Bugcrowd Blog - Plushcap

Blog URL

www.bugcrowd.com/blog

Posts YTD

12 ↓ vs 25 last year

Avg Posts/Month

7.0 since 2025

Monthly Post Volume

Start year:

Post Details

Search:

Title	Author	Published	Words	HN Pts
A guide to Bluetooth Low Energy hacking: Part II	Andrew Pratt	2025-01-09	2,907	--
Taking platform support for CVSS to the next level	Abigail Nguy	2025-01-14	255	--
Shaping the future of cybersecurity: The Hacking Policy Council’s 2024 achievements and …	Casey Ellis	2025-01-15	1,148	--
Security flash: Salt Typhoon	Erica Azad	2025-01-16	386	--
Bugcrowd’s Bugboss Fighter Challenge	Santerra Holler	2025-01-21	286	--
MFA security part 1: How attackers bypass multi-factor authentication	Alistair G, Director of Red Team Operations	2025-01-22	2,100	--
Managing the cost implications of EU DORA compliance	Julian Brownlow Davies	2025-01-23	1,064	--
The new (de)regulated AI security space: A hacker’s perspective	Guest Post	2025-01-27	1,310	--
Hacking Crypto Part I	Nerdwell	2025-01-30	4,781	--
The EU Cyber Resilience Act (CRA), explained	Gareth O Sullivan	2025-02-11	923	--
Continuous security testing for DORA compliance	Julian Brownlow Davies	2025-01-29	989	--
The EU AI Act, explained	Gareth O Sullivan	2025-02-06	890	--
MFA security part 2: How to prevent MFA bypass	Alistair G, Director of Red Team Operations	2025-02-11	626	--
Point-in-time vs. continuous penetration testing: A comparison guide	Justin Kestelyn, Bugcrowd Head of Product Marketing	2025-02-03	891	--
Hacker spotlight: Meet Nerdwell	Santerra Holler	2025-02-05	1,531	--
Crowdsourced intelligence in action: Bugcrowd’s 2024 year in review	Dave Gerry	2025-02-04	943	--
The ultimate beginner’s guide to Nuclei	Andrew Pratt	2025-02-13	2,550	--
Strengthening decentralized security: Bugcrowd’s VRT 1.15 update	Paddy Cassidy	2025-02-12	553	--
Bugcrowd security flash: CFAA and thought crime	Erica Azad	2025-02-13	558	--
How to hack WiFi	Andrew Pratt	2025-02-26	2,831	--
Hacker Experience Surveys: Amplifying your voice at Bugcrowd	Emma	2025-02-19	1,415	--
A look inside global collegiate pen testing	Bugcrowd	2025-02-21	1,990	--
Hacking crypto part II: Hacking blockchains for fun and profit	Nerdwell	2025-02-20	4,070	--
The biggest security risks facing the maritime shipping industry	Julian Brownlow Davies	2025-02-27	1,191	--
Hacking LLM applications: A meticulous hacker’s two cents	Guest Post	2025-02-27	3,438	--
A hacker breaks down Netflix’s new show, Zero Day	Guest Contributor	2025-03-06	1,900	--
What you need to know about H.R. 872	Casey Ellis	2025-03-06	488	--
Hardware hacking with the University of New Brunswick Cybersec Club	Bugcrowd Researcher Success	2025-03-04	705	--
Secure by Design: From pledge to practice	Casey Ellis	2025-03-05	665	--
Best practices to avoid Bugcrowd platform violations	Guest Post	2025-03-12	1,112	--
The rise of device code phishing	Alistair G, Director of Red Team Operations	2025-03-11	1,407	--
Safe harbor and the future of AI flaw reporting: Lessons from vulnerability …	Casey Ellis	2025-03-13	1,142	--
Announcing the new women-only hacking community: HackerHER Network	Emma	2025-03-13	809	--
Red teaming vs. penetration testing: A guide to comprehensive security testing	Justin Kestelyn, Bugcrowd Head of Product Marketing	2025-03-13	1,656	--
Why AI will never replace the Crowd	Julian Brownlow Davies	2025-03-19	899	--
Remote code execution (RCE) 101	Guest Post	2025-03-26	1,092	--
A low-cost hacking sidekick: Baby steps to using offensive AI agents	Ads Dawson	2025-03-27	3,235	--
Hacking the stars: My experience with NASA’s VDP	Santerra Holler	2025-04-01	1,033	--
Bugcrowd Security Update: Password Reset and MFA Requirement	Santerra Holler	2025-04-07	232	--
Reflecting on the fourth Hacker Showdown: Carnival of ChAIos	Santerra Holler	2025-04-08	632	--
