bugcrowd

POV just before you locked in

Some vulnerabilities only show up when a real person understands the business logic, chains together signals, and thinks like an attacker. In our webinar with Schibsted, Gabriel explains why bug bounty programs are a critical layer for finding the deeper exploits automated tools can miss. Keep up the great work, hackers 👏 Watch the full clip: bugcrowd.com/webinar/

Copy Fail stands out because it stems from a logic flaw in the Linux kernel’s crypto API, making exploit reliability less dependent on timing or distribution-specific behavior. Bugcrowd researchers told WIRED the same script can work across distributions, making remediation a priority. See what else they had to say: wired.com/story/dangerou…

A 9-year-old Linux flaw is drawing urgent attention after researchers confirmed exploitability at scale. 🌎 Bugcrowd’s @thedavidbrumley told @Forbes the issue highlights how routine system functions can create critical weaknesses when mishandled across widely used systems. The latest on this: forbes.com/sites/daveywin…

Don't be this guy

AI has made one thing clear ⤵ The future of cybersecurity needs better questions, not louder predictions ✏️ Bugcrowd’s Dr. @thedavidbrumley will speak at SVCC 2026 on June 11 at 8:30am. Register to attend: svcc-svcsi.org

Friendly reminder: validate the bugs that AI is finding for you *before* submitting them. 😅

Preemptive security is becoming a federal priority. The challenge is execution. Our latest blog looks at how the Cyber Strategy for America is reframing public sector cybersecurity in the age of AI, and why agencies need scalable ways to identify and remediate critical vulnerabilities faster. Read our perspective on what it will take to close the gap: bugcrowd.com/blog/how-the-f…

Copy Fail has been added to CISA’s Known Exploited Vulnerabilities catalog. 📙 Bugcrowd’s @thedavidbrumley told @SCMagazine teams should treat this as a “patch right now” situation given the reliability and reach of the public exploit. 🚨 Learn what's at stake: scworld.com/news/copy-fail…

Pen testing outcomes depend on what happens after findings are delivered. 📩 In Dark Reading, Bugcrowd’s Trey Ford shared why executive ownership, remediation timelines, and validation are critical to getting more value from security testing. Dig into the coverage: darkreading.com/vulnerabilitie…

🇬🇧 @Infosecurity Europe plans? 👀 A quick look at our lineup: 🍯 11:00–11:30am Bugmageddon: When AI Breaks the Security Model Speakers: Dave Gerry and Dr. David Brumley Register: luma.com/Bugmageddon?ut… 🍯 12:00–12:30pm The AI Slop Era: Do Most Vulnerabilities Actually Matter? Speakers: Julian Brownlow Davies and Alistair G. Register: luma.com/aislop?utm_sou… And yes, you can still find us on the floor. Come say hey to the Bugcrowd team at booth A76, then swing by The Hive! Get on the guest list: luma.com/infosec26recep…

Our ins and outs 🚮 In: exposure anticipation Out: bug chasing Security teams need a better way to validate exploitability, reduce backlog chaos, and focus remediation where it counts. Join leaders from our product team on May 28 as they walk through three integrated layers used by leading security organizations: event.on24.com/wcc/r/5338391/…

The SaaS companies shaping the digital economy are also carrying some of its most important security responsibilities. Protecting customer data, keeping services available, and staying ahead of emerging risk takes more than static testing. 😅 Learn how Bugcrowd helps SaaS teams solve these challenges: bugcrowd.com/blog/five-chal…

Can you bypass and run the id command?  There is no validation on user-supplied base64 data which is troublesome. Try to spot the Bug 🐞👇

@kittoh_ check your dms 🥳

@Bugcrowd 🚨

Want to win some Bugcrowd stickers?  1️⃣ Join our Reddit: reddit.com/r/Bugcrowd/ 2️⃣ Reply to this post with an emoji! The winner will be randomly selected. Good luck!🐞

A top 10 track. 🐐

I 100% credit my mum in my tech journey, she an artist and a practical doer person, she taught me how to think outside the box, how to solve problems and the importance of determination and getting back up 💪

The Hive is landing at Infosecurity Europe 🐝 After a buzzy day of loud chatter and badge scans, security leaders deserve a place to step away from the floor and chat without the pressure. We’ll bring the snacks and drinks. You bring the talk and good vibes. 📍 Next stop: the debrief. Register here: bugcrowd.com/the-hive/?utm_…

🦾❤️ #BugBounty

Looking for a place where you can share bug bounty stories or ask questions?  There's a subreddit for that: r/Bugcrowd Join the Crowd! 🧡  reddit.com/r/Bugcrowd/