ForBugHunters

🚨 Critical Vulnerability

🚨 Critical Hardcoded IBM Cloud API Key in Admin JavaScript Allows Unauthorized IAM Token Generation (Cloud Account Compromise)

📝 Full writeup:
https://www.facebook.com/share/p/18JAevtdRq/?mibextid=wwXIfr

❤20🔥6

3.34K views10:21

ForBugHunters

My First Accepted HackerOne Report: Finding Exposed API Keys Across 5 Targets:
https://medium.com/@ziadali200244/my-first-accepted-hackerone-report-finding-exposed-weglot-api-keys-across-5-targets-fb14ecda869b

Medium

My First Accepted HackerOne Report: Finding Exposed Weglot API Keys Across 5 Targets

Good evening everyone. This writeup is about my first report accepted on HackerOne and how I found the same issue on 5 different targets.

❤34🔥9

3.63K viewsedited 13:02

ForBugHunters

Who’s next!🤩

❤34🤯1

3.49K views11:50

ForBugHunters

First bounty🤩👏

❤61👏1🤯1

3.26K views12:24

ForBugHunters

Self hosted +Bug bounty programs⬇️

*.cleeng.com

security@cleeng.com
—————————————
*.redsift.com

security@redsift.com
—————————————
*.plain.com

security@plain.com
—————————————
*.linkdm.com

support@linkdm.com
—————————————
*.ory.com

security@ory.com
—————————————
*. aquanow.com

bugbounty@aquanow.com
—————————————
https://github.com/swisscom/bugbounty
—————————————
https://www.spendesk.com/.well-known/security.txt
—————————————
https://help.spreaker.com/en/articles/5123644-bug-bounty-program
—————————————
https://www.fjdynamics.com/jp/bug-bounty-program
—————————————
https://www.klook.com/bugbounty
—————————————
https://gobright.com/responsible-disclosure-policy/
—————————————
https://www.make.com/en/bounty
—————————————
https://www.pubnub.com/bug-bounty-policy/
—————————————
https://help.doit.com/docs/vendor-information/bug-bounty-program
—————————————
https://www.lenskart.com/vulnerability-disclosure-policy
—————————————
https://www.talentlms.com/vulnerabilitypolicy
—————————————
https://whatbox.ca/policies/security
—————————————
*.perlego.com

security@perlego.com
—————————————
https://support.playerauctions.com/hc/en-us/articles/49330305602585-PlayerAuctions-Bug-Bounty-Program

❤22

3.98K views10:33

ForBugHunters

Critical Exposure of Algolia Admin API Key in Client-Side JavaScript:
https://medium.com/@zx10a/critical-exposure-of-algolia-admin-api-key-in-client-side-javascript-c41cacb4aed6

❤22🔥5👍1

3.57K viewsedited 12:52

ForBugHunters

Who’s next!🤷‍♂️

❤32👏2

3.68K views07:25

ForBugHunters

Congratulations 😍👏

❤30👏3🔥2🥰1

3.56K views12:42

ForBugHunters

Congratulations 😍👏

❤35

3.33K views14:09

ForBugHunters

Who’s next?!😍😍

❤45🔥5🤯2

3.53K views12:10

ForBugHunters

Congratulations👏😍

❤29🔥5

3.24K views11:20

ForBugHunters

Who’s next 🤩👏

❤28😢3😁1

3.25K views14:28

ForBugHunters

Official Channels – ForBugHunters

Stay connected and never miss the latest in bug hunting, cybersecurity insights, live hacking sessions, and exclusive learning content.

▶️ YouTube
https://youtube.com/@forbughunters

📢 Telegram Channel
https://t.me/ForBugHunters

💬 Telegram Community Chat
https://t.me/+jA2uqHEQ16cxOGVk

Join the community and level up your hacking skills.

❤19🔥2

3.88K views14:41

About

Blog

Apps

Platform