{"posts":[{"_id":"7cb11263-4494-4bde-a2f9-14fbff8d01a1","authors":[{"_id":"35f7b68d-61b3-409e-9bbb-8523a9e183ef","avatar":{"alt":"HackenProof Ecosystem","asset":{"_id":"image-9febb01620e2b4ef4f1fdf2586b04162cd37502e-400x400-png","height":400,"url":"https://cdn.sanity.io/images/vu6c6tah/blog-data-prod/9febb01620e2b4ef4f1fdf2586b04162cd37502e-400x400.png","width":400},"caption":null,"crop":null,"hotspot":null},"name":"HackenProof Ecosystem","role":null,"slug":"hknprf_developer","socialLinks":[]}],"categories":[{"_id":"cc822f9e-3648-4812-920d-6bbfe798d9cc","description":"","name":"For Business","slug":"for-business"}],"excerpt":"The Challenge of Growing JavaScript Applications","featuredImage":{"alt":"demo","asset":{"_id":"image-56219bf69f9e0ecbc43fc8ecac5c3841515fd0b1-1400x1050-jpg","height":1050,"url":"https://cdn.sanity.io/images/vu6c6tah/blog-data-prod/56219bf69f9e0ecbc43fc8ecac5c3841515fd0b1-1400x1050.jpg","width":1400},"caption":null,"crop":null,"hotspot":null},"primaryCategory":{"_id":"cc822f9e-3648-4812-920d-6bbfe798d9cc","name":"For Business","slug":"for-business"},"publishedAt":"2026-06-05T10:07:24.260Z","slug":"the-challenge-of-growing-javascript-applications","tags":[{"_id":"299970d0-b86f-4c51-bf5f-4d91b3a5adb7","description":"","name":"Bug bounty platform","slug":"bug-bounty-platform"}],"title":"The Challenge of Growing JavaScript Applications","updatedAt":"2026-06-05T10:07:24.260Z"},{"_id":"b67c72cf-c28e-43be-8c6e-f1cd0b5f356d","authors":[{"_id":"5e69520e-19ec-4853-9a92-fdc4ed6194aa","avatar":{"alt":"Anna Drahalina","asset":{"_id":"image-d8a8af5ddd8e72446319e464e8123b1a7885eec8-640x576-jpg","height":576,"url":"https://cdn.sanity.io/images/vu6c6tah/blog-data-prod/d8a8af5ddd8e72446319e464e8123b1a7885eec8-640x576.jpg","width":640},"caption":null,"crop":null,"hotspot":null},"name":"Anna Drahalina","role":"Marketing Specialist ","slug":"anna_drahalina","socialLinks":[]}],"categories":[{"_id":"23e7389b-3a9e-4245-aa91-bec2ffccda4a","description":"","name":"Bug Bounty News","slug":"bug-bounty-news"}],"excerpt":"Below is a snapshot of how May unfolded for the platform and the community.","featuredImage":{"alt":"HackenProof Monthly Recap May 2026","asset":{"_id":"image-a3f1867bc93b5e980400e25eb7ff66fdbae9fb84-1024x576-jpg","height":576,"url":"https://cdn.sanity.io/images/vu6c6tah/blog-data-prod/a3f1867bc93b5e980400e25eb7ff66fdbae9fb84-1024x576.jpg","width":1024},"caption":null,"crop":null,"hotspot":null},"primaryCategory":{"_id":"23e7389b-3a9e-4245-aa91-bec2ffccda4a","name":"Bug Bounty News","slug":"bug-bounty-news"},"publishedAt":"2026-06-05T09:23:50.667Z","slug":"bug-bounty-payouts-may-2026","tags":null,"title":"HackenProof Bug Bounty Payouts Recap: May 2026","updatedAt":"2026-06-05T09:23:50.667Z"},{"_id":"c6a2109b-96e3-42fc-a50f-029d82e02423","authors":[{"_id":"d299bb6c-d9df-4488-8984-31540df619a6","avatar":null,"name":"Narrow","role":null,"slug":"narrow","socialLinks":null}],"categories":[{"_id":"3d968163-fad4-4dec-9c0d-7ebd52d545e4","description":"","name":"For Hackers","slug":"for-hackers"}],"excerpt":"Flash loans aren't the vulnerability — they're the capital source. The real flaw is always in the target protocol: a missing health check, a manipulable price oracle, or governance without a time lock. Euler Finance proved this. Fix the invariant, not the loan.","featuredImage":{"alt":"HackenProof blog cover image for a guest article titled \"Flash Loan Attack: How They Work and How to Defend Against Them.