Vinay⚡
@hack_n_code
Tester of pens, AI prompt connoisseur. Terrible Speller. All thoughts are my own 💭
Bunları beğenebilirsin
"they did not feel their research was ready to publicly demonstrate"
Is this real or a joke CVE-2025-55315 ? ASP.NET Core is vulnerable to http request smuggling !!!! And why is no one talking about it? github.com/advisories/GHS…
AWS engineers right now: - Hey Claude, prod is down fix it!!! Claude:
SSRF is just asking the person outside the gas station to buy you beer before you're 21
💥 Wiz Research has uncovered a critical Redis vulnerability that's been hiding for 13 years We found RediShell (CVE-2025-49844): an RCE bug in Redis that affects every version of Redis out there. It's rated CVSS 10 - the highest severity possible. The vulnerability lets…
every ai app today
I'm improving my co-hacking AI system (built on Claude Code). One of the coolest new things I added to it was @browserbase's MCP server. It only took 20 seconds to add, and now it can take UI-based actions on any website. Here Claude used it to make a ChatGPT account: 😝
Lavamoat. It was literally built for supply chain attacks. It would've prevented the malicious code from monkey patching globals (`xmlhttprequest`, `fetch`, `window.ethereum`) at runtime. It's free. Tell your favorite dapp dev. npmjs.com/package/@lavam…
treat your code like bonsai, ai makes it grow faster, you have to prune it from time to time to keep its structure and establish the overall design
appsec engineers be like, "surely noone can bypass ssl pinning on iOS, no one can reverse-engineer iOS binaries, no need to ratelimit the mobile API!" lmeow
WhatsApp 0-day exploited in the wild
Prompt engineering feels like doing science experiments, have a variety of inputs their corresponding intended outputs, and come up with a scoring system to evaluate the accuracy, then we slowly work on our prompt to maximize the accuracy score while balancing time + cost.
Novel jailbreak discovered. Not only does OpenAi putting your name in the system prompt impact the way GPT responds, but it also opens the model up to a prompt INSERTION. Not injection. You can insert a trigger into the actual system prompt, which makes it nigh indefensible.
AI agents that can browse the Web and perform tasks on your behalf have incredible potential but also introduce new security risks. We recently found, and disclosed, a concerning flaw in Perplexity's Comet browser that put users' accounts and other sensitive info in danger.
When you make money, the first thing you have to do is "fix your health issues." All other things can wait.
I recently discovered a critical race condition vulnerability at a multi-million dollar investment firm! The vulnerability allowed attackers to execute a single-packet attack that bypassed financial controls, potentially enabling: ✅ Purchasing stocks worth twice the available…
Just published my first blog post "Cache Deception + CSPT: Turning Non Impactful Findings into Account Takeover" You can read the full write-up here: zere.es/posts/cache-de…
United States Trendler
- 1. New York 32.5K posts
- 2. Good Wednesday 28.1K posts
- 3. #questpit 13.4K posts
- 4. #wednesdaymotivation 2,053 posts
- 5. Virginia 599K posts
- 6. Hump Day 12.1K posts
- 7. Van Jones 4,787 posts
- 8. 5th of November 18.4K posts
- 9. The GOP 274K posts
- 10. #Wednesdayvibe 1,558 posts
- 11. #ChavismoEnVanguardia 1,680 posts
- 12. Enhanced 11.5K posts
- 13. Alastor 34.1K posts
- 14. Nueva York 131K posts
- 15. Mayor 1.01M posts
- 16. #WednesdayWisdom N/A
- 17. AND SO IT BEGINS 20.4K posts
- 18. Socialism 105K posts
- 19. Happy Hump 7,965 posts
- 20. But the Lord 10.1K posts
Something went wrong.
Something went wrong.