| 1. | | AI's Bottleneck Isn't Models or Tools, It's Security (zkorman.com) |
| 1 point by chillax 8 days ago | past | 1 comment |
|
| 2. | | React2shell (react2shell.com) |
| 2 points by chillax 46 days ago | past |
|
| 3. | | CyberSlop – meet the new threat actor, MIT and Safe Security (doublepulsar.com) |
| 3 points by chillax 74 days ago | past |
|
| 4. | | AuditKit – Multi-framework compliance scanner (auditkit.io) |
| 1 point by chillax 3 months ago | past |
|
| 5. | | AMD signs AI chip-supply deal with OpenAI, gives it option to take a 10% stake (reuters.com) |
| 442 points by chillax 3 months ago | past | 370 comments |
|
| 6. | | Security Degradation in Iterative AI Code Generation (arxiv.org) |
| 1 point by chillax 3 months ago | past |
|
| 7. | | JEP 500: Prepare to Make Final Mean Final (openjdk.org) |
| 3 points by chillax 4 months ago | past |
|
| 8. | | Conversation: LLMs and Building Abstractions (martinfowler.com) |
| 1 point by chillax 4 months ago | past |
|
| 9. | | Azure's Weakest Link – Full Cross-Tenant Compromise (binarysecurity.no) |
| 1 point by chillax 4 months ago | past |
|
| 10. | | The Great SSL Certificate Panic (redmonk.com) |
| 22 points by chillax 5 months ago | past | 11 comments |
|
| 11. | | Amazon Q Developer: Secrets Leaked via DNS and Prompt Injection (embracethered.com) |
| 3 points by chillax 5 months ago | past |
|
| 12. | | Welcome to the IPv4 Games (ipv4.games) |
| 55 points by chillax 5 months ago | past | 29 comments |
|
| 13. | | Meetingco.st – How much does that meeting cost? (meetingco.st) |
| 2 points by chillax 5 months ago | past |
|
| 14. | | WAF Detector – For Detecting and Testing Web Application Firewalls (WAFs), CDNs (github.com/ammarion) |
| 3 points by chillax 6 months ago | past |
|
| 15. | | BaxBench: Can LLMs Generate Secure and Correct Back Ends? (baxbench.com) |
| 2 points by chillax 6 months ago | past | 1 comment |
|
| 16. | | Remote Prompt Injection in Gitlab Duo Leads to Source Code Theft (legitsecurity.com) |
| 214 points by chillax 8 months ago | past | 54 comments |
|
| 17. | | GitHub Copilot and Cursor: How Hackers Can Weaponize Code Agents (pillar.security) |
| 1 point by chillax 10 months ago | past |
|
| 18. | | Azure's Weakest Link? How API Connections Spill Secrets (binarysecurity.no) |
| 3 points by chillax 10 months ago | past |
|
| 19. | | 8M Requests Later,We Made the SolarWinds Supply Chain Attack Look Amateur (watchtowr.com) |
| 1 point by chillax 11 months ago | past |
|
| 20. | | Top web hacking techniques of 2024 (portswigger.net) |
| 3 points by chillax 11 months ago | past |
|
| 21. | | Stealing HttpOnly cookies with the cookie sandwich technique (portswigger.net) |
| 6 points by chillax 12 months ago | past |
|
| 22. | | Backdooring Your Backdoors – Another $20 Domain, More Governments (watchtowr.com) |
| 5 points by chillax on Jan 8, 2025 | past |
|
| 23. | | September 2024 Progress Update on Microsoft's Secure Future Initiative (SFI) (microsoft.com) |
| 1 point by chillax on Sept 25, 2024 | past |
|
| 24. | | Hello eBPF: Building a Fast Firewall with Java and eBPF (14) (mostlynerdless.de) |
| 2 points by chillax on Aug 27, 2024 | past |
|
| 25. | | Listen to the whispers: web timing attacks that work (portswigger.net) |
| 3 points by chillax on Aug 7, 2024 | past |
|
| 26. | | Single-packet race condition breaking the 65535 byte lim (flatt.tech) |
| 93 points by chillax on Aug 5, 2024 | past | 31 comments |
|
| 27. | | Ducks Now Sitting (DNS): Internet Infrastructure Insecurity (eclypsium.com) |
| 2 points by chillax on Aug 2, 2024 | past |
|
| 28. | | Exploiting Client-Side Path Traversal to Perform CSRF – Introducing CSPT2CSRF (doyensec.com) |
| 1 point by chillax on July 3, 2024 | past |
|
| 29. | | Phantom Secrets: Undetected Secrets Expose Major Corporations (aquasec.com) |
| 2 points by chillax on July 2, 2024 | past |
|
| 30. | | Encryption at Rest: Whose Threat Model Is It Anyway? (scottarc.blog) |
| 199 points by chillax on June 4, 2024 | past | 168 comments |
|
|
| More |
