Bugcrowd

CVE-2025-55182: What you need to know about React2Shell | @Bugcrowd On December 3, 2025, the React Team disclosed a critical remote code execution (RCE) vulnerability affecting React Server Components, commonly used in modern Next.js deployments. An unauthenticated at...

Early signs show meaningful exposure across monitored environments. Read Michael's update and watch the Security Flash for next steps.

📝 www.bugcrowd.com/blog/cve-202...

A critical RCE vulnerability (CVE-2025-55182) in React Server Components was disclosed on December 3.

Bugcrowd has activated its zero-day workflow, formed a dedicated triage group, and is validating submissions.

@cje.io joined the judging panel at the Monterey #Cyber912 Strategy Challenge, hosted by the @cyberstatecraft.bsky.social, where student teams navigated a simulated crypto crisis gone global 😱🌏

It’s one thing to talk cyber policy, another to test it under fire. Congrats to the teams who did both 👏

Second Prize 🥈
- 1x Akihabara Fukubukuro
- 4x Swag kits from @bugcrowd.com
- 4x Sponsor jackets

First Prize 🥇
- 4x All-expenses paid tickets to Meta Bug Bounty Researcher Conference 2026
- 4x Meta Quest devices sponsored by Meta
- 4x Pro Tech Tool kits sponsored by @ifixit.com
- 4x #Swag kits from @bugcrowd.com
- 1x #Akihabara Fukubukuro (gift bags)
- 1x The very first TenguCon Black Badge

🎙️In the latest episode of ConversingLabs #Podcast, @bugcrowd.com founder @cje.io discusses AI's impact on vulnerability management: bit.ly/43O0vnx

🥳

3, 2, 1... The wait’s officially over. Bugcrowd is thrilled to announce the acquisition of Mayhem Security!

This marks a strategic investment in the power of combining human ingenuity with AI.

See how we’re building the industry’s first adaptive security platform: www.bugcrowd.com/blog/bugcrow...

🚨📊 Cancel that next meeting. Your most valuable download of the year is here.

The 2025 Inside the Mind of a CISO Report unpacks data from CISOs worldwide to spotlight priorities, pressures, and plans.

For once, reading minds is easy. Grab your copy today: www.bugcrowd.com/resources/re...

Welcome Umesh Shankar to the Bugcrowd Advisory Board | @Bugcrowd Bugcrowd is delighted to announce that Umesh Shankar, Corporate Vice President of Data, Privacy & Security Engineering at Microsoft AI, has joined our Board of Advisors. Shankar’s extensive experience...

A pioneer in data security, AI, and privacy engineering, Umesh’s leadership will help shape our vision as we continue to empower defenders through collaboration and #innovation. 📈

Learn more: www.bugcrowd.com/blog/welcome...

We’re delighted to welcome Umesh Shankar, Corporate VP of Data, Privacy & Security Engineering at Microsoft AI, to Bugcrowd’s Advisory Board! 😎

🍻 Cheers to another successful run at the Security & Risk Management Conference!

What a week! Till next time... thank you Gartner! 🙌

#Bugcrowd #IngenuityUnleashed #GartnerSEC

No compromises on security. We're actively finding problems before they become yours. That's the power of Bugcrowd. 🔌

Book your next power move: ww1.bugcrowd.com/ultimate-sec...

Another week, another Bugcrowd booth to park at 🛑🚖

We had a great first day at Gartner Security & Risk Management Summit chatting about security, strategy, and all things crowdsourced.

Swing by booth 254, we’ll be back at it tomorrow. 🌇

Still reminiscing on last week at Infosecurity Europe 🇬🇧🫶

Nothing beats meeting the community face-to-face and seeing how fast people can spot free swag. 🏃

Already counting down to next year!

🤯 Bugcrowd’s new AI-powered Engagement Simulator is here!

You asked for smarter planning, and now we’re the 𝒐𝒏𝒍𝒚 platform that uses AI to help you estimate submission volume, reward costs, and ROI before you launch.

Take the guesswork out of your security strategy→ www.bugcrowd.com/blog/introdu...

Stockholm, we’re coming for ya! 🇸🇪

If you’re going to Grand IT Security on May 20, come find us 👋

#Bugcrowd’s Gareth, Veera, and Vas will be there ready to talk about security that actually works.

