-
The past few years we’ve been hearing on and on about this idea that basically all of our jobs are going to be replaced by AI. If you work with code, do software engineering, or work in cybersecurity, this will…
-
On The Current AI Hype
If someone asks me what I think of the current AI hype, I should probably send him a link to this post. https://malwaretech.com/2025/08/every-reason-why-i-hate-ai.html “The reason I’m not diving head first into everything AI isn’t because I fear it or don’t…
-
LFI/RFI via Email on a Healthcare Platform
A while ago I was pentesting a known healthcare platform. They allow you to login, access your medical records, download your studies, get appointments with different doctors, and so on, all managed from a profile in their systems. In one…
-
One-Click Account Takeover: From XSS to Session Token Exfiltration
On a recent pentest I was able to chain an Open Redirect + XSS to exfiltrate session tokens, only needing for a user to click on a link. Open Redirect on redirectUrl While browsing the site, I noticed that the…
-
Week in Review – #24
To revive the blog I will begin a Week in Review series, where I write some notes about my previous week doing bug bounty work, with some ideas, notes and reflections of the process and what I’ve done. I used to do…
-
Subscribe
Subscribed
Already have a WordPress.com account? Log in now.
Lautaro Colombo 