I'm packing for DEF CON and its so tempting to bring my microscope with me....
06.08.2025 18:29 β π 0 π 0 π¬ 0 π 0
I refuse to call voice phishing "vishing" not only does it sound goofy but it is not helpful. Promoting the idea that phishing is channel specific trains users to only pay attention in those channels. But phishing can be whatsappishing, intercomishing, twitchishing, or even coffeeshopishing.
05.08.2025 18:41 β π 1 π 0 π¬ 0 π 0
Your public ChatGPT queries are getting indexed by Google and other search engines | TechCrunch
Search engines are indexing links to ChatGPT conversations that have been made sharable with a link.
The privacy implications from publicly indexing LLM chats isn't surprising, but people routinely create policy that treats LLM chats like search queries rather than much more private data. The industry needs to reckon with the fact they've pushed users to share deeply. techcrunch.com/2025/07/31/y...
02.08.2025 01:27 β π 0 π 0 π¬ 0 π 0
Anyone have of any good examples of LLM code execution vulns that are server-side rather than user-side? As tool use becomes more common we should see more examples of this.
31.07.2025 21:22 β π 0 π 0 π¬ 0 π 0
I'm late to the hot takes about Tea, but luckily for me it won't be long until another unsecured S3 bucket dumps a bunch of ID verification photos into the public. Then I'll seem prescient.
30.07.2025 21:23 β π 0 π 0 π¬ 0 π 0
After $380M hack, Clorox sues its βservice deskβ vendor for simply giving out passwords
Massive 2023 hack was easily preventable, Clorox says.
This part of the Clorox hacking story is wild to me! Even if the helpdesk had followed their policy, the only information required for a password reset was the manager's name and the user's username. Even the unenforced policy was bad too! arstechnica.com/security/202...
25.07.2025 18:29 β π 0 π 0 π¬ 0 π 0
LLMs are the new frontier in unsanitized user input and we're going to see more and more exploits of this.
23.07.2025 18:30 β π 2 π 0 π¬ 0 π 0
Breaker of software, responder of incidents, IANS Faculty, VP R&D Hunter Strategy, Supreme Allied Commander of ANTIFA.
Foodie : Security Engineer : hacker : stray cat : she/her
βUh-Lee-thβ | Bishop Fox π¦ Red Team | DEF CON Goon & Black Badge Hall of Fame | DEF CON Social Engineering CTF Winner 2019 | Physical Pentester | IVR Pentester | IR Tabletop King π
Safa πΏπ¦ in NorCal πΊπΈ - Fish π Nerd - Jeep Girl
Web App (mostly) Hacker @NetSPI | Cybersecurity Educator | Content Creator | Ex-Brit | Links: http://linktr.ee/tib3rius (he/him) πΊπΈ A mostly unserious person.
Co-founder at @BotCity (YC W22)
OSS Maintainer at MarvinJ and Marvin
Computer Scientist, AI, Open Source
BlueSky only.
Tech enthusiast (optimist).
Futurist and early-adopter of everything.
Senior Manager, Amazon/AWS Threat Intelligence. @CitizenLab.ca Research Fellow. Former federal agent. Fan of space, books, technology, and Mother NatureπͺοΈ. Personal account. πΊπΈ πΊπ¦ πΉπΌ #ThreatIntel
Storm chasing: https://bsky.app/profile/wxdox.com
Founder of Granitt, securing journalists and at-risk people around the world.
Chasing digital badness. Senior Researcher at Citizen Lab, but words here are mine.
cyber, dogs, sports, memes. she/her. podcaster. "bluesky's humblest resident nailfluencer π
" - Jerry
my heart is in the west π΅π
cybersecurity weather man. scanning the horizons for cloudy cyber. Expert at nothing except computer rubbish. Anti-ransomware since 2015.
Ramblings of a Mad Englishman: Hacker @ BBC's Real Hustle & Mr Robot. Head of Sec @ DEF CON. Founder @ CTI-League, Ransomware Taskforce, w00w00, CDC NSF, (He/Him).
Also
Twitter @marcwrogers
Mastodon cj@chaos.social
Mandiant Intelligence at Google. CYBERWARCON and SLEUTHCON founder. Johns Hopkins professor. Army vet.
Cyber-warfare | PhD from KCL | Author of 'Offensive Cyber Operations' | Security @ Meta
senior researcher at @citizenlab.ca
Recorded Future - Ransomware Researcher
Owner @greenarcher.io - Yours Truly, Johnny Dollar | The Press Guardian | The Clock | The Green Archer
Weird mix of security, comics, photography and wine!
www.greenarcher.io
Executive Director for Intelligence and Security Research @ SentinelOne.
Distinguished Fellow and Adj Professor @ Hopkins SAIS Alperovitch Institute. Three Buddy Problem Co-Host. LABScon Founder, Cyber Paleontologist, Fourth-Party Collector.
