b33f | 🇺🇦✊
@FuzzySec
意志 / Antiquarian @ IBM X-Force Offensive Research (XOR) / Ex-TORE ⚔️🦅 / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabs
I wrote a blogpost about Android on-device fuzzing -> Reproducing a million-dollar bug: WhatsApp CVE-2019-11932 (with AFL & Frida) ibm.com/think/x-force/…
I originally had Gemini expecting a 200 OK instead of a 401, but after dropping a server-side breakpoint so it could use a timeout as the auth signal, it cracked the bypass! 🥈 AI + human teamwork for the win! 🎉 Next: finding the right parameters & deserialization in…
Just ran a cheeky test: Could Gemini find @_l0gg’s CVE-2025-49706 SharePoint auth bypass? Nope! ☹️ Even after feeding it important patch diffs, decompiled old code, .aspx files & blog posts, it still couldn’t map the Toolpane.aspx path logic - it only found the valid `referer`…
Hiring a junior/mid role on my team for a Red Team operator, feel free to DM me with any questions or anything nvidia.wd5.myworkdayjobs.com/NVIDIAExternal…
Extensions are problematic and they insert the attacker directly into sensitive contexts. The tradecraft shown is really weak (but it doesn't have to be), I think that illustrates there is a real issue here. Attacker ROI on the vscode store is high with multi-editor targeting.
But how could the infected developer, who was quite experienced, have downloaded this obviously malicious extension? It turns out that attackers have been able to make the malicious extension rank higher than the legitimate one. [3/6]
In a joint paper with @OwainEvans_UK as part of the Anthropic Fellows Program, we study a surprising phenomenon: subliminal learning. Language models can transmit their traits to other models, even in what appears to be meaningless data. x.com/OwainEvans_UK/…
New paper & surprising result. LLMs transmit traits to other models via hidden signals in data. Datasets consisting only of 3-digit numbers can transmit a love for owls, or evil tendencies. 🧵
🚨In the upcoming September edition of "Advanced NET Exploitation" at @cybersaiyanIT 2025, we'll review the SharePoint p2o Deserialization exploit that was found by the Legend @_l0gg himself 🔥 P.S: for the love of god, register NOW! 😅
It was an honor to brief Lt General Hiroe Jiro-san 廣惠 次郎, Commanding General, TERCOM, Japan Ground Self-Defense Force (JGSDF) on offensive AI strategy, and separately Colonel Toshio Miyazawa-san 宮澤壽志大 on the use of offensive AI in Electronic & Cyber Warfare, as…
Official results are in - Gemini achieved gold-medal level in the International Mathematical Olympiad! 🏆 An advanced version was able to solve 5 out of 6 problems. Incredible progress - huge congrats to @lmthang and the team! deepmind.google/discover/blog/…
I feel like the AI has spent a suspicious amount of time thinking about how to compromise my environment 😅
I was reading the SharePoint zero-day news (I have a personal interest in itw 0day hunting), then I realized MSRC has bounties for SharePoint bugs, then I read the program & found it only offers like 20k for critical SharePoint RCE (if I read the rules correctly)…
1/N I’m excited to share that our latest @OpenAI experimental reasoning LLM has achieved a longstanding grand challenge in AI: gold medal-level performance on the world’s most prestigious math competition—the International Math Olympiad (IMO).
sessionize.com/offensive-ai-c… submission portal closes at 11:59pm PT tonight (7/18)
Small teaser , location is Timisoara, Romania but venue is not yet decided till I have all the people confirmed :) please register only if you consider coming physically . it's just one stage no qualifier. More to be revealed soon :)
We’ve activated our strongest safeguards for ChatGPT Agent. It’s the first model we’ve classified as High capability in biology & chemistry under our Preparedness Framework. Here’s why that matters–and what we’re doing to keep it safe. 🧵
We’ve decided to treat this launch as High Capability in the Biological and Chemical domain under our Preparedness Framework, and activated the associated safeguards. This is a precautionary approach, and we detail our safeguards in the system card. We outlined our approach on…
#RomHack2025 #Training we’re hosting Advanced .NET #Exploitation Training with @SinSinology Instead of spending 8 months of your time, you will be up to date with the latest tools, techniques, tactics, and procedures in just 4 days! romhack.io/training/2025/…
tachy0n - The last 0day jailbreak by @s1guza blog.siguza.net/tachy0n/
Here is a really cool blog post by wasamasa whos is a past student of our FSWA class: emacsninja.com/posts/cve-2025…. You can find them on Mastodon: lonely.town/@wasamasa/
🔓Join me at #BHUSA in Las Vegas (Aug 6) to dissect critical Secure Boot flaws! Until then: Try my OPEN-SOURCE scanner to: ✓ Check if YOUR system is vulnerable ✓ AUTO-GENERATE advisories ✓ Win/Linux support 🛠️Web tool:sbootbreaches.github.io 🐙Talk link:blackhat.com/us-25/briefing…
A financially motivated threat actor, #UNC6148, is targeting fully patched, end-of-life SonicWall SMA 100 appliances. In this latest activity, they deploy a new persistent backdoor we track as OVERSTEP. 🔗 Full details and defensive recommendations: goo.gle/44Pqr1F