Speakers

• morioka12 (⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@scgajge12⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠)
• mokusou (⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@Mokusou4⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠)
• RyotaK (⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@ryotkak⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠)

Summary (Linkのみ)

• [大テーマ] 最近の取り組みについて
• Meta Bug Bounty scope
• ⁠https://bugbounty.meta.com/scope/⁠
• https://x.com/NahamSec/status/1873779040693231680
• Clone2Leak: Your Git Credentials Belong To Us
• https://flatt.tech/research/posts/clone2leak-your-git-credentials-belong-to-us/
• https://github.com/git/git/security/advisories/GHSA-2hvf-7c8p-28fx
• https://github.com/gogs/gogs
• https://github.com/go-gitea/gitea
• DUMANGキーボード 再配置可能なマグネット付きメカニカルキーボード
• https://akizukidenshi.com/catalog/g/g114963/
• [中テーマ] トレンドの出来事や脆弱性についてなど
• Wiz Research Uncovers Exposed DeepSeek Database Leaking Sensitive Information, Including Chat History
• https://www.wiz.io/blog/wiz-research-uncovers-exposed-deepseek-database-leak
• Attacks on Maven proxy repositories
• https://github.blog/security/vulnerability-research/attacks-on-maven-proxy-repositories/
• Stealing HttpOnly cookies with the cookie sandwich technique
• https://portswigger.net/research/stealing-httponly-cookies-with-the-cookie-sandwich-technique
• WorstFit: Unveiling Hidden Transformers in Windows ANSI!
• https://blog.orange.tw/posts/2025-01-worstfit-unveiling-hidden-transformers-in-windows-ansi/
• Pwn2Own Automotive 2025
• https://x.com/thezdi/status/1882694954415439915
• https://x.com/SinSinology
• DoubleClickjacking: A New Era of UI Redressing
• https://www.paulosyibelo.com/2024/12/doubleclickjacking-what.html
• Hacking Subaru: Tracking and Controlling Cars via the STARLINK Admin Panel
• https://samcurry.net/hacking-subaru
• [Q&A] なし

Web Page

• ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bugbountyjppodcast.notion.site/Bug-Bounty-JP-Podcast-8bf1080383a54c4a8848f10bfeb874b3?pvs=4⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

Survery

• ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://forms.gle/wkr2jkc3m9o8NhPk7⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

BBJP_Podcast で話して欲しいテーマや聞きたいことなどを Google Form で募集しています。

感想も X(Twitter)でハッシュタグ「#BBJP_Podcast」や Google Formでいただけると嬉しいです。