Insufficient GraphQL API vulnerability due to lack of validation of Authorization Bearer token

The Butterfly Effect: Turning Overlooked - Misconfigurations into Zero Click Account Takeover

Authorization bypass due to cache misconfiguration

Zomatoooo! IDOR in Saved Payments

How I got my first $13500 bounty through Parameter Polluting (HPP)

A Creative Way To Get Someones YouTube Videos Deleted + A Copyright Strike Against Their YouTube Channel