This year's posts 16 Oct - A Bucket Takeover Vulnerability with High-Impact Consequences 21 Jun - The Poisonous Cache: Unmasking a Stealthy Threat 2022 01 Dec - SSRF-to-EC2takeover, Zendesk account takeover and RCE 24 Nov - privilege escalation from User to Owner due to Mass assignment issue