I found a stored XSS in the slideshow feature of Hedgedoc. It was the preview release, so no CVE (or patch), but here's the writeup anyway! 🦔 cryptocat.me/blog/researc...

Here's the writeup for CVE-2026-53943, a cache poisoning -> XSS vuln I found in Ghost CMS 👻 cryptocat.me/blog/researc...

An SQLi I found in Photo Gallery by 10Web was disclosed this week! cryptocat.me/blog/researc...

Writeup coming 🔜 github.com/TryGhost/Gho...

New video about the argument injection bug I found in Gogs! youtu.be/wt6l_5VB91A

Found an unpatched RCE in Gogs 👀 Any authenticated user can get code execution on the server through argument injection into git rebase. Full @rapid7.com writeup + #Metasploit module available now! 🔗 www.rapid7.com/blog/post/ve...

New episode of the @rapid7.com podcast! 👀 @stephenfewer.bsky.social joins @fulmetalpackets.bsky.social and myself to talk about the latest SD-WAN auth bypass - available now in the Metasploit framework 😎 www.youtube.com/watch?v=tg4T...

That's a wrap on Pwn2Own Berlin 2026! 🏆 $1,298,250 awarded. 47 unique 0-days. 3 days of absolute chaos. And talk about main character energy - congrats to DEVCORE for claiming Master of Pwn with 50.5 points and $505,000 - they never slowed down. See you next year! #Pwn2Own #P2OBerlin

Quick video about the new SD-WAN Auth bypass (CVE-2026-20182) discovered by @rapid7.com Labs 👀 I say quick, because @stephenfewer.bsky.social will be joining @fulmetalpackets.bsky.social and myself to talk all about it (and more) in the next podcast - dropping Thursday 🔥 youtu.be/_AxRbX_GLiA

Another bug I found in ProfileGrid was disclosed this week. Broken access control! cryptocat.me/blog/researc...

Recapping Day One of #Pwn2Own Berlin 2026! It was an amazing day of research on display with more than $500,000 awarded. Tomorrow looks to be even better. youtu.be/yb29BkA8uO4

Wake up babe, new SD-WAN auth bypass dropped 😼 Stay tuned for the @metasploit-r7.bsky.social module 👀 www.rapid7.com/blog/post/ve...

An SQLi I found in ProfileGrid was disclosed this week. Here's the full writeup and patch review! cryptocat.me/blog/researc...

Did you catch @jorianwoltjer.com's cool XSS chain on RoundCube mail? 👀 If not, you can hear (and see) all about it in the latest episode of the @rapid7.com podcast! youtu.be/A05dD51mLyo

An XSS I found in Elementor was disclosed yesterday, here's the writeup! cryptocat.me/blog/researc...

My writeup for the "Bucket Vault" challenge by @pwnii.bsky.social (@yeswehack.bsky.social) 💜 cryptocat.me/blog/ctf/mon...

We've launched a new free Web Security Academy topic on exploiting AI-powered security scanners! Learn how to use indirect prompt injection to steal data, cause damage & trigger exploit chains! Dive in here: portswigger.net/web-security...

Mozilla says Mythos helped identify 271 vulnerabilities in Firefox 150. I went through the commits, CVEs, and bug links to see what that number really means. My takeaway: relax folks. xark.es/b/mythos-fir...

My first YT video of 2026! 😳 We'll review @rapid7.com's analysis of CVE-2026-20127 - written by me! 😊 youtu.be/6vgpwr37nR0

▶️ Now Playing: Telecom Sleeper Cells, SD-WAN Bypasses, & LLM Bug Bounties. In Episode 2 of Hacktics and Telemetry, Douglas McKee & @cryptocat.me continue to bring you the latest in cybersecurity news, vuln research, and actionable defensive strategies: https://r-7.co/4sTbDu5

My writeup for the "Secret Manager" challenge by zerodaygym (@yeswehack.bsky.social) 🤫 cryptocat.me/blog/ctf/mon...

Happy St Patrick's day ☘

🎤👾 Introducing Hacktics and Telemetry, a bi-weekly video and audio podcast out of Rapid7 Labs, starring Rapid7's Doug McKee (fulmetalpackets) & Jonah Burgess (@cryptocat.me)! 🧵 Find episode 1's companion blog here: r-7.co/4di8tuH ▶️ Or dive right into the full vid on YouTube: r-7.co/3NiQfP2

🚨 CVE-2026-20127: Cisco SD-WAN authentication bypass. An unauthenticated attacker can inject SSH keys without crypto verification via a flawed state machine. Active exploitation by UAT-8616 since 2023 💀 Check out the full @rapid7.com analysis 👇 attackerkb.com/topics/bP3FM...

BREAKING: powerful iPhone hacking tools used by Chinese criminals originated from US defense giant L3 Harris. Their zero-click exploits went to Russian spies too. Unbelievable harm to our collective security. Scoop: @lorenzofb.bsky.social, here's why it matters 1/ techcrunch.com/2026/03/09/a...

"For the first time since we began tracking zero-day exploitation, we attributed more zero-days to commercial surveillance vendors than to traditional state-sponsored cyber espionage groups." Love to see the stats backing up my hunch. cloud.google.com/blog/topics/...

