Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources

Vulnerabilities in Homepage Dashboard

How 1 Exposed Honeywell API Gave us Control Over an Internal Engineering System

Unlocking the Weak Spot: Exploiting Insecure Password Reset Tokens

NO_WILDCARD: How I discovered the Organization ID of any AWS Account

$500 for Cracking Invitation Code For Unauthorized Access & Account Takeover