Stories by bearsyankees

Securing a DoD contractor: Finding a multi-tenant authorization vulnerability

Context.ai seemingly cause of Vercel breach

Open Source Isn't Dead

Show HN: Greptile for Security (open source)

We love open source: finding a critical auth bypass in etcd (CVE-2026-33413)

What Now (and What's Next)

Yale senior hacks United, gets 2.6M miles

CVE-2026-33413 found in ETCD by open source AI agent (strix.ai), 8.8 CVSS

Caido partners with Strix for the best of both worlds in AI penstesting

First Impressions on Open-Source Claude Security (Strix)

Strix Is an Open-Source Claude Code Security

Finding a Cross-Tenant Vulnerability in GCP's Apigee

Reverse Engineering US Airline's PNR System and Accessing All Reservations

Reverse engineering a $1B Legal AI tool exposed 100k+ confidential files

Pwning OpenAI Atlas Through Exposed Browser Internals

Low PNR Entropy: I accessed all airline bookings via simple math

Airline Left All Passenger Data Vulnerable Due to Missing Last-Name Check

Hacktron Hacks Supabase

Nobel Peace Prize Sparks Insider Trading Questions on Prediction Sites

New investment bank is almost entirely powered by AI -- and it works

1