Bug-Bounty 3 From a Sanitized Name Field to One-Click Account Takeover May 25, 2026 Deanonymizing Users at Scale: When Blocking Becomes an Oracle Nov 18, 2025 Cache Deception + CSPT: Turning Non Impactful Findings into Account Takeover Aug 18, 2025