BestHub
Sign in
Black & White Path
Black & White Path
Apr 19, 2026 · Information Security

Why Security Researchers Deserve Respect: Lessons from the 2026 Windows Defender Zero‑Day Fallout

In April 2026 a trio of Windows Defender zero‑day bugs—BlueHammer, RedSun and UnDefend—were publicly disclosed after Microsoft’s Security Response Center repeatedly ignored the researcher’s reports, sparking a debate over responsible disclosure, corporate trust, and the urgent need to respect security professionals.

BlueHammerMicrosoftWindows Defender
0 likes · 6 min read
Why Security Researchers Deserve Respect: Lessons from the 2026 Windows Defender Zero‑Day Fallout
Black & White Path
Black & White Path
Mar 7, 2026 · Information Security

How I Uncovered Multiple Vulnerabilities in My Alma Mater’s Campus App

The article details an authorized penetration test of a university campus app, revealing sensitive data leakage, horizontal and vertical privilege escalation, face‑photo tampering, and a stored XSS flaw, each demonstrated step‑by‑step with packet captures and screenshots.

Penetration Testinginformation leakagemobile app security
0 likes · 6 min read
How I Uncovered Multiple Vulnerabilities in My Alma Mater’s Campus App
MaGe Linux Operations
MaGe Linux Operations
May 31, 2017 · Information Security

How I Uncovered a Critical LFI Vulnerability in Oracle Responsys Cloud Service

The article details the discovery of a local file inclusion (LFI) flaw in Oracle Responsys, explains how crafted requests exploit the _ri_ parameter to read arbitrary files, highlights the impact on major companies like Facebook and LinkedIn, and describes the responsible disclosure that led to a rapid patch.

LFILocal File InclusionOracle
0 likes · 4 min read
How I Uncovered a Critical LFI Vulnerability in Oracle Responsys Cloud Service