@bobdahacker@infosec.exchange
·
2d ago
BobDaHacker 🏳️⚧️
@bobdahacker@infosec.exchange
Can we hack it?? Yes we can!!! 😎😎😎 Hey Im BobDaHacker an ethical hacker 🤓 Thx 4 coming to my ted talk
infosec.exchange
✈️ New Blog Post: Your Boarding Pass Is a Skeleton Key. Frontier Airlines Doesn't Care.
Frontier's mobile API returns full passport numbers, home addresses, children's DOB, credit card details, and KTNs for any booking. The only auth? A PNR and last name. Printed on every boarding pass.
Reported March 3rd. 105 days later, still live. They fixed the least important vuln and ghosted me on the rest. They also updated the website code and somehow made the leaks worse.
Full writeup: https://bobdahacker.com/blog/frontier-airlines-hack
#InfoSec #BugBounty #ResponsibleDisclosure #FrontierAirlines #Security #CyberSecurity #Privacy #Aviation #PCIDSS #DataExposure
32
0
55
@bobdahacker@infosec.exchange
·
3d ago
BobDaHacker 🏳️⚧️
@bobdahacker@infosec.exchange
Can we hack it?? Yes we can!!! 😎😎😎 Hey Im BobDaHacker an ethical hacker 🤓 Thx 4 coming to my ted talk
infosec.exchange
⚽ New Blog Post: I Could've Rickrolled the Entire FIFA World Cup. All I Needed Was My ID.
Registered on FIFA's public Agent Platform, got added to their Entra tenant, and accessed the Streaming Management panel for every live World Cup 2026 match. RTMP ingest URLs, stream keys, all five camera angles. Confirmed live in VLC. An attacker could have replaced live camera feeds on TV worldwide.
Full writeup: https://bobdahacker.com/blog/fifa-hack
#InfoSec #BugBounty #ResponsibleDisclosure #FIFA #WorldCup #Security #CyberSecurity #RTMP #BrokenAccessControl
32
0
59
@zwanski@flipboard.social
·
Feb 17, 2026
mohamed ibrahim zwanski
@zwanski@flipboard.social
I’m Zwanski, a refugee and self-taught IT specialist focused on web security and bug bounty research. Despite not having the right to work locally, I actively contribute 😜
flipboard.social
My name is Mohamed Ibrahim.
I am a cybersecurity professional sleeping on the street in Tunis Tunisia.
I have earned real money working for the Swiss government through their bug bounty program but I cannot receive it because I have no ID documents.
I am a human trafficking victim. UNHCR has my file. I have skills, certifications, and the will to work but zero rights here.
I just need someone to see this.
Please share. 🙏
📧 mohaaibb3@proton.me | WhatsApp: +216 94 934 141
#HumanRights #AsylumSeeker #Cybersecurity #HumanTrafficking #HelpNeeded #Tunisia #BugBounty
0
0
0
@sekurakbot@mastodon.com.pl
·
Feb 16, 2026
sekurak News
@sekurakbot@mastodon.com.pl
Bot publikujący najnowsze wiadomości sekurak.pl 
https://sekurak.pl Account by @kkrenski
mastodon.com.pl
Jak wtyczka do backupów w WordPress pozwalała na zdalne wykonanie kodu – CVE-2026-1357
Backupy są ważne i każdy kto choć raz padł ofiarą ataku lub spotkał się z awarią środowiska produkcyjnego wie o czym jest mowa. Do wykonywania kopii zapasowych istnieje szereg rozwiązań, zarówno darmowych jak i komercyjnych. Coraz częściej można się również spotkać ze specjalistycznymi narzędziami, jakim jest np. popularny plugin WPvivid...
#WBiegu #Backup #Bugbounty #Cve #Rce #Traversal #Wordpress
https://sekurak.pl/jak-wtyczka-do-backupow-w-wordpress-pozwalala-na-zdalne-wykonanie-kodu-cve-2026-1357/
1
0
1
You've seen all posts