bugcrowd

Just to name a few. Want to go deeper on a specific topic? Our blog is packed with resources and guides to support your boardroom conversations: bugcrowd.com/blog/

You survived the show floor. Reward yourself accordingly 🐝🥂 We’re hosting a low-key reception just steps from the conference with good drinks, good people, and conversation that feels a lot better than shouting over expo hall carpet 🤭 🌉 Come hang! Your better after-hours plan is right here at The Hive: luma.com/hivereception?… We’re grateful to our sponsors, @HPE, @menlosecurity, and Unosecur, for helping bring this event to life! 🎉

@4non_Hunter @Hacker0x01 @yeswehack @intigriti Incredible work! Thanks for your dedication 😎

I just published a new #article on Medium. How I Earned $76,000 Bounty From a Single Program on @Bugcrowd . #BugBounty #Bugcrowd #CyberSecurity #EthicalHacking @Hacker0x01 @yeswehack @intigriti anonhunter.medium.com/how-i-earned-7…

🔥

AI-generated phishing attacks have reportedly increased by 14X, with a significant impact on the manufacturing sector. 🧑‍🏭 The surge indicates a shift in how attackers are leveraging LLMs to scale their operations. By automating the creation of realistic lures, threat actors can target specific industries with much higher frequency. This trend emphasizes the need for defensive strategies that can account for the rapid iteration of social engineering tactics. Read more at Manufacturing.net: manufacturing.net/cybersecurity/…

AI might be moving faster than your org chart. 👥 When innovation outpaces accountability, risk ownership can get messy. We’re heading to RSAC to discuss how to fix the gap between AI-driven exposure and fragmented controls. The Panel: 🎙️ @kristinaayanian (Moderator, @Nasdaq) 🎙️ @davegerryjr, (CEO at #Bugcrowd) 🎙️ Umesh Shankar (CVP Engineering, Microsoft AI) 🎙️ Ramin Farassat (CPO, Menlo Security Inc.) 🎙️ John Spiegel (CTO Security, Hewlett Packard Enterprise) 💌 RSVP: luma.com/AIsession?utm_… Made possible with support from our event partners: @HPE, @menlosecurity, and Unosecur. 🔥

✍️ World Poetry Day in cyber? Yeah, we know. A little absurd. Now that our social media manager tried to rhyme, please head to the blog because this felt like a crime 🥴: bugcrowd.com/blog/10-cybers… Happy #WorldPoetryDay from Bugcrowd and our talented Director of Content Marketing 🌟🧡

Tools of Efficiency 🛠️ DOM Invader: standard dynamic scanners fail at discovering this because aggressive clobbering instantly breaks site functionality. Use DOM Invader in Burp Suite, but remember you must manually toggle the "DOM clobbering" setting on and reload the browser context to start finding these data flows.  Stay 1337, DOM clobber! 👊🔥

Bug Bounty Significance 💰 This technique bypasses robust sanitizers by disabling their internal logic loops (like the classic html-janitor bypass). It escalates low-severity HTML injection straight to critical Stored XSS.

Going Deep 🕳️ Clobbering isn't limited to a flat namespace. By abusing the authoritative relationships of HTML <form> elements, we can clobber three levels deep. Injecting <form id=x><output id=y>Payload</output></form> successfully overwrites window.x.y.value.

How it Works ⚙️ If an application relies on a global variable (like window.config), we can overshadow or "clobber" it.  By injecting , the engine maps this to window.config.url. When an existing "script gadget" evaluates that variable, it executes our payload instead.

Tired of standard XSS payloads getting blocked by strict sanitizers and CSPs?  Enter DOM Clobbering. Here's how it works 🧵👇

The Fundamentals 📚 When a browser parses a webpage, it maps the structure to a DOM tree. Thanks to legacy specifications, injecting HTML elements with an id or name attribute automatically creates a global property on the window and document objects.

Last year's hacker roadshow was GREAT! @Bugcrowd took security professionals and ethical hackers on the road and the reception has been phenomenal. In 2026 @hackthebox_eu Box hops on the orange bus, and we start in London next week! Sign up here lnkd.in/ehM4j5J9

data = pickle.loads(user_cookie) Replace pickle.loads with ________ to prevent RCE A) pickle.loads(user_cookie, fix_imports=False)   B) json.loads(user_cookie) C) yaml.load(user_cookie) D) eval(user_cookie) Hint: One of these is even WORSE than pickle 😈 Bonus: RCE payloads for each!

Verification is harder when risk is shared across vendors, partners, and platforms 💨 At The Hive during #RSAC, Bugcrowd is hosting a conversation for security leaders focused on how FinTech teams assess vendor exposure, inherited risk, and partner dependencies in complex environments. Featuring @treyford at Bugcrowd, Jaye Tillson at @HPE, and Pranav Vattaparambil at Unosecur. 🎙️ 🛟 Save your seat before it’s full: luma.com/PeerExchange?u… Good conversations need good company. Thanks to our sponsors for helping make this one happen: Hewlett Packard Enterprise, @menlosecurity, Unosecur!

📢 The White House has released a National Cyber Strategy that places a priority on offensive operations. Bugcrowd CEO Dave Gerry observes that the current document serves as a high-level messaging framework. While it aligns with national needs, the specific details regarding timing, funding, and execution plans will likely follow in subsequent executive orders or legislation. 📜 For the cybersecurity industry, the focus now turns to how different agencies will be tasked with executing these high-level goals. Full story at Dark Reading: darkreading.com/cybersecurity-…

Catch Tatiana Uklist from Bugcrowd on the Women in Cybersecurity Careers Panel hosted by the UTS Cyber Security Society 💼 It’s always inspiring to see conversations like this create more visibility, representation, and guidance for the next generation of talented folks in cyber!

New research highlights how connecting Salesforce with third-party applications and APIs can inadvertently expand an organization’s attack surface. 🫟 Trey Ford points out that trust relationships are becoming a focal point for attackers. Compromising a single trusted integration can create a ripple effect of risk across the entire ecosystem. Enterprise teams are encouraged to audit guest user permissions and enforce a policy of least-privilege access for all public API connections. Read more in CSO Magazine: csoonline.com/article/414366…