【MCUboot】private keys exposed on the GitHub repository https://hackerone.com/reports/1234531
【XVIDEOS】CSRF on delete friend requests - Not protected with CSRF Token https://hackerone.com/reports/1408745
Data Exfiltration via CSS + SVG Font https://mksben.l0.cm/2021/11/css-exfiltration-svg-font.html
Hunting for buggy authentication/authorization services on github https://xvnpw.github.io/posts/hunting_for_buggy_authentication_authorization_services_on_github/
Bug bounty methodology V4.0 — Demonstrated https://medium.com/geekculture/bug-bounty-methodology-v4-0-demonstrated-8e9cb6ed1b12
How to find new/more domains of a company? - Recon Stuff https://www.cyberick.com/post/how-to-find-new-more-domains-of-a-company-recon-stuff
Introduction To Bash For System Administration and Bug Bounty Hunting https://medium.com/@daniel.j.hunt/introduction-to-bash-for-system-administration-and-bug-bounty-hunting-6003e16dc87a
New differential fuzzing tool reveals novel HTTP request smuggling techniques https://portswigger.net/daily-swig/new-differential-fuzzing-tool-reveals-novel-http-request-smuggling-techniques
TP-Link TL-WR840N EU v5 RCE (PoC for CVE-2021-41653) https://k4m1ll0.com/cve-2021-41653.html
