bytehx

@H4cktus @amazon @Jayesh25 @itz_mg_ @_naaash_ Congrats!

Just wrapped up an unreal week hacking @amazon in Goa 🇮🇳🌴 Teamed up with @Jayesh25, @itz_mg_ and @_naaash_ and somehow walked away with 1st place on the leaderboard 🏆 Picked up a stack of bonuses along the way: - Pwnership: Eventwide Most Impactful Report - Dive Deep: Most Creative Bug - Most Impactful Issue on a specific asset - Most # of Critical Issues on a specific asset - Learn and Be Curious: Show and Tell (x2) Got to meet so many talented hackers I'd only ever spoken to online, and honestly that was the best part of the whole trip. Such a good crew, so many good conversations, left with a bunch of new friends 🤝 Saw some genuinely wild techniques I'd never come across before, and for some reason 90% of the craziest bugs got popped between 3-6 AM 😅 something about that hour just hits different. Huge thanks to @amazon and @Hacker0x01 for putting this together. Unique location, unique challenge, unforgettable crew.

@monkehack @stokfredrik @StarstrikeAI Congrats 🎉

We took home 2nd Place and I got Most Novel Prompt Injection as well. Another award for team @StarstrikeAI 💪

@696e746c6f6c Happy Birthday man 🎉🎉🎉

Yesterday I turned 20 years old. Time flies, but I had the best time with my bmw M3 G80 yesterday.

@_N0xi0us_ @Hacker0x01 Congrats man 🔥🔥🔥

Excited to reach 20k rep on @Hacker0x01 Time to keep cooking 🧑‍🍳

@0xLupin @monkehack Congrats man 🎉

WE DID IT ! WE RAISED $5.9M PRE-SEED 🥳🎉🎉

please, I’m a simple man who enjoys tough challenges, the proliferation of posts like this in my timeline could trigger the early stumbles of a side quest that might last a few years…

Discovered 3 HTTP request smuggling vulnerabilities and 1 cache poisoning vulnerability in Cloudflare’s Pingora reverse proxy, all exploitable under the default configuration. These issues resulted in 2 Critical CVEs and 1 High-severity CVE. xclow3n.github.io/post/6

@bardonadam Bangkok is the best place imo. Living here over 3 years now.

I'm moving to Bangkok! 🇹🇭 - DTV visa secured ✅ - 1 year lease signed ✅ - $0 MRR 😅 I'm super excited! I spent there ~140 days last year, met some amazing people and indie hackers, made a lot of friends and it just feels like home. But it also feels quite bittersweet. I love the city where I live right now(Brno 🇨🇿). I have this very cool office/music production studio, bunch of guitars and solid home theatre/audio setup. This Means I have to sell a lot of things. The money will definitely come handy, but still... I almost shed a tear when I sold my bass guitar today. Brno is great, but I moved here because of my ex, with not many friends here... I met a lot of great people, but nobody is a builder. Nobody can relate to my situation and I can't relate to theirs. That's why going to place with big indie hackers community feels like the best step for me right now.

What if you could simulate your life before living it? Today we’re launching FactSim. A realistic life simulator that learns about you then models your behavior with agents. Test paths. Run scenarios. Explore outcomes. Your life in sandbox mode. factsim.com

Introducing Cinematic Video Overviews, the next evolution of the NotebookLM Studio. Unlike standard templates, these are powered by a novel combination of our most advanced models to create bespoke, immersive videos from your sources. Rolling out now for Ultra users in English!

Today we're launching Glaze 💠 Create any desktop app in minutes by chatting with AI. Beautiful, powerful, and truly personal. Learn more on glazeapp.com Follow @glazeapp for updates.

Beautiful labs.trace37.com/blog/messagepo…

Turning Almost Nothing into a Supply Chain Compromise of Angular with GitHub Actions Cache Poisoning adnanthekhan.com/posts/angular-… #BugBounty

If you're using AI for bug bounty, you already know the two killers: context window limits and compaction amnesia. I use 6 lifecycle hooks for my mastermind-ai setup that act as checks and balances — injecting hunt state on session start, gating findings that lack proven impact, catching agents that surrender too early, and serialising everything to pick up exactly where the last session left off. The result: more agents running autonomously for longer, finding higher severity bugs. Cool interactive explanation of all 6 hooks here - labs.trace37.com/blog/mastermin…

Cloudflare built a Next.js replacement in a week with vibe-coding. We vibe-hacked and found numerous vulnerabilities, multiple critical and high severity. On Cloudflare Workers, one of the bugs leaks one user's session to another by default. hacktron.ai/blog/hacking-c…

Are you looking for a cybersecurity job? From red team and pentesting to security engineering or incident response At infosec-jobs.net I gather job listings from multiple sources to make it easier for everyone to find their next job. Take a look. #CyberSecurity #RedTeam #Pentesting #InfoSec

This is one of the best fuzzing articles I've read. bushido-sec.com/index.php/2025… #bugbountytips #zeroday #EthicalHacking #CyberSec

An empty `X-Forwarded-For` header causes internal Pod/server IPs to be disclosed in the response header or body, which can then be targeted for SSRF.

You can now run a fully functional virtual iPhone with iOS 26.1+. This is not just a simulator or a fake UI—this is a genuine iPhone environment running inside a virtual machine on Apple Silicon Macs. Here's what to expect: • iOS 26.1 boots up virtually. • It operates exactly like a real iPhone. • Graphics acceleration is fully supported. • Researchers can conduct tests without needing a physical device. We’ve moved beyond speculation—this is now a reality, and anyone can build it. github.com/wh1te4ever/sup…