November 22, 2021
Sayooj B Kumar discovered a prototype pollution bug inside the config-handler, which is a Node package and at ssrf-agent. Both were awarded a CVE (Common Vulnerabilities and Exposures) for the discoveries.
#13 @ Volga 21 World Finals
September 16, 2021
bi0s qualified and were invited for the Volga 2021 world finals at Russia. Volga is a high-profile, international jeopardy-styled CTF conducted by a group of IT enthusiasts based in Samara, Russia. Our members Jaswanth Bommidi, Pranjal Singh and Sourag K flew to Russia and participated in the contest, and emerged 13th worldwide.
September 08, 2021
Yadhu Krishna M discovered a high severity bug in SQLite-Web, where the dashboard area allows sensitive actions to be performed without validating that the request originated from the application.
Simran Kathpalia got selected for Google Summer of Code 2021 with FreeBSD, and worked on a project with a goal to 'enhance syzkaller support for FreeBSD'.
Ashwin C got selected for Google Summer of Code 2021 with Rizin, and worked on a project titled - 'Support for CPU and Platform Profiles'.
Vishnu Madhav got selected for Google Summer of Code 2021 with GNU GCC, and worked on a project to 'Make Cp-demangler non recursive'.
Pranjal Singh got selected for Google Summer of Code 2021 with The Honeynet Project, for the Xen project.
March 10, 2021
Yaswant (@az3z3l) found a high severity vulnerability at GitLab where an attacker couldbypass the existing CSRF check on the GraphQL endpoint, and bounty of 3370 USD was awarded.