\" Author credit shown as @narrow with a profile avatar. Guest Article label in the top right corner. Dark blue background with glowing particle wave design.","asset":{"_id":"image-2286fea0457b57318998484b1c1b75b651202f69-1024x576-png","height":576,"url":"https://cdn.sanity.io/images/vu6c6tah/blog-data-prod/2286fea0457b57318998484b1c1b75b651202f69-1024x576.png","width":1024},"caption":null,"crop":null,"hotspot":null},"primaryCategory":{"_id":"3d968163-fad4-4dec-9c0d-7ebd52d545e4","name":"For Hackers","slug":"for-hackers"},"publishedAt":"2026-06-02T08:11:46.312Z","slug":"flash-loan-attack","tags":null,"title":"Flash Loan Attack: How They Work and How to Defend Against Them","updatedAt":"2026-06-05T07:44:12.532Z"},{"_id":"e1888570-bbad-442b-bfb0-4f9e004e890d","authors":[{"_id":"1bca8703-91f6-4059-83ba-dd608d7dabc0","avatar":{"alt":"G2MU","asset":{"_id":"image-9051e761bc723bc6e4bf818e868d2af6bf0b0cb1-1024x576-jpg","height":576,"url":"https://cdn.sanity.io/images/vu6c6tah/blog-data-prod/9051e761bc723bc6e4bf818e868d2af6bf0b0cb1-1024x576.jpg","width":1024},"caption":null,"crop":null,"hotspot":null},"name":"G2MU","role":"Security Analyst","slug":"g2mu","socialLinks":[{"label":"X / Twitter","url":"https://x.com/gneiss2meetu"}]}],"categories":[{"_id":"3d968163-fad4-4dec-9c0d-7ebd52d545e4","description":"","name":"For Hackers","slug":"for-hackers"}],"excerpt":"Move's VM enforces resource safety — not who can call what. This guide covers capability leaks, broken signer checks, and resource ownership failures that led to Typus Finance's $3.44M exploit, with a full audit checklist for Sui and Aptos.","featuredImage":{"alt":"HackenProof blog cover image for Part 2 of the Move Smart Contract Security Guide, authored by @gneiss2meetU.","asset":{"_id":"image-983c80baf025966fb5c55b44b74af959e021f5f1-1024x576-png","height":576,"url":"https://cdn.sanity.io/images/vu6c6tah/blog-data-prod/983c80baf025966fb5c55b44b74af959e021f5f1-1024x576.png","width":1024},"caption":null,"crop":null,"hotspot":null},"primaryCategory":{"_id":"3d968163-fad4-4dec-9c0d-7ebd52d545e4","name":"For Hackers","slug":"for-hackers"},"publishedAt":"2026-06-01T13:45:45.501Z","slug":"move-smart-contract-access-control","tags":[{"_id":"1cab0d91-52e4-4030-9467-af267ccb4dc6","description":"","name":"Smart Contract","slug":"smart-contract"},{"_id":"36c3fc02-b4f4-4715-a7b0-abce0bfff091","description":null,"name":"Move","slug":"move"},{"_id":"cf5515f3-f765-4d84-af18-0f2159597557","description":null,"name":"Aptos","slug":"aptos"},{"_id":"a4caa8c0-3547-4cc0-9d25-6827e6c9726f","description":"","name":"Bug Bounty","slug":"bug-bounty"}],"title":"Move Smart Contract Access Control: How Capabilities Leak and Authorization Fails","updatedAt":"2026-06-05T06:16:57.579Z"},{"_id":"c0da01b1-dbfc-4100-8878-bcc491ec40f3","authors":[{"_id":"1e68858a-21aa-47a6-af64-b5cbf504fb73","avatar":{"alt":"Zakaria Eddafri","asset":{"_id":"image-6ecc65370c4a22eea0f717f52351cf88632e363a-500x500-jpg","height":500,"url":"https://cdn.sanity.io/images/vu6c6tah/blog-data-prod/6ecc65370c4a22eea0f717f52351cf88632e363a-500x500.jpg","width":500},"caption":null,"crop":null,"hotspot":null},"name":"Zakaria Eddafri","role":"Bug Bounty Hunter","slug":"zakaria-eddafri","socialLinks":[{"label":"X / Twitter","url":"https://x.com/ziko29504803"}]}],"categories":[{"_id":"3d968163-fad4-4dec-9c0d-7ebd52d545e4","description":"","name":"For Hackers","slug":"for-hackers"}],"excerpt":"At HackenProof, we believe that some of the most valuable security knowledge is created inside the hacker community itself. This belief is reflected in our ongoing series of guest articles, where security researchers from our community share practical insights, practical knowledg","featuredImage":{"alt":"HackenProof guest article cover: \"From Zero Python to Building AI Agents That Hunt Bugs For You\" by Zakaria Eddafri (@GallopingMrOwl)","asset":{"_id":"image-e7f1fb41fb49be10970524f5b29e5020f3c3c37e-1024x576-png","height":576,"url":"https://cdn.sanity.io/images/vu6c6tah/blog-data-prod/e7f1fb41fb49be10970524f5b29e5020f3c3c37e-1024x576.png","width":1024},"caption":null,"crop":null,"hotspot":null},"primaryCategory":{"_id":"3d968163-fad4-4dec-9c0d-7ebd52d545e4","name":"For Hackers","slug":"for-hackers"},"publishedAt":"2026-05-11T08:48:33.000Z","slug":"build-bug-bounty-ai-agent","tags":[],"title":"From Zero Python to Building AI Agents That Hunt Bugs For You","updatedAt":"2026-05-12T07:30:10.000Z"},{"_id":"9cb2d5fd-af4d-44cb-b4db-91291be8fd60","authors":[{"_id":"5e69520e-19ec-4853-9a92-fdc4ed6194aa","avatar":{"alt":"Anna Drahalina","asset":{"_id":"image-d8a8af5ddd8e72446319e464e8123b1a7885eec8-640x576-jpg","height":576,"url":"https://cdn.sanity.io/images/vu6c6tah/blog-data-prod/d8a8af5ddd8e72446319e464e8123b1a7885eec8-640x576.jpg","width":640},"caption":null,"crop":null,"hotspot":null},"name":"Anna Drahalina","role":"Marketing Specialist ","slug":"anna_drahalina","socialLinks":[]}],"categories":[{"_id":"3d968163-fad4-4dec-9c0d-7ebd52d545e4","description":"","name":"For Hackers","slug":"for-hackers"}],"excerpt":"The previous month at HackenProof was marked by new program launches, active researcher participation, and bug bounty payouts across multiple severity levels. Below is a snapshot of how April unfolded for the platform and the community. Bug Bounty Programs Launched in April In Ap","featuredImage":{"alt":"Bug bounty payouts on HackenProof in April 2026 by severity level","asset":{"_id":"image-c88aad49326bcf516201e8fbdf8e6eb85856bacb-1024x576-jpg","height":576,"url":"https://cdn.sanity.io/images/vu6c6tah/blog-data-prod/c88aad49326bcf516201e8fbdf8e6eb85856bacb-1024x576.jpg","width":1024},"caption":null,"crop":null,"hotspot":null},"primaryCategory":{"_id":"3d968163-fad4-4dec-9c0d-7ebd52d545e4","name":"For Hackers","slug":"for-hackers"},"publishedAt":"2026-05-06T08:06:00.000Z","slug":"bug-bounty-payouts-april-2026","tags":[],"title":"HackenProof Bug Bounty Payouts Recap: April 2026","updatedAt":"2026-05-06T16:06:30.000Z"},{"_id":"87243473-5700-406d-8dd9-c06bcdc93fbf","authors":[{"_id":"0baccefb-33fc-4397-95d4-ec7839d68505","avatar":{"alt":"Flash007","asset":{"_id":"image-e78d264b4ae0da692c818da48c4c268efd3c676c-500x500-jpg","height":500,"url":"https://cdn.sanity.io/images/vu6c6tah/blog-data-prod/e78d264b4ae0da692c818da48c4c268efd3c676c-500x500.jpg","width":500},"caption":null,"crop":null,"hotspot":null},"name":"Flash007","role":"Security Researcher","slug":"flash007","socialLinks":[{"label":"GitHub","url":"https://github.com/Saintk7"}]}],"categories":[{"_id":"3d968163-fad4-4dec-9c0d-7ebd52d545e4","description":"","name":"For Hackers","slug":"for-hackers"}],"excerpt":"At HackenProof, we believe that some of the most valuable security knowledge is created inside the hacker community itself. This belief is reflected in our ongoing series of guest articles, where security researchers from our community share practical insights, practical knowledg","featuredImage":{"alt":"The Phantom Deposit: How Unvested Rewards and Empty Vaults Lead to Yield Theft in ERC4626","asset":{"_id":"image-036c0d067c1a5a29beccf9a03e3ad00cea32269c-1024x576-png","height":576,"url":"https://cdn.sanity.io/images/vu6c6tah/blog-data-prod/036c0d067c1a5a29beccf9a03e3ad00cea32269c-1024x576.png","width":1024},"caption":null,"crop":null,"hotspot":null},"primaryCategory":{"_id":"3d968163-fad4-4dec-9c0d-7ebd52d545e4","name":"For Hackers","slug":"for-hackers"},"publishedAt":"2026-04-30T14:25:58.000Z","slug":"erc4626-phantom-deposit-unvested-rewards-exploit","tags":[{"_id":"6b002382-b15c-4cf0-a855-e7619d8799d9","description":"","name":"ERC","slug":"erc"},{"_id":"cdf8fd66-cdfe-4a71-8f05-65bfa5bfa7d2","description":"","name":"Ethereum","slug":"ethereum"},{"_id":"c037cf76-7e1a-4a44-a319-53cf6a1c1c15","description":"","name":"web3 