Aditya

Got a bounty and swag from @GoogleVRP Let's keep the momentum :)

A few months ago, I found a Prompt Injection vulnerability on Google Tasks. It was simple, yet tricky. Google rewarded me with a $15,000 bounty for it. Here's the full story:

@zseano Finally, Sean, I have been part of bugbountyhunter from start and I am looking forward to the future upgrades :)

i'm taking a pause from hacking to resume building bugbountyhunter.com. i regret closing it down and I shouldn't of done it. everything will be back online EXACTLY as it was very soon and i've got some big plans for the future. and yes, that includes zseano methodology v2 ;)

Leaking YouTube Creators Private Videos javoriuski.com/post/youtube

Earlier this year @SLCyberSec’s research team disclosed a vulnerability that allowed us to leak PII and emails stored inside Salesforce Marketing Cloud instances, for any customer, without authentication. You can read more about our research here: slcyber.io/research-cente…

@Yassineaboukir @Hacker0x01 Congratulations Yassine 🥳

2nd MVH in the bag at @Hacker0x01 H1-21 Live Hacking Event in Lisbon 🇵🇹

@katedeyneka Congratulations Kate this is a big moment 🥳 I am also building something, have a few queries dmed you!

half a year ago I left my full-time job since then I: - built my app Reelful solo - launched it! - got my first paying users - grew my X audience to 9.4K - went viral multiple times on X - met so many amazing people I now call friends! grateful I took this leap of faith and believed in myself - many more to come! photo from my last day at Snap

Bug bounty programs are killing their own disclosure pipeline. Real vuln on something.org.com → CNAMEs to a vendor → program closes as N/A → bug stays open → breach happens anyway. Microsoft just reversed this. Most haven't. jdonsec.com/essays/its-you…

@xssdoctor @monkehack Cool findings guys loved this blog

A few months ago, I found a really cool technique to make prompt Injection more deterministic. @monkehack convinced me to write it up. Enjoy! blog.starstrike.ai/posts/achievin…

Chained CSPT into full account takeover using a 2FA bypass technique I hadn't seen used in bug bounty before. whoareme.com/blog/cspt-acco…

@dropn0w That's cool dude 🥳

I’m not a console gamer, but it feels cool to have found a crit on PlayStation.😎

@valent1nee @GoogleVRP Congrats valentino 🥳🎉 read your writeups, it's amazing dude.

I'm so happy to have won the MVH at the latest Google LHE (Seoul 2026). Thank you, @GoogleVRP, for the amazing event!

@monkehack @StarstrikeAI Congrats ciaran and team🥳🎉 dude, I have a query, can I dm you

We took home 2nd Place and I got Most Novel Prompt Injection as well. Another award for team @StarstrikeAI 💪

@busf4ctor @rez0__ Definitely @rez0__ is the OG 😎

@rez0__ glowing head > Google’s “o”

@stokfredrik @monkehack @busf4ctor Congratulations guys 🥳🎉 @stokfredrik is back in the game.

Beyond excited to receive the most creative/surprising report award on google flagship and win second place MVH together with @monkehack and @busf4ctor Beyond grateful for the chance to compete at a high stakes LHE again and for the adventure that comes along the way ❤️ Vlog incoming.. 📷

@YShahinzadeh Now Google developers will be like: Finally, we have 10 days left to rest 🤣

just arrived Paris, no work for 10 day, not even checking emails, anyone to see, drop a pm

@sapirxfed @WEareTROOPERS Congratulations sapir 🎉🥳

Imagine yourself on the beach in Thailand getting the email you got accepted to @WEareTROOPERS !!!! It was one of my happiest moments 🥰 I can't wait to #Troopers26

@sw33tLie @claudeai That's cool, dude will definitely try this.

I wanted a screenshot tool for macOS better than anything out there, so I built one with @claudeai Native Swift. No Electron. Annotate, record screen, scroll capture, auto-redact PII, beautify, upload to Drive & more — one flow. Free & open source forever. macshot 🔗👇