Our guest blogger and Detectify Crowdsource hacker Evgeny Morozov explains how he bypassed Detectify’s domain control verification by using DNS response spoofing.

Our guest blogger and Detectify Crowdsource hacker ak1t4 explains how he discovered and reported a persistent XSS vulnerability on Teamtailor that affected thousands of career sites – including Detectify’s external career site. Teamtailor patched the vulnerability within one day after the issue had been reported.