The ultimate beginner’s guide to Android hacking	Andrew Pratt	2025-04-09	3,337	--
XSSpect: A browser extension to automate XSS injection	Phishician	2025-04-09	930	--
Security through the attacker’s lens: How to adopt an adversarial mindset	Erica Azad	2025-04-10	1,303	--
Hacker spotlight: Rhynorater	Santerra Holler	2025-04-15	1,248	--
Everything you need to know about working with hackers	Erica Azad	2025-04-22	892	--
A course on Caido at the University of Arizona	Santerra Holler	2025-04-23	628	--
New platform capability: Automate retesting using AI-generated Nuclei templates	Michael Skelton, VP of Operations	2025-04-22	343	--
A hacker explains the recent crosswalk signal hijacks	Guest Post	2025-04-23	1,052	--
Introducing Bugcrowd Red Team as a Service (RTaaS)	Julian Brownlow Davies	2025-04-28	2,042	--
VDP Success: Lessons from the State of California’s Department of Technology	Erica Azad	2025-04-30	1,597	--
How to standout with better security: Your guide to proactive security	Bugcrowd	2025-04-29	695	--
Hacker spotlight: P3t3r_R4bb1t	Santerra Holler	2025-04-30	1,112	--
Community spotlight: ClassDojo	Erica Azad	2025-05-07	833	--
How to retain hackers on your engagement	Rami Tawil	2025-05-06	1,475	--
Bugcrowd’s commitment to CISA’s “Secure by Design” Pledge	Trey Ford	2025-05-05	797	--
Explain it like I’m five: Artificial Intelligence	Andrew Pratt	2025-05-08	1,793	--
Community spotlight: Sendbird	Erica Azad	2025-05-14	736	--
Your hacking style based on your zodiac sign	Erica Azad	2025-05-21	2,096	--
Introducing the Engagement Simulator: Your blueprint for bug bounty ROI	Abigail Nguy	2025-05-15	658	--
Pentester spotlight: Alx	Santerra Holler	2025-05-22	1,360	--
Hacking AI applications: In the trenches with DSPy	Ads Dawson	2025-05-13	4,419	--
HackHER spotlight: Meet InsiderPhD	Santerra Holler	2025-05-20	1,513	--
Securing global cybersecurity: Why CISA, CVE, and other global initiatives matter	Casey Ellis	2025-05-21	923	--
A basic guide to iOS testing	Guest Post	2025-05-29	3,277	--
Hacker spotlight: Ruikai Peng	Santerra Holler	2025-05-28	1,760	--
Behind the scenes: How Bugcrowd builds red teams	Erica Azad	2025-06-05	2,631	--
Bolt launches its public bug bounty engagement with Bugcrowd to secure its …	Erica Azad	2025-06-04	661	--
Hacking crypto Part III: Hardware	Nerdwell	2025-06-10	3,111	--
Rigging the system: The art of AI exploits	Ads Dawson	2025-06-11	1,852	--
Pop quiz: Red team red flags	Erica Azad	2025-06-12	1,691	--
Introduction to UART hardware hacking	Guest Post	2025-06-17	1,341	--
How to find bugs on a hardened target using gadgets	Guest Post	2025-07-16	2,915	--
Tips to break into a career in cybersecurity	Erica Azad	2025-06-24	1,018	--
Security isn’t static: Why your strategy should evolve like your threats	Julian Brownlow Davies	2025-07-22	2,982	--
Welcome Umesh Shankar to the Bugcrowd Advisory Board	Erica Azad	2025-07-08	776	--
Welcome Antonio Bovoso to the Bugcrowd Advisory Board	Erica Azad	2025-07-29	535	--
What you need to know about CVE-2025-0133	Erica Azad	2025-06-18	174	--
Hacker opinion piece \| Will artificial intelligence replace hackers?	Guest Post	2025-07-21	1,363	--
Join Bugcrowd and Hack the Box for the ultimate CTF	Santerra Holler	2025-06-24	438	--
Why blending human intuition with automation is the future of hacking	Guest Post	2025-07-24	2,046	--
Access Control vs Account Takeover: What Bug Bounty Hunters Need to Know	Guest Post	2025-07-03	1,731	--
Top pentester: Nerdwell	Bugcrowd	2025-08-05	1,303	--
Getting to know the Crowd: Answers to your top 7 questions on …	Justin Kestelyn, Bugcrowd Head of Product Marketing	2025-08-06	922	--
Community Leader of the year: sw33tLie	Bugcrowd	2025-08-04	1,046	--
The Breakthrough Hacker of 2025: bronxi	Bugcrowd	2025-08-07	1,093	--
The guide to blind XSS: Advanced techniques for bug bounty hunters worth …	Guest Post	2025-08-12	1,213	--
