New Missions & Initiatives

Thumbnail


Hello everyone,

It's been a long time since the last time I posted, I was busy with HackFest CTF as I was designing some CTFs and also with studies at Fanshawe College.

My team and I have been busy submitting vulnerabilities and recruiting fresh talent, one of our newest recruits from Pakistan (KhanMarshai) was credited with over 8 CVEs in just one month. This is just another proof that our CVE Hunting Guide is not like those paid tutorials or courses you see popping up, our teachings are based on real-world experience and so they work. The results are out there, just ask our new recruits. 

Besides that, I have been thinking about launching two new missions under Delta Obscura: 

  1. Mission Vector Zero: High impact vulnerability research targeting widely used apps, 250K digital assets/users or more
  2. Cyber Diplomat Initiative: Identifying & reporting 2+ vulnerabilities affecting top 2+ open-source products in 100+ countries  

 

Mission Vector Zero

This mission is focused on identifying any vulnerabilities on 30+ targets with CVSS v3 score of 6.0 or higher on apps that impact 250,000 digital assets/users or more. So far, we have identified & reported only one vulnerability that meets this criteria to Trend Micro's ZDI, this mission hasn't officially started yet but as soon as we get credited with our first CVE or vulnerability acknowledgement, we will announce it. 

Unlike Mission Cyber Sentinel, Vector Zero also also allows our members to target not just open-source software but also closed source software or bug bounty programs. Members are not limited to only web apps, they can also target hardware and binaries.

 

Cyber Diplomat Initiative

This initiative is about showing how we can work with security professionals and developers from over 100+ countries, the reason it's called "Cyber Diplomat" is because we intend to target software, mostly open-source from over 100+ countries, work with people from those regions and build long-term relationships. 

We will identify top 10 open-source software in every country and then pick 2 of them for vulnerability assessment and identify at least one high severity vulnerability in each software. 

The severity of these findings must be high, medium or low are not eligible. We will cover every region of the world, and some of the previously reported vulnerabilities by us will also be considered as part of the initiative as long as they meet the requirements. 

 

Tomorrow (Oct 16th), I will be attending HackFest event in Quebec City, if you are around, come and say hi. 

Posted on: October 15, 2025 04:33 AM