Hacking, AppSec, and Bug Bounty newsletter

2017-05-18 | PATCH Act, Mar-a-Vuln, and raspberry pi teddy bear hack

Thursday, May 18

Goedemorgen. Early posts this week as we write #zerodaily from Amsterdam. Have a great day! 


  • PATCH Act would create a vulnerability equities review board for USG held vulns. This would codify and strengthen the existing Vulnerabilities Equities Process (VEP) that was established by the Obama Administration. Oh, Washington and their acronyms.


Inti De Ceukelaire had himself a day yesterday - $10,500 in bounties!

You can see all the latest and greatest disclosures and bounties on



Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.

Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?

Have a news tip / story to highlight? We’d love to hear about it. Email:

Get this email forwarded to you? Click here to subscribe to the Zero Daily


If it’s facing the external web or can be easily accessed from the internal network, you should assume everyone can access it.

Naffy + Shubs


HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty solutions encompass vulnerability assessment, crowdsourced security testing and responsible disclosure management. Discover more about our hacker powered security testing solutions or Contact Us today.