Może Ci się spodobać
AI-powered malware hit 2,180 GitHub accounts in “s1ngularity” attack - @billtoulas bleepingcomputer.com/news/security/…
bleepingcomputer.com
AI-powered malware hit 2,180 GitHub accounts in “s1ngularity” attack
Investigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account tokens and repository secrets leaked.
CORNFLAKE.V3 malware spotted in an access-as-a-service operation using the ClickFix technique. 🥣 UNC5518 uses fake CAPTCHA pages for access, which UNC5774 then leverages to deploy the CORNFLAKE.V3. Learn more: bit.ly/4mZ64a3
TTMO Meetup 6'dan kareler... Sunumları için Celil Ünüver(@celilunuver), Utku Çorbacı(@rhotav), Yusuf İşlek(@_nnaci) ve Ahsen Tekdemir'e(@ahsentekd); güzel katılım için TTMO üyelerine çok teşekkürler. Sponsorlarımız: Forestall, Secrove ve Hexflow
🔥 Tersine mühendisler, 6. toplantıya koşun! Yusuf İşlek, Ahsen Tekdemir, Celil Ünüver ve Utku Çorbacı ile, 16 Ağustos, İzmir'de. RT == MOV PC, 0x41414141414141
🚨 RubyGems & PyPI under attack: 🔸 60 fake RubyGems stole social media logins (275K+ downloads) 🔸 PyPI fakes hijacked crypto staking wallets Both hide credential-stealing code in legit-looking packages. Details → thehackernews.com/2025/08/rubyge…
thehackernews.com
RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes
RubyGems and PyPI hit by credential-stealing packages targeting automation and crypto users, prompting new security rules.
''This Malicious PyPI Package Stole Ethereum Private Keys via Polygon RPC Transactions'' #infosec #pentest #redteam #blueteam thehackernews.com/2025/03/this-m…
thehackernews.com
This Malicious PyPI Package Stole Ethereum Private Keys via Polygon RPC Transactions
Malicious PyPI package set-utils steals Ethereum private keys, exfiltrating them via Polygon RPC to evade detection.
New release of pytest-examples github.com/pydantic/pytes… now supports calling a function or coroutine within the example code. I'd love to rename the package so people can actually find and use it, but I can't think of a good name that's easier to search for.
github.com
Release v0.0.14 (2024-11-15) · pydantic/pytest-examples
What's Changed Adopt uv by @samuelcolvin in #38 lint: raise timeout to avoid flakyness by @baloo in #37 support for calling a function/coroutine, e.g. main within examples by @samuelcolvin in ...
LLMs as vulnerability hunters? Yup. Our Vulnhuntr tool from @ProtectAICorp uses Claude to scan Python code for 0days. 🤯 Check out the NoHat talk for the full story from @DanHMcInerney & @byt3bl33d3r. 👇 hubs.ly/Q02Xqxkv0
youtube.com
YouTube
No Hat 2024 - M. Salvati & D. McInerney - LLMs for Vulnerability...
Say hello to the Polyglot Payload. The complete payload for the XSS Polyglot Challengev2 is now available on the xss.report platform. Source: web.archive.org/web/2019061711… Thanks @filedescriptor and crlf #xss #polyglot #polyglotxss
In collaboration with @rizasabuncu , we promptly identified and reported a vulnerability in iOS and macOS to Apple’s security team. This vulnerability had the potential to allow unauthorized access to user activities or browsing history, even when the device was in lockdown or…
🐍💥Python 3.13.0 has been released! 🎉 This is the first version with 🧵experimental GIL-free mode, an experimental JIT compiler🔧, a slick new REPL 🖌️ and many new cool features! And it's faster, smarter, and more colorful than ever! 🚀 Get it here: python.org/downloads/rele…
Can your current tools cache 10,000 SBOMs transitive dependents in 30 seconds? Minefield can.
トルコのおじさんあまりにかっこよくてスケッチしてしまった 描いてみるとあらためてわかるんですけど姿勢の美しさがすごいわ
Cloudflare’s 1.1.1.1 DNS Service Disrupted by BGP Hijacking and Route Leak securityonline.info/cloudflares-1-…
🚨Alert🚨CVE-2024-21413 Microsoft Outlook RCE Flaw POC Released 📊219.8K+ Services are found on the Hunter.how 🔗Hunter:hunter.how/list?searchVal… Dorks 👇👇👇 Hunter:product.name="Outlook Web App" FOFA: app="Microsoft-Outlook" Shodan:http.component:"outlook…
Safetest is a new UI testing library that combines Playwright, Jest/Vitest, and React for an E2E testing solution for applications and component testing. It works with multiple UI libraries and test runners and provides powerful reporting capabilities. netflixtechblog.com/introducing-sa…
If you are using form data, upgrade python-multipart to 0.0.7 as soon as possible to fix a ReDoS vulnerability. 🔒 If you install fastapi[all], just upgrade to 0.109.1 🤓 You can read more in the security advisory: github.com/tiangolo/fasta…
There's some new #Python syntax being debated in PEP 736 – Shorthand syntax for keyword arguments at invocation What do you think?
GitLab CVE-2023-7028 POC user[email][][email protected]&user[email][][email protected] - PWNED
United States Trendy
- 1. Lakers 78.8K posts
- 2. #Talus_Labs N/A
- 3. Good Thursday 20.5K posts
- 4. Luka 70K posts
- 5. Marcus Smart 6,208 posts
- 6. Wemby 27K posts
- 7. #LakeShow 5,737 posts
- 8. #AmphoreusStamp 7,244 posts
- 9. Blazers 8,913 posts
- 10. Russ 11.1K posts
- 11. Ayton 16.6K posts
- 12. Will Richard 6,623 posts
- 13. #RipCity N/A
- 14. #dispatch 65K posts
- 15. Unplanned 5,724 posts
- 16. Podz 2,437 posts
- 17. Nico Harrison 2,002 posts
- 18. Klay 8,575 posts
- 19. Shroud 5,705 posts
- 20. Deni 6,310 posts
Może Ci się spodobać
-
Adem Furkan Özcan
@AdemOzcanTR -
Oğuzhan Yılmaz
@owuzan_ -
Kürşat Oğuzhan AKINCI🇹🇷
@KoAkinci -
Mr.Gedik
@h4ck2s3c -
Kağan IŞILDAK
@kaganisildak -
Fatih Mehmet DİŞÇİOĞLU
@FMDisci0glu -
Berk Albayrak
@brkalbyrk7 -
Recep Yağmur
@redjh0nn -
Görkem Güler
@gorkemguler_ -
Mustafa Kaan Demirhan
@mstfknn -
Eren
@aporlorxl23 -
Mehmet Ayberk
@mhmtayberk -
Murat Y
@divinepwner -
ahmet kotan
@ahmetcode -
Ali
@yazilimci_adam
Something went wrong.
Something went wrong.