30 September 2020 Show Notes 46 - Instagram Hacks, Half-life 1 Exploits, and Gaslighting Android 00:00:50 Windows XP Source Leak Additional Links: https://twitter.com/vxunderground/status/1309231131313737735 https://twitter.com/dangeredwolf/status/1310067935902343170 00:12:49 "I'm not a fan of critical bugs" - First Bug Bounty Millionaire 00:28:01 API Keys leaked via Solana BBP github repo 00:36:34 Exploiting Tiny Tiny RSS 00:45:28 HackerOne Reflected XSS 00:50:37 Steam Arbitrary File Overwrite 00:55:23 Half-Life 1 Code Execution with malformed map name 00:59:09 uTorrent Vulnerability [CVE-2020-8437] Additional Links: https://raw.githubusercontent.com/guywhataguy/uTorrent-CVE-2020-8437/master/malicious.torrent 01:09:26 $25K Instagram Almost XSS Filter Link 01:14:57 #Instagram_RCE 01:26:44 Kernel exploitation: weaponizing [CVE-2020-17382] 01:34:07 Bypass Android MDM 01:41:17 XSS without arbitrary JavaScript 01:48:40 security things in Linux v5.7 01:56:48 Code Review 101