Hacking, AppSec, and Bug Bounty newsletter
2017-10-24 | Dissecting Mr. Robot, Onion nmap, and SecurityatSF
Tuesday, October 24
QR Code, Private Key, a French documentary and $1000 of BTC
Formula injection via CSV exports in WordCamp Talks plugin [9 upvotes] - $50 bounty for this report to WordCamp by @whitehatter.
Use-after-free during XML transformations (MFSA-2016-27) [3 upvotes] - $300 bonus bounty for this report to Tor by @agarri_fr.
You can see all the latest and greatest disclosures and bounties on www.hackerone.com/hacktivity
OTHER ARTICLES WE’RE READING
It’s a great day for a conference. Follow #securityat on twitter for updates on the first ever HackerOne user conference
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: firstname.lastname@example.org
Get this email forwarded to you? Click here to subscribe to the Zero Daily
This was not by any means a straight forward process, and none of this was meant to cause any damage or piss anyone off. This was in the interest of..interest. It was interesting and fun!