #AIethics #SPC #AIsafety #ReproducibilityParadox #SAP #DualUseResearch #AIaccountability

Original post on mastodon.social

🆕 blog! “Security Flaws in the WebMonetization Site”

I've written before about the nascent WebMonetization Standard. It is a proposal which allows websites to ask users for passive payments when they visit. A visitor to this site could, if this standard is widely adopted, opt to send me cash […]

Web Monetization The Web Monetization API allows websites to automatically and passively receive payments from Web Monetization-enabled visitors.

## Security Flaws in the WebMonetization Site

shkspr.mobi/blog/2025/08/security-fl...

I've written before about the nascent WebMonetization Standard. It is a proposal which allows websites to ask users for passive payments […]

[Original post on shkspr.mobi]

Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros Two critical vulnerabilities in Sudo command-line tool allow privilege escalation for local attackers on Linux systems

Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros

thehackernews.com/2025/07/critical-sudo-vu...

Careful out there folks... 👀

#linux #sudo #infosec #opsec #hackers #responsibledisclosure

Schattenseiten unkoordinierter Veröffentlichung von

#CrushFTP #Cybersecurity #Dateiübertragung @outpost24 #ResponsibleDisclosure #Schwachstelle

Schwachstellen netzpalaver.de/2025/...

Patched a critical security flaw then immediately wrote a blog post with just enough details for script kiddies to reverse-engineer it. Gotta keep the industry thriving. #ResponsibleDisclosure

Understanding “infohazards” in cybersecurity is crucial. They are data that may cause harm if misused. A @rationalanimations.bsky.social video shows how researchers notify companies before exploits go public, allowing time for fixes. Managing infohazards strengthens security. #ResponsibleDisclosure

Critical Vulnerability In ChatGPT API Enables Reflective DDoS Attacks A high-severity flaw in ChatGPT API exposes websites to reflective DDoS attacks, underlining the urgent need for stronger input validation.

OpenAI and Microsoft show a remarkable disinterest in a reportedly major security flaw in the #ChatGPT API #ResponsibleDisclosure $MSFT
informationsecuritybuzz.com/critical-vulnerability-c...

Presentation by ENISA on "Vulnerability Coordination in the EU" during the @firstdotorg.bsky.social VulnCon www.youtube.com/watch?v=MY0W... #CVD #CVE #responsibledisclosure #vulnerability

9/ What do you think?
Let’s discuss this analysis below. And if you found it useful, share it with your network to keep the cybersecurity space informed. 🛡️ #CyberSecurity #ExploitAnalysis #ResponsibleDisclosure

This week I've done a direct-to-phone #responsibledisclosure of a self-dox that'll stay with me for a long time. I've never EVER had this bizarre insight into somebody's whole life from favourite recipes to ID cards through investments, PHI and work up to even their last will. 🤯 (1/2)