If you spend too much time thinking about a thing, you'll never get it done. — Bruce Lee

seclinks #

Google Cloud Vertex AI - Data Exfiltration Vulnerability Fixed in Generative AI Studio

GPT-4 Vision Prompt Injection

Post Mortem on Cloudflare Control Plane and Analytics Outage

1466183 - Security: Memory corrupt in v8, leading to RCE - chromium

Enumerate/Bruteforce/Attack All the Things! Presenting Legba

Now available: Building a scalable vulnerability management program on AWS | AWS Security Blog

Shielder - CVE-2023-33466 - Exploiting Healthcare Servers with Polyglot Files

Citrix Bleed: Leaking Session Tokens with CVE-2023-4966

Cascade: CPU Fuzzing via Intricate Program Generation - Computer Security Group

Java Deserialization Vulnerability Still Alive

Introducing HAR Sanitizer: secure HAR sharing

Samy Kamkar - KeySweeper

Semgrep's New Rule Syntax

Data-bouncing

DOM-based race condition: racing in the browser for fun - RyotaK's Blog

The Future of Drone Warfare - Schneier on Security

Cisco IOS XE CVE-2023-20198: Deep Dive and POC – Horizon3.ai

Stealing OAuth tokens of connected Microsoft accounts via open redirect in Harvest App | eval.blog

Chaos-Sec-Lab: Grand Theft Auto – RF Locks Hacking Flipper-Zero Edition Part 1

Chaos-Sec-Lab: Grand Theft Auto – RF Locks Hacking Flipper-Zero Edition Part 2

Cloudflare incident on October 30, 2023

Rusty Droid: Under the Hood of a Dangerous Android RAT - K7 Labs

Compromising F5 BIGIP with Request Smuggling -

sectweet #

The CVSS Special Interest Group is proud to announce the official release of CVSS v4.0.

secvideo #

AWS Cloud Penetration Testing Explained with Example

I Stole a Microsoft 365 Account. Here's How.

secgit #

ethicalhackingplayground/dnsresolver

evilsocket/legba

Escape-Technologies/graphql-wordlist

CycodeLabs/raven)

D00Movenok/BounceBack

nopcorn/DuckDuckC2

← Back to Seclog