| 1. | | The Team PCP Snowball Effect: A Quantitative Analysis (gitguardian.com) |
| 4 points by chillax 6 days ago | past | discuss |
|
| 2. | | The Comforting Lie of SHA Pinning (vaines.org) |
| 15 points by chillax 8 days ago | past | 5 comments |
|
| 3. | | Invisible Prompt Injection Through Markdown and HTML-Comments (github.com/bountyyfi) |
| 2 points by chillax 46 days ago | past |
|
| 4. | | Turning Cloudflare into an SSRF Engine,Reaching What You Were Never Meant to See (riversecurity.eu) |
| 1 point by chillax 65 days ago | past |
|
| 5. | | Ubiquiti: The U.S. Tech Enabling Russia's Drone War (hntrbrk.com) |
| 25 points by chillax 68 days ago | past | 3 comments |
|
| 6. | | AI's Bottleneck Isn't Models or Tools, It's Security (zkorman.com) |
| 1 point by chillax 83 days ago | past | 1 comment |
|
| 7. | | React2shell (react2shell.com) |
| 2 points by chillax 4 months ago | past |
|
| 8. | | CyberSlop – meet the new threat actor, MIT and Safe Security (doublepulsar.com) |
| 3 points by chillax 4 months ago | past |
|
| 9. | | AuditKit – Multi-framework compliance scanner (auditkit.io) |
| 1 point by chillax 5 months ago | past |
|
| 10. | | AMD signs AI chip-supply deal with OpenAI, gives it option to take a 10% stake (reuters.com) |
| 442 points by chillax 6 months ago | past | 370 comments |
|
| 11. | | Security Degradation in Iterative AI Code Generation (arxiv.org) |
| 1 point by chillax 6 months ago | past |
|
| 12. | | JEP 500: Prepare to Make Final Mean Final (openjdk.org) |
| 3 points by chillax 6 months ago | past |
|
| 13. | | Conversation: LLMs and Building Abstractions (martinfowler.com) |
| 1 point by chillax 7 months ago | past |
|
| 14. | | Azure's Weakest Link – Full Cross-Tenant Compromise (binarysecurity.no) |
| 1 point by chillax 7 months ago | past |
|
| 15. | | The Great SSL Certificate Panic (redmonk.com) |
| 22 points by chillax 7 months ago | past | 11 comments |
|
| 16. | | Amazon Q Developer: Secrets Leaked via DNS and Prompt Injection (embracethered.com) |
| 3 points by chillax 7 months ago | past |
|
| 17. | | Welcome to the IPv4 Games (ipv4.games) |
| 55 points by chillax 8 months ago | past | 29 comments |
|
| 18. | | Meetingco.st – How much does that meeting cost? (meetingco.st) |
| 2 points by chillax 8 months ago | past |
|
| 19. | | WAF Detector – For Detecting and Testing Web Application Firewalls (WAFs), CDNs (github.com/ammarion) |
| 3 points by chillax 9 months ago | past |
|
| 20. | | BaxBench: Can LLMs Generate Secure and Correct Back Ends? (baxbench.com) |
| 2 points by chillax 9 months ago | past | 1 comment |
|
| 21. | | Remote Prompt Injection in Gitlab Duo Leads to Source Code Theft (legitsecurity.com) |
| 214 points by chillax 10 months ago | past | 54 comments |
|
| 22. | | GitHub Copilot and Cursor: How Hackers Can Weaponize Code Agents (pillar.security) |
| 1 point by chillax on March 19, 2025 | past |
|
| 23. | | Azure's Weakest Link? How API Connections Spill Secrets (binarysecurity.no) |
| 3 points by chillax on March 11, 2025 | past |
|
| 24. | | 8M Requests Later,We Made the SolarWinds Supply Chain Attack Look Amateur (watchtowr.com) |
| 1 point by chillax on Feb 6, 2025 | past |
|
| 25. | | Top web hacking techniques of 2024 (portswigger.net) |
| 3 points by chillax on Feb 5, 2025 | past |
|
| 26. | | Stealing HttpOnly cookies with the cookie sandwich technique (portswigger.net) |
| 6 points by chillax on Jan 23, 2025 | past |
|
| 27. | | Backdooring Your Backdoors – Another $20 Domain, More Governments (watchtowr.com) |
| 5 points by chillax on Jan 8, 2025 | past |
|
| 28. | | September 2024 Progress Update on Microsoft's Secure Future Initiative (SFI) (microsoft.com) |
| 1 point by chillax on Sept 25, 2024 | past |
|
| 29. | | Hello eBPF: Building a Fast Firewall with Java and eBPF (14) (mostlynerdless.de) |
| 2 points by chillax on Aug 27, 2024 | past |
|
| 30. | | Listen to the whispers: web timing attacks that work (portswigger.net) |
| 3 points by chillax on Aug 7, 2024 | past |
|
|
| More |