Security flash: Resilience over fear	Bugcrowd	2025-06-23	306	--
Amplify your red team’s impact with Bugcrowd’s RTaaS	Erica Azad	2025-07-10	1,590	--
Bugcrowd names Trey Ford as Chief Strategy and Trust Officer	Erica Azad	2025-08-04	1,035	--
Top P1 Hacker: priyanshuxo	Bugcrowd	2025-08-06	1,077	--
Mobile Hacking Resource Kit: Your one‑stop hub for iOS and Android pen …	Santerra Holler	2025-06-19	1,187	--
Making a difference with a suicide prevention bot	Guest Post	2025-07-02	1,538	--
Introducing Bugcrowd Asset View: Turn assets into actions	Abigail Nguy \| Senior Product Manager	2025-08-05	965	--
Global Security Impact Award winner: T-Mobile	Bugcrowd	2025-08-08	775	--
Introducing Bugcrowd’s Security Innovation Lab	Erica Azad	2025-07-23	596	--
Announcing the Bugcrowd Ingenuity Awards: Celebrating excellence among hackers and industry leaders	Santerra Holler	2025-07-10	356	--
The ultimate beginner’s guide to Caido	Andrew Pratt	2025-06-25	4,163	--
Bugcrowd AI Connect: Bringing vulnerability data to AI applications	Paddy Cassidy	2025-08-05	694	--
What Mission Impossible taught us about AI: The hacker roots of a …	Ads Dawson	2025-08-20	1,761	--
Hacker spotlight: Olufela Osideko	Santerra Holler	2025-08-19	1,139	--
How I hacked my way to the big leagues: Fat bounties, interviews …	Ads Dawson	2025-08-19	3,110	--
A CISO’s guide to red teaming part 1: The role of red …	Alistair G, Director of Red Team Operations	2025-08-21	1,613	--
Bugcrowd AI Triage speeds vulnerability resolution and elevates hacker experience	Braden Russell	2025-08-20	677	--
Hacker spotlight: Bronxi	Santerra Holler	2025-08-26	1,228	--
Bugcrowd response to Salesforce-linked third-party Drift application security event	Nick McKenzie \| Bugcrowd CIO and CSO	2025-08-27	277	--
A CISO’s guide to red teaming part 2: Using red team outcomes …	Alistair G, Director of Red Team Operations	2025-08-28	2,092	--
A CISO’s guide to red teaming part 3: Going beyond technical vulnerabilities …	Alistair G, Director of Red Team Operations	2025-09-04	1,481	--
The two faces of bug bounty hunting: Systemic vs. manual approaches	Guest Post	2025-09-03	957	--
Update: Bugcrowd Response to Salesloft Drift Third-Party Security Event	Nick McKenzie \| Bugcrowd CIO and CSO	2025-09-05	427	--
When attackers log in as you: Understanding broken authentication and session management …	Guest Post	2025-09-10	1,002	--
Welcome to The Mind Cathedral	Omar Carmical	2025-09-10	670	--
Short-term satisfaction for long-term pain: Server security misconfigurations	Guest Contributor	2025-09-16	1,048	--
A CISO’s guide to red teaming part 4: Red teaming for finance …	Alistair G, Director of Red Team Operations	2025-09-18	960	--
Inside the Mind of a CISO 2025	Erica Azad	2025-09-23	561	--
Penetration testing: Automated vs. manual testing methods	Guest Post	2025-09-24	1,782	--
A CISO’s guide to red teaming part 5: Red teaming for healthcare …	Alistair G, Director of Red Team Operations	2025-09-25	734	--
A CISO’s guide to red teaming part 6: Red teaming for manufacturing …	Alistair G \| Director of Red Team Operations	2025-10-02	1,141	--
Tips to building better board decks for CISOs	Erica Azad	2025-10-01	828	--
How to find RCE: A list of pathways and detection methods	Luke (hakluke) Stephens	2025-10-03	3,873	--
A people-first approach: Meet your Bugcrowd team	Bugcrowd	2025-10-06	1,480	--
An introduction to vibe coding	Diana Prodan \| Product Marketing Manager	2025-10-06	1,305	--
CISO excellence story: Tomás Maldonado, National Football League	Erica Azad	2025-10-07	1,040	--
What a Netflix documentary taught us about the power of open-source intelligence	Guest Post	2025-10-08	1,550	--
The human side of zero trust	Julian Brownlow Davies	2025-10-09	343	--
From Jeopardy! to The Terminator: AI vs. AGI vs. ASI	Ads Dawson	2025-10-10	1,294	--
