AI-Powered Bug Hunting in Closed-Source Software:Author: Anhlt91, Thuanhn Date: May 2026Tags: AI Claude Bug Hunting Closed-Source Security Research Overview I used Claude AI to find real security vulnerabilities in a closed-source enterprise producJun 1, 2026·36 min read
Reasoning-First vulnerability research: How I built an AI Agent that found multiples bugs in Open Source project Subtitle: A practical look at building an AI-assisted vulnerability research workflow that reasons through code, traces trust boundaries, and helps discover real security issues responsibly on multiplMay 27, 2026·11 min read
AI-Powered Vulnerability Hunting in WordPress Plugins/Themes<7 days spare time 100 plugins scanned 524 candidate findings 16 confirmed vulns 5 scanner patches This is not a vulnerability disclosure. It's a methodology. I want to share how to build an AI pipMay 26, 2026·17 min read
Firmware Emulation With an Automated Skill SetFirmware Emulation With an Automated Skill Set tags: firmware, emulation, qemu, reverse-engineering, cybersecurity Khoa Hoang Anh, May 25, 2026 Link repo: https://github.com/9wteam/firmware-emulation-May 26, 2026·20 min read
From Privilege Escalation to RCE in Wiki.jsA tale of privilege escalation, command injection, and the humbling art of responsible disclosureMay 21, 2026·11 min read
AI-Assisted Discovery of SQL Injection & Stored XSS in Cacti Network MonitorDisclosure status: Both vulnerabilities reported to vendor on 2026-05-13 via GitHub Pull Request. Author: Nguyen Cong Tu (iaohkut) Published: May 2026 I. Introduction This post is about a methodologMay 21, 2026·13 min read
Two Access-Control Failures in SiYuan: Unauthenticated SQL Read and a Read-Only Role That Can Rewrite Server ConfigI. Introduction SiYuan is an open-source, privacy-first personal knowledge management tool. It lets users write in Markdown with block-level references, store everything in a local SQLite block dataMay 19, 2026·6 min read
