Tumblr stressed that there is no evidence the security bug was being abused or that unprotected account data was accessed.
Hackers exploited a flaw in Facebook’s code impacting its “View As” feature.
The newly expanded Facebook bug bounty program sniffs out access token exposure flaws.
The program focuses on potential abuse methods across Google’s product-specific channels like Google+, Youtube, Gmail and Blogger.
Bugcrowd’s CTO and founder Casey Ellis talked to Threatpost about the recently launched HP printer bug bounty program.
HP said it has launched the first-ever bug bounty program for printers, with rewards of up to $10,000 for discovered vulnerabilities.
A high-quality multi-factor authentication bypass submission can win a bounty hunter up to $100,000.
HackerOne’s 2018 Hacker-Powered Security Report showed that the average award for critical vulnerabilities has increased.
The newly-discovered Spectre variants can be exploited to uncover confidential data via microarchitectural side channels in CPUs.
More companies are looking to adopt “safe harbor” language in their bug bounty programs to build trust with participants.