Bug Bounty Daily

We read the entire internet so you don't have to. Get the freshest bug bounty content delivered biweekly. It’s the easiest way to stay sharp without gluing yourself to a screen.

High Signal #06: GeminiJack, SAML Hacks & Next.js Twists

Dec 17, 2025

•

2 min read

High Signal #06: GeminiJack, SAML Hacks & Next.js Twists

Gemini hacks, novel SAML auth bypasses, and Next.js middleware mutations.

Vitor Falcao

Dec 10, 2025

•

3 min read

High Signal #05: Xmas Giveaway & More Client-Side

We're running a Christmas giveaway! Also, here's another heavy client-side issue waiting for you.

Vitor Falcao

High Signal #04: Google Antigravity & React Deep Dive

Dec 2, 2025

•

3 min read

High Signal #04: Google Antigravity & React Deep Dive

Google's Antigravity vulnerabilities, a dive into React internals for bugs, and Chrome exploitation.

Vitor Falcao

High Signal #03: Is prompt injection a vulnerability?

Nov 26, 2025

•

2 min read

High Signal #03: Is prompt injection a vulnerability?

In today's issue, we explore whether prompt injections are a real vulnerability and pop some universal XSS on an AI browser.

Vitor Falcao

Nov 24, 2025

•

3 min read

High Signal #02

We have more AI hacking, which is great for expanding our view of this new attack surface, but hey, we also have good old SQL injection today! Yeah, SQLi is not dead.

Vitor Falcao

Nov 21, 2025

•

4 min read

High Signal #01

Client-side hacking via postMessage, the AssetNote team discovering another pre-auth RCE, and Gemini exploits.

Vitor Falcao