{"id":34693,"date":"2020-04-29T15:28:19","date_gmt":"2020-04-29T15:28:19","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/31160\/GitLab-Awards-Researcher-20-000-For-Remote-Code-Execution-Bug.html"},"modified":"2020-04-29T15:28:19","modified_gmt":"2020-04-29T15:28:19","slug":"gitlab-awards-researcher-20000-for-remote-code-execution-bug","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\/","title":{"rendered":"GitLab Awards Researcher $20,000 For Remote Code Execution Bug"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/zdnet1.cbsistatic.com\/hub\/i\/r\/2020\/04\/29\/7eba53a1-8104-457d-b3c3-b37bc1184f4b\/thumbnail\/770x578\/899f3826f2cb14d9f43d3537c3180950\/code.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>GitLab has awarded a cybersecurity researcher $20,000 for reporting a serious remote code execution vulnerability on the platform.<\/p>\n<p>Discovered by William &#8220;vakzz&#8221; Bowling, a programmer and bug bounty hunter, the vulnerability was <a href=\"https:\/\/hackerone.com\/reports\/827052\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">privately disclosed<\/a> through the HackerOne bug bounty platform on March 23.<\/p>\n<p>Bowling said that GitLab&#8217;s UploadsRewriter function, used to copy files, was the source of the critical security issue.&nbsp;<\/p>\n<p><strong>See also:&nbsp;<\/strong><a href=\"https:\/\/www.zdnet.com\/article\/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug\/\" target=\"_blank\" rel=\"noopener noreferrer\">This is how viewing a GIF in Microsoft Teams triggered account hijacking bug<\/a><\/p>\n<p>The function should check file names and paths when issues were copied across projects. However, there were no validation checks in place, leading to a path traversal problem that could be exploited to copy any file.&nbsp;<\/p>\n<p>According to the bug bounty hunter, if exploited by an attacker, the vulnerability could be weaponized to &#8220;read arbitrary files on the server, including tokens, private data, [and] configs.&#8221;<\/p>\n<p>GitLab instances and the GitLab.com domain were affected by the vulnerability, awarded a critical rating on HackerOne.&nbsp;<\/p>\n<section class=\"sharethrough-top\" data-component=\"medusaContentRecommendation\" data-medusa-content-recommendation-options=\"{&quot;promo&quot;:&quot;promo_zd_recommendation_sharethrough_top_in_article_desktop&quot;,&quot;spot&quot;:&quot;dfp-in-article&quot;}\">\n<\/section>\n<p>On the same day as disclosure, the GitLab security team decided to award Bowling a $1,000 reward while triage took place.&nbsp;<\/p>\n<p>As triage was underway, Bowling added that the issue could be turned into a remote code execution (RCE) attack by using the arbitrary file read bug to grab information from the GitLab secret_key_base service. If an attacker changed their own instance secret_key_base to match a project, cookie services could also be manipulated to trigger RCE.&nbsp;<\/p>\n<p><strong>CNET:&nbsp;<\/strong><a href=\"https:\/\/www.cnet.com\/how-to\/coronavirus-stimulus-scams-are-here-how-to-identify-these-new-online-and-text-attacks\/?ftag=CMG-01-10aaa1b\" target=\"_blank\" rel=\"noopener noreferrer\" data-component=\"externalLink\">Coronavirus stimulus scams are here. How to identify these new online and text attacks<\/a><\/p>\n<p>The vulnerability was sent to GitLab&#8217;s engineering team who reproduced the problem. While the team noted that an attacker would need to be at a project member &#8212; at a minimum &#8212; to exploit the vulnerability, they could also simply &#8220;create their own project\/group to do this,&#8221; <a href=\"https:\/\/gitlab.com\/gitlab-org\/gitlab\/-\/issues\/212175\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">according to<\/a> Heinrich Lee Yu, a&nbsp; senior engineer at GitLab.&nbsp;<\/p>\n<p><strong>TechRepublic:&nbsp;<\/strong><a href=\"https:\/\/www.techrepublic.com\/article\/cybersecurity-professionals-are-being-repurposed-during-covid-19-pandemic\/?ftag=CMG-01-10aaa1b\" target=\"_blank\" rel=\"noopener noreferrer\" data-component=\"externalLink\">Cybersecurity professionals are being repurposed during COVID-19 pandemic<\/a><\/p>\n<p>The vulnerability has now been resolved in GitLab version 12.9.1, with the researcher&#8217;s full bounty awarded on March 27. The public report was released on April 27.<\/p>\n<p>Four months ago, the same researcher <a href=\"https:\/\/hackerone.com\/reports\/658013\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">disclosed a bug<\/a> in GitLab&#8217;s Search API which allowed additional flags to be injected into the git command, potentially leading to the creation of crafted keys, remote access, and code execution. GitLab acknowledged the problem and awarded Bowling $12,000 for the critical bug report.