Forwarded from AISecHub
12 LLM CTFs & Challenges - https://taleliyahu.medium.com/llm-ctfs-challenges-03dd55a9b7e4
Hands on CTFs and labs for LLM security. Train on prompt injection, jailbreaks, guardrail bypass, tool and agent abuse, data leaks, model inversion, and MCP issues.
Hands on CTFs and labs for LLM security. Train on prompt injection, jailbreaks, guardrail bypass, tool and agent abuse, data leaks, model inversion, and MCP issues.
Medium
LLM CTFs & Challenges
LLM CTFs & Challenges Hands on CTFs and labs for LLM security. Train on prompt injection, jailbreaks, guardrail bypass, tool and agent abuse, data leaks, model inversion, and MCP issues. Join the AI …
❤2🔥2
Forwarded from Officer’s Articles
I Checked the Worst OpSec Practices So You Don’t Have To
Link: https://officercia.medium.com/i-checked-the-worst-opsec-practices-so-you-dont-have-to-59501825c50f
Link: https://officercia.medium.com/i-checked-the-worst-opsec-practices-so-you-dont-have-to-59501825c50f
Medium
I Checked the Worst OpSec Practices So You Don’t Have To
In an increasingly digital world, Operational Security (OpSec) refers to the practices and processes individuals and organizations use to…
❤1
Forwarded from AISecHub
AI-Powered CAPTCHA Solver
This project is a Python-based command-line tool that uses large multimodal models (LMMs) like OpenAI's GPT-4o and Google's Gemini to automatically solve various types of CAPTCHAs. It leverages Selenium for web browser automation to interact with web pages and solve CAPTCHAs in real-time.
https://github.com/aydinnyunus/ai-captcha-bypass
This project is a Python-based command-line tool that uses large multimodal models (LMMs) like OpenAI's GPT-4o and Google's Gemini to automatically solve various types of CAPTCHAs. It leverages Selenium for web browser automation to interact with web pages and solve CAPTCHAs in real-time.
https://github.com/aydinnyunus/ai-captcha-bypass
GitHub
GitHub - aydinnyunus/ai-captcha-bypass: AI Captcha Bypass
AI Captcha Bypass. Contribute to aydinnyunus/ai-captcha-bypass development by creating an account on GitHub.
🤝3
Forwarded from Security Harvester
Analysis of 8 Foundational Cache Poisoning Attacks (HackerOne, GitHub, Shopify) - Part 1
https://herish.me/blog/cache-poisoning-case-studies-part-1-foundational-attacks/:
1. The first part of a three-section deep dive analyzing early real-world cache poisoning bugs across HackerOne, GitHub, Shopify, and private programs.
2. Although it once appeared niche, cache poisoning has evolved into a high-impact attack vector affecting CDNs, cloud platforms, server frameworks, and multi-tenant SaaS providers.
3. These early reports demonstrate not only how straightforward misconfigurations can lead to devastating effects, but also how attackers learned to weaponize headers, request behaviors, and cache key inconsistencies to breach platforms with millions of users.
@secharvester
https://herish.me/blog/cache-poisoning-case-studies-part-1-foundational-attacks/:
1. The first part of a three-section deep dive analyzing early real-world cache poisoning bugs across HackerOne, GitHub, Shopify, and private programs.
2. Although it once appeared niche, cache poisoning has evolved into a high-impact attack vector affecting CDNs, cloud platforms, server frameworks, and multi-tenant SaaS providers.
3. These early reports demonstrate not only how straightforward misconfigurations can lead to devastating effects, but also how attackers learned to weaponize headers, request behaviors, and cache key inconsistencies to breach platforms with millions of users.
@secharvester
Forwarded from Vladimir S. | Officer's Channel (Vladimir S. | officercia)
Update your Apple devices immediately!
• https://x.com/officer_secret/status/1999601255392710855?s=46
#security #alert
• https://x.com/officer_secret/status/1999601255392710855?s=46
#security #alert
X (formerly Twitter)
Vladimir S. | Officer's Notes (@officer_secret) on X
Update your Apple devices immediately!
Update with a fix for an actively exploited vuln(s): iOS 26.2 and iPadOS 26.2
For:
iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation…
Update with a fix for an actively exploited vuln(s): iOS 26.2 and iPadOS 26.2
For:
iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation…
❤1
Forwarded from Investigations by ZachXBT
Community alert: A number of Trust Wallet users have reported that funds were drained from wallet addresses within the past couple of hours.
While the exact root cause has not been determined coincidentally the Trust Wallet Chrome extension pushed a new update yesterday.
Theft addresses
Send me a DM on X (Twitter) if you were affected and I will update the list of theft addresses as I verify more.
While the exact root cause has not been determined coincidentally the Trust Wallet Chrome extension pushed a new update yesterday.
Theft addresses
0x3b09A3c9aDD7D0262e6E9724D7e823Cd767a0c74
0x463452C356322D463B84891eBDa33DAED274cB40
0xa42297ff42a3b65091967945131cd1db962afae40xe072358070506a4DDA5521B19260011A490a5aaA0xc22b8126ca21616424a22bf012fd1b7cf48f02b1
bc1qjj7mj50s2e38m4nn7pt2j0ffddxmuxh2g8tyd8
bc1ql9r9a4uxmsdwkenjwx7t5clslsf62gxt8ru7e8bc1q4g8u7kctk6f2x3f6nh43x76qm4fd0xyv3jugdybc1qw7s35umfzgcc7nmjdj9wsyuy9z3g6kqjr0vc7wbc1qgccgl9d0wzxxnvklj4j55wqeqczgkn6qfcgjdgbc1q3ykewj0xu0wrwxd2dy4g47yp75gxxm565kaw6mSend me a DM on X (Twitter) if you were affected and I will update the list of theft addresses as I verify more.