Fulltime Bug Hunter
First part of two awesome episodes with brutecat, this one about the two RCE he founds and some other bugs when he started digging Google VRP
Today, we deep dive AEM with Jim Green
Some nice bugs covered about AI Injection and CSPT, and tricks to level up your hackbot
A lot of great writeups today and some AI news
Bug bounty isn't dead, but it's definitely changing a lot. Here's what's actually changing.
Solo episode from Justin looking at some recent bugs he found about client side stuff
New live episode from South Korea to cover the latest LHE by Hackerone and by Google
A practical look at OAuth 2.1 and MCP security pitfalls, from PKCE downgrades and SSRF tricks to token misuse and recent framework CVEs.
We dig CSPT across different frameworks with xssdoctor, discovering a nice bug in react router
Today, a new episode about research theft with krevetk0
![[HackerNotes Ep. 177] Double Google RCE with VRP Legend Brutecat](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/logo/f3cc9f6e-341e-452a-9b50-a244bcc4cf92/Critical_Thinking_Podcast_Cover_Square.jpg){kind=logo}
