This tweet mentions that Vercel paid $750k USD within 24 hours for a WAF bypass. It highlights how bypassing a Web Application Firewall (WAF) used to be a very challenging and time-consuming task in the Web2 security era. However, with the advancement of AI, the difficulty of bypassing WAFs has significantly changed and likely reduced, making such bypasses easier and faster to discover and exploit. Unfortunately, the tweet does not provide specific technical details or payloads used for the bypass. Nonetheless, it underscores the increasing impact of AI on cybersecurity vulnerabilities and the importance for vendors like Vercel to continuously strengthen their WAF protections against new and evolving threats.
For more details, check out the original tweet here: https://twitter.com/PiyushShukla__/status/1998301139297796503