&nbsp;<\/p>\n<p>&#8220;We&#8217;re thankful for security reporters like vakzz who responsibly disclose vulnerabilities through our bug bounty program,&#8221; Johnathan Hunt, VP of Security at GitLab told ZDNet. &#8220;Once disclosed to the GitLab Security Team, this specific bug was quickly remediated and made public 30 days after the patch is released.&#8221;<\/p>\n<h3>Previous and related coverage<\/h3>\n<hr>\n<p><strong>Have a tip?<\/strong> Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0<\/p>\n<hr>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/31160\/GitLab-Awards-Researcher-20-000-For-Remote-Code-Execution-Bug.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":34694,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[3967],"class_list":["post-34693","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackerflawpatch"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>GitLab Awards Researcher $20,000 For Remote Code Execution Bug 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"GitLab Awards Researcher $20,000 For Remote Code Execution Bug 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-04-29T15:28:19+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/gitlab-awards-researcher-20000-for-remote-code-execution-bug.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"770\" \/>\n\t<meta property=\"og:image:height\" content=\"578\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"GitLab Awards Researcher $20,000 For Remote Code Execution Bug\",\"datePublished\":\"2020-04-29T15:28:19+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\\\/\"},\"wordCount\":485,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/gitlab-awards-researcher-20000-for-remote-code-execution-bug.jpg\",\"keywords\":[\"headline,hacker,flaw,patch\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\\\/\",\"name\":\"GitLab Awards Researcher $20,000 For Remote Code Execution Bug 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/gitlab-awards-researcher-20000-for-remote-code-execution-bug.jpg\",\"datePublished\":\"2020-04-29T15:28:19+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/gitlab-awards-researcher-20000-for-remote-code-execution-bug.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/gitlab-awards-researcher-20000-for-remote-code-execution-bug.jpg\",\"width\":770,\"height\":578},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,flaw,patch\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackerflawpatch\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"GitLab Awards Researcher $20,000 For Remote Code Execution Bug\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"GitLab Awards Researcher $20,000 For Remote Code Execution Bug 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\/","og_locale":"en_US","og_type":"article","og_title":"GitLab Awards Researcher $20,000 For Remote Code Execution Bug 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-04-29T15:28:19+00:00","og_image":[{"width":770,"height":578,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/gitlab-awards-researcher-20000-for-remote-code-execution-bug.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"GitLab Awards Researcher $20,000 For Remote Code Execution Bug","datePublished":"2020-04-29T15:28:19+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\/"},"wordCount":485,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/gitlab-awards-researcher-20000-for-remote-code-execution-bug.jpg","keywords":["headline,hacker,flaw,patch"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\/","url":"https:\/\/www.threatshub.org\/blog\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\/","name":"GitLab Awards Researcher $20,000 For Remote Code Execution Bug 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/gitlab-awards-researcher-20000-for-remote-code-execution-bug.jpg","datePublished":"2020-04-29T15:28:19+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/gitlab-awards-researcher-20000-for-remote-code-execution-bug.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/gitlab-awards-researcher-20000-for-remote-code-execution-bug.jpg","width":770,"height":578},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/gitlab-awards-researcher-20000-for-remote-code-execution-bug\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,flaw,patch","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerflawpatch\/"},{"@type":"ListItem","position":3,"name":"GitLab Awards Researcher $20,000 For Remote Code Execution Bug"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/34693","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=34693"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/34693\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/34694"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=34693"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=34693"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=34693"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}