Episode 174: Saving Bug Bounty Programs + AMPScript, tessl & GPT-5.5

Episode 174: In this episode of Critical Thinking - Bug Bounty Podcast we follow up from last episode with some advice for BB platforms, as well as cover a slew of writeups from Searchlight Cyber, watchTowr, and Starstrike.

Follow us on twitter at: https://x.com/ctbbpodcast

Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

====== Links ======

Follow your hosts Rhynorater, rez0 and gr3pme on X:

https://x.com/Rhynorater

https://x.com/rez0__

https://x.com/gr3pme

Critical Research Lab:

https://lab.ctbb.show/

====== Ways to Support CTBBPodcast ======

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

You can also find some hacker swag at https://ctbb.show/merch!

Need a Pentest? We just launched CTBB Pentests!

https://pentest.ctbb.show/

Hack full time? Check out the Full-Time Hunter’s Guild!

https://ctbb.show/fthg

====== This Week in Bug Bounty ======

COST, AI frontier models and more: A measured take on the future of security testing

https://www.yeswehack.com/security-best-practices/cost-mythos-future-security-testing

Common AI misconceptions debugged!

https://www.intigriti.com/blog/business-insights/common-misconceptions-debugged#trend-3-validity-ratios-remain-constant-ai-slop-isnt-rising-as-a-proportion

BountySync + Social

https://luma.com/bountysync_social

====== Resources ======

Ghosts of Encryption Past

https://slcyber.io/research-center/ghosts-of-encryption-past-salesforce-exacttarget/

tessl Skill Optimizer

https://tessl.io/registry/tessl/skill-optimizer/0.8.0

The Internet Is Falling Down, Falling Down, Falling Down

https://labs.watchtowr.com/the-internet-is-falling-down-falling-down-falling-down-cpanel-whm-authentication-bypass-cve-2026-41940/

High Fidelity Check for the cPanel Authentication Bypass

https://slcyber.io/research-center/high-fidelity-check-for-the-cpanel-authentication-bypass-cve-2026-41940/

Achieving Deterministic Prompt Injection Through Client-Side Feedback Loops

https://blog.starstrike.ai/posts/achieving-deterministic-prompt-injection-through-client-side-feedback-loops/

GPT-5.5: Mythos-Like Hacking, Open To All

https://xbow.com/blog/mythos-like-hacking-open-to-all

Remote Command Execution in Google Cloud with Single Directory Deletion

https://flatt.tech/research/posts/remote-command-execution-in-google-cloud-with-single-directory-deletion/?utm_source=bugbountydaily.com&utm_medium=referral

====== Timestamps ======

(00:00:00) Introduction

(00:09:20) AMPScript

(00:25:10) Tessl Skill Optimizer

(00:33:07) cPanel & WHM Authentication Bypass

(00:40:46) Advice for Bug Bounty Programs

(00:50:07) Prompt Injection Through Client-Side Feedback Loops

(00:54:37) GPT 5.5

(01:01:00) Remote Command Execution in Google Cloud