My first @metasploit-r7.bsky.social module is live! You can now exploit CVE-2026-1731 (BeyondTrust command injection) with the latest version 😎

My writeup for @intigriti.com's "InkDrop" challenge 🖋 cryptocat.me/blog/ctf/mon...

🚨 In conducting 0 day research against #Grandstream GXP1600 VoIP phones, Rapid7 Labs discovered CVE-2026-2329. The unauthenticated stack-based buffer overflow vulnerability ultimately allows an attacker to intercept phone calls and eavesdrop on audio. Read on: r-7.co/4tIzope

My writeup for the "RubitMQ" challenge by @yeswehack.bsky.social 🐇 cryptocat.me/blog/ctf/mon... #ctf #capturetheflag #bugbounty #ethicalhacking #cybersecurity #infosec #yeswehack

The voting has concluded, and we're thrilled to announce the top ten web hacking techniques of 2025! Massive thanks to everyone in the community for sharing their hard-earned discoveries, plus the panel and everyone who nominated or voted! portswigger.net/research/top...

Couldn't be more excited to announce I'm joining the vulnerability research team at @rapid7.com next week! 🥳 Really looking forward to teaming up with some seriously talented researchers and digging into real-world threats and vulnerabilities. Stay tuned 😎

My writeup for the "APICrash" challenge from @yeswehack.bsky.social 💥 cryptocat.me/blog/ctf/mon...

At least four videos show what really happened when ICE shot a woman in Minneapolis on Wednesday. DHS has established itself as an agency that cannot be trusted to live in or present reality. @evystadium.bsky.social has more. Full story by @josephcox.bsky.social: www.404media.co/dhs-is-lying...

Happy new year!! 🥳🎉

I've been working hard to move my written content from gitbook over to my own website 👷‍♂️ It's still a work in progress, but I'm pretty happy with the results so far 🙂 🔗 cryptocat.me/blog/

Wishing a very hacky christmas to all the hacker fam! 🎅

Video walkthrough for the Hacky Christmas challenge I made for #NahamCon2025 😇 youtu.be/fs9WeNkUB4M

The #NahamCon2025 CTF is over ✅ Writeups for my challs 👇 🎮 Hacky Christmas ➡ book.cryptocat.me/blog/ctf/202... 💥 VulnBank ➡ book.cryptocat.me/blog/ctf/202... 💥 Snorex 2K CCTV ➡ book.cryptocat.me/blog/ctf/202... Stay tuned for a video walkthrough of Hacky Christmas 🎅🎄

I made a couple of [easy-med] challenges for #NahamCon2025 - you've got 24 hours! 💜 🎮 ctf.nahamcon.com/hubs/hacky-c... 💥 ctf.nahamcon.com/hubs/vuln-bank 💥 ctf.nahamcon.com/hubs/snorex-... Here's a sneak peek at Hacky Christmas 🎅 Can you escape the ice box and take out 1 MILLION gingerbread men? 🎄

I also made some challenges for #NahamCon2025, hope you will check them out! 🎅

New stickers 😼

New video covering the solution to the Mother Printers challenge I created for @hackinghub.bsky.social 💜 Tried to make it as beginner friendly as possible as I know many players aren't familiar with rev/pwn 😇 youtu.be/ebNYtX_8lOY

Didn't get chance to solve my "Mothers Printers" challenge on @hackinghub.bsky.social? 🖨 Here's the official writeup ➡ book.cryptocat.me/blog/ctf/mon... Prefer video? Stay tuned for a beginner-friendly walkthrough on YT next week ▶

Time to drop a couple of hints for my @hackinghub.bsky.social challenge! 1️⃣ First flag is on the website (you need to find it before flag 3/4/5) 2️⃣ The chall is inspired by some cool research I read (go find it) Writeups will be published once we hit 10 solves ➡ app.hackinghub.io/hubs/mother-...

Congratulations to Bhavya for being the first to capture all 5 flags on my @hackinghub.bsky.social challenge! 🥳🎉 We've released a small patch. If you were stuck on flag 3, please re-download files! Good time to practice your patch-diffing 👀 app.hackinghub.io/hubs/mother-...

So, who's gonna blood my new @hackinghub.bsky.social challenge? 😼 Challenge 🔗 app.hackinghub.io/hubs/mother-... First 3 solves will earn the "Hacker Cat" role in my discord server ➡️ discord.cryptocat.me #ctf #capturetheflag #ethicalhacking #cybersecurity #infosec #offsec

The "Ultimate Calculator 3000" challenge is over! ⏳ You can watch the video walkthrough here ➡ youtu.be/lRJno96za5A I'll leave everything online for another week or so 🙂

My writeup for the September Dojo challenge on @yeswehack.bsky.social - Chainfection ⛓ The challenge combined multiple CVEs, creating a chain of vulnerabilities: SQL injection -> file write + path traversal -> SSTI (RCE) Read the full writeup ➡️ book.cryptocat.me/blog/ctf/mon...

I made a new CTF challenge! It will run until the 30th of October 🎃 There's no prizes, but the first 3 solves will earn themselves the "Hacker Cat" rank in my discord server 😸 Download "Ultimate Calculator 3000" to get started ➡ discord.cryptocat.me