>>> granditsecurity.com

Dave Gerry Meet Dave Gerry, the CEO of Bugcrowd, with extensive experience in cybersecurity and leadership roles in major companies.

From growing companies to staying a step ahead of cyber threats, Dave Gerry has seen it all.

Our CEO sat down with Coruzant Technologies to talk about what it really takes to lead in cybersecurity today. Spoiler: it’s not just about the technology.

🎧 Tune in: coruzant.com/profiles/dav...

Lots of #hackers at #gisec2025 coming thank us at @bugcrowd.com Feels so amazing helping out people to make a living, and at the same time protecting our cyber world #grateful

Day 1 at GISEC Global kinda zoomed by 💨

We’ll be hanging around hall 4, stand F20 again tomorrow. Come say hey! 👋

RSA Conference 2025 Major Announcements - Cybersecurity88 Discover the 10 of the most impactful announcements made on the first day of RSA conference 2025 by cybersecurity companies.

Coming in at #4, it's your favorite #crowdsourced security platform...

US! 🎉

We're honored to make the list with our new offering, Red Team as a Service (RTaaS). Find the #Bugcrowd team at booth 4325 👋

🧡 Thank you, CyberSecurity88: cybersecurity88.com/conferences/...

🪄 And just like that…

OUR BRAND NEW OFFERING IS HERE: Red Teaming as a Service ‼️

Bugcrowd RTaaS is built to simulate real-world threats, fast.
🎮 Think like real attackers
🔍 Find the real issues & fix what matters
🧩 Tailored to your stack
🚨 Available now: www.bugcrowd.com/blog/introdu...

New platform capability: Automate retesting using AI-generated Nuclei templates | @Bugcrowd At Bugcrowd, we’re always looking for ways to make validated vulnerability intelligence more actionable. Today, we’re excited to introduce a new platform capability: the ability to automatically creat...

‪📢 Bugcrowd customers: You can now request AI-generated Nuclei templates based on triaged submissions to validate fixes across your assets.

With AI doing the heavy lifting, this capability is free, fast, and designed to make retesting easier.

More details >> www.bugcrowd.com/blog/new-pla...

GlobalDots adds Bugcrowd Platform to Cloud Services Portfolio | Bugcrowd Cloud performance and optimisation leader cites rising customer demand for continuous pentesting   April 16, 2025 — Bugcrowd, the leader in crowdsourced security, today announced an alliance with Glob...

🗣️ GlobalDots is now offering #Bugcrowd’s full suite of security solutions to 350+ global clients!

If you’re in the cloud space, this means faster access to crowdsourced testing built for today’s dynamic attack surface. 📈

📢 Learn more >>> www.bugcrowd.com/press-releas...

"Push harder than you think you should when something is very close to being exploitable. There is often a way."

PREACH IT @rhynorater!!! www.bugcrowd.com/blog/hacker-...

Hey, we know that guy! Catch Dreadnode's @radads.bsky.social on NASDAQ #TradeTalks alongside @bugcrowd.com CEO
@davegerryjr.bsky.social and NFL CISO @tomasmald.bsky.social.

Tune in for a candid conversation on the intersection of AI and cybersecurity: www.nasdaq.com/videos/ever-...

We’re taking extra steps to help you as hackers keep your accounts secure!

Starting today, if you don’t have multi-factor authentication (MFA) enabled, you’ll need to update your password and turn on MFA at your next login.

Already have MFA? You’re good to go. Happy hunting! 🐞

W🤯ah!

Hackers are in the spotlight at Times Square. Now 𝙩𝙝𝙖𝙩’𝙨 something worth celebrating!

The Crowd seriously deserves more love, and getting them up in lights? That’s the kind of moment we live for. This spotlight is YOURS. 👏✨

Huge thanks to our friends at Nasdaq! 🎉

#AI & #cybersecurity... hot topic, eh? 🔥

Thank you to Niresh S. and Gonzalo Ghezzi from Xero for joining #Bugcrowd's Eu Joe Chegne and Kent Wilson, and discussing their perspectives on effectively #pentesting and safeguarding #LLM and AI in a fast-changing environment. 👏👏