Faav

Feb 24, 2026 08:35PM ➜ submited Feb 24, 2026 10:46PM ➜ report was triaged Feb 25, 2026 12:23PM ➜ bug patched Mar 17, 2026 02:55PM ➜ bounty awarded

@RenwaX23 Mad man

I think I have completed client-side security , just one report: Self-XSS -> Drag-Drop Payload -> Scroll-To-Fragment -> Unchecked postMessage Listener -> Text Injection -> DOM-XSS -> OAuth State Misconfiguration -> Cookie Bomb -> Account Takeover @renwa/iframe-sandbox-bypass-cross-origin-drag-drop-unvalidated-postmessage-origin-cookie-bomb-to-21357a4d94f5" target="_blank" rel="nofollow noopener">medium.com/@renwa/iframe-…

@davi1337_ Forgot to reply to this but you are so goated bro 🧧🧧❤️🔥🐐

I finally did it!! CVE in Chrome!!! (Davi Antônio) chromereleases.googleblog.com/2026/03/stable…

The past few days have been the worst triager experience of my life with @Hacker0x01. It legitimately feels like they are intentionally downgrading reports, ignoring reasons for the severity, and not explaining their decisions at all. The last part is the most infuriating.

New research just dropped by @alien2exe on hijacking OAuth popups via predictable window. open() targets. The chain uses iframe name collision forcing the auth flow into a controlled context, eventually linking an attacker-controlled addon to leak workspace PII and config data lab.ctbb.show/research/can-a…

@peeefour @discord_support Alright thanks

@efaav @discord_support nah bro i kept replying to my same ticket that the bot said "nah nothing we can do loser". i got like 10 or so of the same message from the nutty automation. until finally a real person saw my ticket and accepted it bc it was truly false ban

Its been 4 months and I still haven't been able to be unbanned, if anyone could help or knows anyone who could help please DM me 🙏 @discord_support

It's time for sharing, this is not a simple write-up, we are sharing our methodology and reasoning, detailing how we approached and hunted the flaw, I hope you like it :] blog.voorivex.team/uxss-on-samsun…

Just a few days later, there's the next blog post for @AikidoSecurity! Another framework-level vulnerability this time affecting Astro, resulting in SSRF if an unvalidated connection can be made to the webserver. Read the details here: aikido.dev/blog/astro-ful…

@peeefour @discord_support You just kept appealing under that same appeal category or did you try a different support category?

@efaav @discord_support nah bro you gotta keep pushing. i got false banned before for some similar weird shit and i thought it was over. but i was like fuck that. i just kept pushing my concern in the discord ticket. i kept getting a bot telling me the same thing. until finally i got unbanned

From a small mistake to make the full control over an internal ticketing system worth $$$$. Checkout my latest writeup: @NeM0x00/from-a-simple-client-side-mistake-to-full-read-write-access-of-an-internal-support-system-ebd40e4588ee" target="_blank" rel="nofollow noopener">medium.com/@NeM0x00/from-… #bugbountytips #bugbounty #bughunting

This was some really nice research by @zerodaykb from late last year: lab.ctbb.show/research/unico… - this trick can be super useful in secondary contexts!

We took things further in hacking Gemini, and exfiltrated data via... volume settings! We also present a new technique for data exfiltration in LLM-based systems. Enjoy 🔥 Link in comments:

If you haven't already, please check out my blog! blog.faav.net Maybe releasing more soon

@brutecat How'd I miss this, crazy 🔥🔥

RCE on Google Cloud, writeup soon! :)

My first disclosed vulnerability since joining @AikidoSecurity, and it's a banger! SvelteKit + Vercel = Cache Deception. This shows how AI agents can find framework-level vulnerabilities, and that caching will continue to cause headaches. Enjoy :) aikido.dev/blog/sveltespi…

🚨Claude Opus 4.6 wrote vulnerable code, leading to a smart contract exploit with $1.78M loss cbETH asset's price was set to $1.12 instead of ~$2,200. The PRs of the project show commits were co-authored by Claude - Is this the first hack of vibe-coded Solidity code?