Slonser's Image Injection 0-day - ATO & New Caido Collab Plugin (Ep. 121)
Episode 121: In this episode of Critical Thinking - Bug Bounty Podcast we catch up on a bunch of news and research. Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any feedback here: [email protected] Shoutout to / realytcracker for the awesome intro music! ====== Links ====== Follow your hosts Rhynorater and Rez0 on Twitter: https://x.com/Rhynorater https://x.com/rez0__ ====== Ways to Support CTBBPodcast ====== Hop on the CTBB Discord at https://ctbb.show/discord! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at https://ctbb.show/merch! ====== This Week in Bug Bounty ====== Hacker spotlight: Rhynorater https://www.bugcrowd.com/blog/hacker-... Ultra Mobile Managed Bug Bounty Program - Mobile Apps https://bugcrowd.com/engagements/ultr... Ultra Mobile Managed Bug Bounty Program - (Public) https://bugcrowd.com/engagements/ultr... John Deere Program highlights https://hackerone.com/john-deere?type... Hacker Heroes: John Deere's Bug Bounty Program Boosts Cybersecurity https://www.deere.com/en/stories/feat... Dojo #41 - Ruby treasure https://dojo-yeswehack.com/challenge/... ====== Resources ====== slonser 0-day in chrome https://x.com/slonser_/status/1919439... CT Additional useful primitives https://x.com/ctbbpodcast/status/1919... Tweets from other Hackers https://x.com/0xw2w/status/1919719769... https://x.com/YShahinzadeh/status/191... https://x.com/AmirMSafari/status/1919... How I made $64k from deleted files / how-i-made-64k-from-deleted-files-a-bug-bo... CTBB episode with Sharon Brizinov ctbb.show/98 Rez0's Subdomain Link Launcher https://josephthacker.com/subdomain_l... Qwen3 Local Model https://x.com/simonw/status/191845192... s May Cause Pwnage - Backdoors in Disguise https://blog.jaisal.dev/articles/mcp import WAF bypass https://x.com/KN0X55/status/191618038... Caido Drop https://github.com/caido-community/drop Andre's tweet about encoded word https://x.com/0xacb/status/1915334267... Nahamcon https://www.nahamcon.com/ Gemini prompt leak https://x.com/elder_plinius/status/19... SVG Onload Handlers https://x.com/garethheyes/status/1915... ====== Timestamps ====== (00:00:00) Introduction (00:06:13) slonser 0-day in Chrome (00:19:11) 'How I made $64k from deleted files' Rez0's Subdomain Link Launcher, & Qwen3 Local Model (00:31:59) May Cause Pwnage & import WAF bypass (00:40:10) Caido Plugin 'Drop' & encoded words (00:48:00) Nahamcon, Gemini prompt leak, & SVG Onload Handlers
Attacking AI - Jason Haddix - NDC Security 2026
Claude is your insider threat now - Dan Tentler - Security Fest 2026
【競技プログラミング】ABC464【実況】
How to Hide in Plain Sight: Next-Level Digital Privacy | Ivan Banov at BSidesCache 2025
248 DIOS TE DICE HOY: NADA ES IMPOSIBLE PARA MÍ | CONFÍA EN DIOS
How to earn money as a web3 security researcher
Hacker Shows the Most Insane Gadgets in His EDC
Inside Ukraine's elite unit hunting Russian soldiers with fiber optic drones
PortSwigger Top 10, TruffleSec Drama, and more (Ep. 7)
تلاوة القرآن للدراسة والتركيز 📚🕛 | راحة وطمأنينة | Peaceful Focus Quran | محمد هشام
DEF CON 33 - Kill List: Hacking an Assassination Site on the Dark Web - Carl Miller, Chris Monteiro
Creator of C++: Bell Labs, Negative Overhead Abstraction, Mistakes | Bjarne Stroustrup
How Dangerous Free Wi-fi Can Be - Hacker Explains
Keynote: After the AI Hype – What’s Real, and What’s Next - Richard Campbell - 2026
How to Actually Build Mobile Apps with AI in 2026 | A Complete Beginner's Tutorial
JANITOR vs THE BIGGEST GUYS IN THE GYM. They Didn’t Expect THAT
State of Bug Bounty Maturity Posture Report (Ep. 180)
Billionaire's WARNING: I'm SELLING. The Crash Is Already Here!
How to Gather Information on Anyone with OSINT
