All Articles

Articles in Bug Bounty and IT Security topics.

When an exposed Google Maps key becomes an AI billing risk
July 13, 2026 · 11 min read

This article explains why an exposed Google Maps API key may become a serious billing-abuse risk when the same cloud project also has Gemini or other billable AI APIs enabled. It shows what security teams and penetration testers should check to understand the real impact behind an exposed key.

Hackrate is now ISO 27001 certified
June 30, 2026 · 5 min read

In this article, we explain why ISO 27001 matters for a bug bounty platform. We also share how it supports our work with enterprise customers looking for a European bug bounty platform with strong security governance.

Hackrate Ranked 1st in Hungary and 22nd Globally at Hack The Box’s Global Cyber Skills Benchmark 2026
May 29, 2026 · 13 min read

Hackrate achieved 1st place in Hungary, 9th in Europe, and 22nd globally at Hack The Box’s Global Cyber Skills Benchmark 2026, competing against 589 corporate teams worldwide.

CRA-ready vulnerability disclosure with Hackrate managed VDP
May 15, 2026 · 7 min read

This article looks at how organizations can start preparing their vulnerability disclosure handling for the Cyber Resilience Act, and how Hackrate managed VDP can support that work. It may be useful for teams that want a clearer, more structured way to manage external vulnerability reports.

thisclosed_#3
April 14, 2026 · 6 min read

Arbitrary File Upload via External Files Feature Allows Client-Side Remote Code Execution

ENISA NIS2 mapping makes vulnerability handling and disclosure a standalone requirement
January 26, 2026 · 5 min read

ENISA’s NIS2 technical implementation guidance treats vulnerability handling and disclosure (control 6.10) as a standalone requirement. This article explains what an assessor-grade vulnerability disclosure policy looks like in practice.

Press release: Hackrate becomes Hungary’s first CVE Numbering Authority
January 13, 2026 · 5 min read

This article explains Hackrate’s new status as Hungary’s first CVE Numbering Authority (CNA) and what that means in practice for coordinated vulnerability disclosure.

Let 2026 be the year bug bounty becomes part of how you build and operate
January 05, 2026 · 4 min read

This article explains why 2026 is the right time to make bug bounty a practical, continuous security feedback loop and how Hackrate can help you launch it with confidence.

Ministry of Regional Development of the Czech Republic Launches Public Bug Bounty Program with Hackrate
July 16, 2025 · 2 min read

The Ministry of Regional Development of the Czech Republic partners with Hackrate to launch a public bug bounty program—empowering ethical hackers to strengthen national cybersecurity and set a precedent for the European public sector.

Measuring the Success of Bug Bounty Programs: Outdated vs. Modern Approaches
March 25, 2025 · 4 min read

Shift from outdated metrics to advanced methods with Hackrate’s HackGATE to monitor the success of your Bug Bounty Programs.