HackingPassion.comBug-Bounty
3 posts
Google Told the Researcher Nice Catch Then Refused to Pay and Never Fixed It
Google told a security researcher his bug was a nice catch, lined up his payout, then eleven days later called it harmless and refused to pay a cent. The flaw …
Six Working Windows Zero Days and the Researcher Microsoft Called a Criminal
Six working Windows attacks are sitting in the open right now, three of them already seen in a real intrusion, and the researcher who published them did it …
GitHub RCE CVE-2026-3854: One Semicolon, Millions of Private Repositories
GitHub RCE CVE. A semicolon broke GitHub. One character in a push option field, and a security researcher was running code on the backend servers that store …