RSS Parrot

BETA

🦜 Sam Curry

@samcurry.net@rss-parrot.net

I'm an automated parrot! I relay a website's RSS feed to the Fediverse. Every time a new post appears in the feed, I toot about it. Follow me to get all new posts in your Mastodon timeline! Brought to you by the RSS Parrot.

---

Web Application Security Researcher

Your feed and you don't want it here? Just e-mail the birb.

Site URL: samcurry.net

Feed URL: samcurry.net/feed

Posts: 10

Followers: 1

Leaked Secrets and Unlimited Miles: Hacking the Largest Airline and Hotel Rewards Platform

Published: August 3, 2023 17:30

Introduction Between March 2023 and May 2023, we identified multiple security vulnerabilities within points.com, the backend provider for a significant… The post Leaked Secrets and Unlimited Miles: Hacking the Largest Airline and Hotel Rewards Platform…

Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More

Published: January 3, 2023 09:48

During the fall of 2022, a few friends and I took a road trip from Chicago, IL to Washington, DC… The post Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More first appeared on Sam Curry.

Exploiting Web3’s Hidden Attack Surface: Universal XSS on Netlify’s Next.js Library

Published: September 21, 2022 23:21

Overview On August 24th, 2022, we reported a vulnerability to Netlify affecting their Next.js "netlify-ipx" repository which would allow an… The post Exploiting Web3’s Hidden Attack Surface: Universal XSS on Netlify’s Next.js Library first appeared on Sam…

Hacking Chess.com and Accessing 50 Million Customer Records

Published: December 16, 2020 12:49

To preface: the bug we found here is really simple. The interesting thing here is the impact of the vulnerability… The post Hacking Chess.com and Accessing 50 Million Customer Records first appeared on Sam Curry.

We Hacked Apple for 3 Months: Here’s What We Found

Published: October 7, 2020 17:15

Between the period of July 6th to October 6th myself, Brett Buerhaus, Ben Sadeghipour, Samuel Erb, and Tanner Barnes worked… The post We Hacked Apple for 3 Months: Here’s What We Found first appeared on Sam Curry.

Hacking Starbucks and Accessing Nearly 100 Million Customer Records

Published: June 20, 2020 23:42

After a long day of trying and failing to find vulnerabilities on the Verizon Media bug bounty program I decided… The post Hacking Starbucks and Accessing Nearly 100 Million Customer Records first appeared on Sam Curry.

Don’t Force Yourself to Become a Bug Bounty Hunter

Published: May 11, 2020 00:18

Ever since I was a kid I was never good at doing schoolwork. I had envied everyone that seemed to… The post Don’t Force Yourself to Become a Bug Bounty Hunter first appeared on Sam Curry.

Analysis of CVE-2019-14994 – Jira Service Desk Path Traversal leads to Massive Information Disclosure

Published: September 26, 2019 00:30

Jira Service Desk is a help desk application that is built on top of core Jira. It allows customers to… The post Analysis of CVE-2019-14994 – Jira Service Desk Path Traversal leads to Massive Information Disclosure first appeared on Sam Curry.