HackHER Spotlight: Brigitte Lewis	Guest Post	2025-10-13	1,452	--
Risk committees for CISOs: Moving from technical expertise to executive strategy	Trey Ford	2025-10-14	1,207	--
CISO excellence story: Dan Maslin, Monash University	Erica Azad	2025-10-15	869	--
A lesson on inference attacks	Ads Dawson	2025-10-16	1,275	--
Takeaways from the biggest sensitive data exposure breaches	Guest Post	2025-10-17	1,382	--
The power of TikTokers: Why everyday internet sleuths are OSINT experts	Luke (hakluke) Stephens	2025-10-20	2,350	--
Bugcrowd named a Leader by G2 in Fall 2025 Report	Meg Noonan \| Senior Manager, Global Marketing Campaigns	2025-10-21	525	--
Ask a hacker: Top vulnerabilities to watch out for	Erica Azad	2025-10-22	713	--
Tricks, not treats: Social engineering tactics that fool the smartest of us	Ads Dawson	2025-10-23	1,058	--
Hacker spotlight: Evan Connelly	Santerra Holler	2025-10-24	1,149	--
My experience hacking as a student (Mi experiencia hackeando como estudiante)	Guest Post	2025-10-27	2,341	--
The CISO’s challenge: Measuring security outcomes	Trey Ford	2025-10-28	1,269	--
How pentesters earn trust on the Bugcrowd Platform	Diana Prodan \| Product Marketing Manager	2025-10-29	1,135	--
Trick or treat: 5 spooky phishing stories	Guest Post	2025-10-30	866	--
Scam season: Don’t get hacked	Santerra Holler	2025-10-31	1,238	--
Bugcrowd acquires Mayhem Security: Redefining AI-powered security testing	Dave Gerry \| CEO, Bugcrowd	2025-11-04	757	--
Hacker spotlight: Amr	Santerra Holler	2025-11-05	1,233	--
Pentester spotlight: Nitesh Bhatter	Santerra Holler	2025-11-06	1,241	--
Real-world cyber events influenced by the OG hacker movie, WarGames	Santerra Holler	2025-11-12	1,658	--
Understanding technical debt: The new zero day	Guest Post	2025-11-18	2,684	--
5 common mistakes when working with hackers	Guest Post	2025-11-20	1,180	--
Security flash: The hacklore project	Erica Azad	2025-12-02	410	--
CVE-2025-55182: What you need to know about React2Shell	Michael Skelton, VP of Operations	2025-12-04	533	--
How I hacked my way to a million dollars: HX007	Guest Post	2025-12-04	2,454	--
The Bugcrowd Academic Program	Kent Wilson	2025-12-09	604	--
Turn vulnerability data into remediation velocity: Introducing Bugcrowd AI Triage Assistant	Joe Castellanos \| Sr. Director of Product Management	2025-12-10	570	--
Bugcrowd introduces AI Analytics: Real-time insight for data-driven security decisions	Alessandra Santos I Product Manager	2025-12-11	767	--
2025 security predictions retrospective	Casey Ellis \| Founder and Advisor	2025-12-16	1,435	--
2026 cybersecurity predictions	Erica Azad	2025-12-17	2,582	--
Hacking Crypto Part IV: Web and mobile applications	Nerdwell	2025-12-18	3,673	--
Hacker spotlight: Faizan Elahi	Santerra Holler	2025-12-23	1,399	--
AI is the new magical master key: How attackers are using AI …	Guest Post	2026-01-07	2,200	--
Your code has vibes, my exploits have receipts	Guest Post	2026-01-13	2,111	--
Navigating financial services regulations with crowdsourced security	Erica Azad	2026-01-15	1,546	--
Life-changing lectures: My day with a top hacker	Guest Post	2026-01-22	1,437	--
Inside the Mind of a Hacker 2026	Erica Azad	2026-01-27	645	--
The value in making mistakes: One hacker’s expert advice	Guest Post	2026-01-28	1,118	--
CISO + hacker spotlight: Meet Aaron Guzman	Erica Azad	2026-02-03	1,037	--
Meet the new Security Inbox: Faster triage, zero friction	Joe Castellanos \| Sr. Director of Product Management	2026-02-04	375	--
Hacker opinion piece: How lazy hacking killed cURL’s bug bounty	Guest Post	2026-02-05	2,001	--
Hacker spotlight: Meet an elite hacking team	Erica Azad	2026-02-10	1,036	--
A guide to the hidden threat of prompt injection	Guest Post	2026-02-11	3,505	--
How vulnerable are vibe-coded apps?	Guest Post	2026-02-12	1,876	--

Plushcap, by Matt Makai. 2021-2026.