Vinay⚡
@hack_n_code
Tester of pens, AI prompt connoisseur. Terrible Speller. All thoughts are my own 💭
คุณอาจชื่นชอบ
Is this real or a joke CVE-2025-55315 ? ASP.NET Core is vulnerable to http request smuggling !!!! And why is no one talking about it? github.com/advisories/GHS…
AWS engineers right now: - Hey Claude, prod is down fix it!!! Claude:
SSRF is just asking the person outside the gas station to buy you beer before you're 21
💥 Wiz Research has uncovered a critical Redis vulnerability that's been hiding for 13 years We found RediShell (CVE-2025-49844): an RCE bug in Redis that affects every version of Redis out there. It's rated CVSS 10 - the highest severity possible. The vulnerability lets…
I'm improving my co-hacking AI system (built on Claude Code). One of the coolest new things I added to it was @browserbase's MCP server. It only took 20 seconds to add, and now it can take UI-based actions on any website. Here Claude used it to make a ChatGPT account: 😝
Lavamoat. It was literally built for supply chain attacks. It would've prevented the malicious code from monkey patching globals (`xmlhttprequest`, `fetch`, `window.ethereum`) at runtime. It's free. Tell your favorite dapp dev. npmjs.com/package/@lavam…
treat your code like bonsai, ai makes it grow faster, you have to prune it from time to time to keep its structure and establish the overall design
appsec engineers be like, "surely noone can bypass ssl pinning on iOS, no one can reverse-engineer iOS binaries, no need to ratelimit the mobile API!" lmeow
Prompt engineering feels like doing science experiments, have a variety of inputs their corresponding intended outputs, and come up with a scoring system to evaluate the accuracy, then we slowly work on our prompt to maximize the accuracy score while balancing time + cost.
Novel jailbreak discovered. Not only does OpenAi putting your name in the system prompt impact the way GPT responds, but it also opens the model up to a prompt INSERTION. Not injection. You can insert a trigger into the actual system prompt, which makes it nigh indefensible.
AI agents that can browse the Web and perform tasks on your behalf have incredible potential but also introduce new security risks. We recently found, and disclosed, a concerning flaw in Perplexity's Comet browser that put users' accounts and other sensitive info in danger.
When you make money, the first thing you have to do is "fix your health issues." All other things can wait.
I recently discovered a critical race condition vulnerability at a multi-million dollar investment firm! The vulnerability allowed attackers to execute a single-packet attack that bypassed financial controls, potentially enabling: ✅ Purchasing stocks worth twice the available…
Just published my first blog post "Cache Deception + CSPT: Turning Non Impactful Findings into Account Takeover" You can read the full write-up here: zere.es/posts/cache-de…
🚨 You Forgot, I Remembered: Mass DNS Takeovers and Thousands at Risk Over 40,000 domains on DigitalOcean’s Cloud DNS were taken over using serverless automation & OSINT. Full research 👇 smaranchand.com.np/2025/07/you-fo… #CloudSecurity #DNS #DigitalOcean #AppSec #BugBounty
United States เทรนด์
- 1. Lakers 93.6K posts
- 2. Luka 71.4K posts
- 3. Ayton 15.3K posts
- 4. Marcus Smart 8,648 posts
- 5. Curry 42.2K posts
- 6. Warriors 97.3K posts
- 7. Froot N/A
- 8. Rockets 59.7K posts
- 9. Pharos 9,853 posts
- 10. Draymond 8,689 posts
- 11. Reaves 9,294 posts
- 12. Double OT 6,775 posts
- 13. #DubNation 13.4K posts
- 14. #MLBS6Spoilers 5,173 posts
- 15. #DWTS 49.2K posts
- 16. Shai 34.2K posts
- 17. Jimmy Butler 9,738 posts
- 18. #LakeShow 6,610 posts
- 19. Sengun 25.8K posts
- 20. Vando 3,118 posts
Something went wrong.
Something went wrong.