cybersecurity","slug":"web3-cybersecurity"}],"title":"The Phantom Deposit: How Unvested Rewards and Empty Vaults Lead to Yield Theft in ERC4626","updatedAt":"2026-04-30T15:30:43.000Z"},{"_id":"e082f1a9-7456-4680-b5f1-7c1ba3e60618","authors":[{"_id":"35f7b68d-61b3-409e-9bbb-8523a9e183ef","avatar":{"alt":"HackenProof Ecosystem","asset":{"_id":"image-9febb01620e2b4ef4f1fdf2586b04162cd37502e-400x400-png","height":400,"url":"https://cdn.sanity.io/images/vu6c6tah/blog-data-prod/9febb01620e2b4ef4f1fdf2586b04162cd37502e-400x400.png","width":400},"caption":null,"crop":null,"hotspot":null},"name":"HackenProof Ecosystem","role":null,"slug":"hknprf_developer","socialLinks":[]}],"categories":[{"_id":"3a6afd53-b16b-430d-9d65-0553d6283f47","description":"","name":"DualDefense","slug":"dualdefense"}],"excerpt":"HackenProof is an expert bug bounty and crowdsourced smart contract audit platform that connects companies with a global community of white hat security researchers. We help organizations strengthen their security posture by continuously identifying, validating, and prioritizing ","featuredImage":{"alt":"What is HackenProof and What Do We Do?","asset":{"_id":"image-51c2bc3e364d69ef19288290f0153571970c5806-1024x576-png","height":576,"url":"https://cdn.sanity.io/images/vu6c6tah/blog-data-prod/51c2bc3e364d69ef19288290f0153571970c5806-1024x576.png","width":1024},"caption":null,"crop":null,"hotspot":null},"primaryCategory":{"_id":"3a6afd53-b16b-430d-9d65-0553d6283f47","name":"DualDefense","slug":"dualdefense"},"publishedAt":"2026-04-29T12:07:16.000Z","slug":"what-is-hackenproof","tags":[],"title":"What is HackenProof and What Do We Do?","updatedAt":"2026-05-04T08:35:36.000Z"},{"_id":"eb9b7bf7-8f1a-45ce-9971-a39e72fa5fb7","authors":[{"_id":"36dbe246-36f8-49db-815f-65193a2575ee","avatar":{"alt":"MDVKG","asset":{"_id":"image-e9d3255c56d417fd066f14af2593c853bb3ccfd8-500x500-jpg","height":500,"url":"https://cdn.sanity.io/images/vu6c6tah/blog-data-prod/e9d3255c56d417fd066f14af2593c853bb3ccfd8-500x500.jpg","width":500},"caption":null,"crop":null,"hotspot":null},"name":"MDVKG","role":"Security Researcher","slug":"mdvkg","socialLinks":[{"label":"LinkedIn","url":"https://www.linkedin.com/in/cameronbardin/"}]}],"categories":[{"_id":"3d968163-fad4-4dec-9c0d-7ebd52d545e4","description":"","name":"For Hackers","slug":"for-hackers"}],"excerpt":"At HackenProof, we believe that some of the most valuable security knowledge is created inside the hacker community itself. This belief is reflected in our ongoing series of guest articles, where security researchers from our community share practical insights, practical knowledg","featuredImage":{"alt":"How to Chain Vulnerabilities for RCE: From Image Metadata to Complete System Compromise","asset":{"_id":"image-2aa610b3e9d35b6e329e2914e568a862fc8ed844-1024x576-png","height":576,"url":"https://cdn.sanity.io/images/vu6c6tah/blog-data-prod/2aa610b3e9d35b6e329e2914e568a862fc8ed844-1024x576.png","width":1024},"caption":null,"crop":null,"hotspot":null},"primaryCategory":{"_id":"3d968163-fad4-4dec-9c0d-7ebd52d545e4","name":"For Hackers","slug":"for-hackers"},"publishedAt":"2026-04-17T11:09:45.000Z","slug":"how-to-chain-vulnerabilities-for-rce","tags":[{"_id":"a4caa8c0-3547-4cc0-9d25-6827e6c9726f","description":"","name":"Bug Bounty","slug":"bug-bounty"},{"_id":"ff532948-7ffe-4594-9b2e-37361fcdf345","description":"","name":"hacker","slug":"hacker"}],"title":"How to Chain Vulnerabilities for RCE: From Image Metadata to Complete System Compromise","updatedAt":"2026-04-17T11:22:13.000Z"}],"total":490}