Hacking, AppSec, and Bug Bounty newsletter

2018-06-26 | Firefox Monitor, Recon.JSON, and Did Mandiant Hack Back?

Tuesday, June 26


  • Firefox Monitor taps into Have I Been Pwned and alerts users of breaches. Initial testing includes 250K accounts. Troy Hunt writes in a blog post about enhanced 1Password integration and that “you can search HIBP from directly within 1Password via the Watchtower feature in the web version of the product.”


  • In my inbox this morning: the best cybersecurity company name I have ever seen: "Secret Double Octopus" - @Bing_Chris



Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.

Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?

Have a news tip / story to highlight? We’d love to hear about it. Email:

Get this email forwarded to you? Click here to subscribe to the Zero Daily

“One day I sat next to some of Mandiant’s team, watching the Unit 61398 hacking corps at work; it was a remarkable sight. My previous mental image of PLA officers was a bunch of stiff old generals sitting around in uniforms with epaulets, reminiscing about the glory days with Mao. But these guys were wearing leather jackets or just undershirts, and probably saw Mao only if they visited his mausoleum in Tiananmen Square.”

David Sanger, The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age


HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty program solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.