ROSECURIFY

Seclog - #48

Without passion man is a mere latent force and possibility, like the flint which awaits the shock of the iron before it can give forth its spark. — Henri-Frédéric Amiel

secmisc #

SSRFUtility - SSRF Exploitation Tool

THE CLOUD & APP SECURITY LIST

Uncovering a crazy privilege escalation from Chrome extensions

Escaping the sandbox: A bug that speaks for itself

Okta for Red Teamers

State of Cloud Security

Playing with NFC Cards

Security Vulnerabilities in AppsAnywhere

CISA Has a New Road Map for Handling Weaponized AI

All the Small Things: Azure CLI Leakage and Problematic Usage Patterns

Caricatures of Security People

Abusing Client-Side Desync on Werkzeug

Building a free Burp Collaborator with Cloudflare Workers

The Spelling Police: Searching for Malicious HTTP Servers by Identifying Typos in HTTP Responses

Exploring GPTs: ChatGPT in a trench coat?

Bypass Two-Factor Authentication of Facebook Accounts ($25,300)

HackAPrompt

Teams external participant splash screen bypass | BadOption.eu

From Akamai to F5 to NTLM... with love.

Denial of Pleasure: Attacking Unusual BLE Targets with a Flipper Zero

sectweet #

Ivan at Wallarm / API security tweeted about of OpenAI bypassing

secgit #

yunuscadirci/DIALStranger

kljunowsky/CVE-2023-36845

Aqua-Nautilus/CVE-Half-Day-Watcher

marcinguy/betterscan-ce

hackerschoice/bpfhacks

protectai/ai-exploits

AgentOps-AI/BestGPTs

qsocket/qs-netcat

xcanwin/CVE-2023-4357-Chrome-XXE

Thanks for reading,

![](https://cdn.hashnode.com/res/hashnode/image/upload/v1700431858077/f7c72559-15d7-4fb7-b3aa-2b302d02cfad.png align="left")

Subscribe to Seclog

Weekly security analysis direct to your inbox.

Share
← All Seclogs

Press / to search, Esc to close