(alexschapiro.com)

560 points bearsyankees | 1 comments | 12 May 25 16:39 UTC | HN request time: 0.205s | source

Show context

voytec ◴[12 May 25 18:08 UTC] No.43965908[source]▶

I'm flagging this submission. Look at the author[0], at the "Georgetown students..." (won't backlink again) post linked below stating that Cerca was 2 months old in April, and OP's post from April stating that they hacked this thing two months earlier.

It's some self-promo or whatever scheme/scam bullshit.

[0] https://news.ycombinator.com/from?site=alexschapiro.com

replies(2): >>43965937 #>>43966205 #

bearsyankees ◴[12 May 25 18:11 UTC] No.43965937[source]▶

>>43965908 #

Hi author here! Not exactly sure what you are talking about — I think I found this vulnerability pretty close to when the app first went public but not sure why that makes it a scam

And I posted this blog because I think people will find it interesting!

Happy to answer any other questions when I get back to my computer :)

replies(1): >>43966036 #

1. bearsyankees ◴[12 May 25 18:21 UTC] No.43966036[source]▶

>>43965937 #

(Also more info here: https://yaledailynews.com/blog/2025/04/24/yale-student-expos...)

↑

I hacked a dating app (and how not to treat a security researcher)