Magix Bug Bounty: magix.com (RCE, SQLi) and xara.com (LFI, XSS)

$15k RCE Through Monitoring Debug Mode

From MLOps to MLOops: Exposing the Attack Surface of Machine Learning Platforms

Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!

Exploiting authorization by nonce in WordPress plugins

Studying 0days: How we hacked Anki, the world's most popular flashcard app