Saving Bug Bounty Programs + AMPScript, tessl & GPT-5.5 (Ep. 174)

Episode 174: In this episode of Critical Thinking - Bug Bounty Podcast we follow up from last episode with some advice for bug bounty platforms platforms, as well as cover a slew of writeups from Searchlight Cyber, watchTowr, and Starstrike. Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any feedback here: [email protected] Shoutout to https://twitter.com/realytcracker for the awesome intro music! ====== Links ====== Follow your hosts Rhynorater, rez0 and gr3pme on X: https://x.com/Rhynorater https://x.com/rez0__ https://x.com/gr3pme Critical Research Lab: https://lab.ctbb.show/ Need a Pentest? We just launched CTBB Pentests! https://pentest.ctbb.show/ Hack full time? Check out the Full-Time Hunter’s Guild! https://ctbb.show/fthg ====== Ways to Support CTBBPodcast ====== Hop on the CTBB Discord at https://ctbb.show/discord! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. You can also find some hacker swag at https://ctbb.show/merch! ====== This Week in Bug Bounty ====== COST, AI frontier models and more: A measured take on the future of security testing https://www.yeswehack.com/security-best-practices/cost-mythos-future-security-testing Common AI misconceptions debugged! https://www.intigriti.com/blog/business-insights/common-misconceptions-debugged#trend-3-validity-ratios-remain-constant-ai-slop-isnt-rising-as-a-proportion BountySync + Social https://luma.com/bountysync_social ====== Resources ====== Ghosts of Encryption Past https://slcyber.io/research-center/ghosts-of-encryption-past-salesforce-exacttarget/ tessl Skill Optimizer https://tessl.io/registry/tessl/skill-optimizer/0.8.0 The Internet Is Falling Down, Falling Down, Falling Down https://labs.watchtowr.com/the-internet-is-falling-down-falling-down-falling-down-cpanel-whm-authentication-bypass-cve-2026-41940/ High Fidelity Check for the cPanel Authentication Bypass https://slcyber.io/research-center/high-fidelity-check-for-the-cpanel-authentication-bypass-cve-2026-41940/ Achieving Deterministic Prompt Injection Through Client-Side Feedback Loops https://blog.starstrike.ai/posts/achieving-deterministic-prompt-injection-through-client-side-feedback-loops/ GPT-5.5: Mythos-Like Hacking, Open To All https://xbow.com/blog/mythos-like-hacking-open-to-all Remote Command Execution in Google Cloud with Single Directory Deletion https://flatt.tech/research/posts/remote-command-execution-in-google-cloud-with-single-directory-deletion/ ====== Timestamps ====== (00:00:00) Introduction (00:09:20) AMPScript (00:25:10) Tessl Skill Optimizer (00:33:07) cPanel & WHM Authentication Bypass (00:40:46) Advice for Bug Bounty Programs (00:50:07) Prompt Injection Through Client-Side Feedback Loops (00:54:37) GPT 5.5 (01:01:00) Remote Command Execution in Google Cloud