RT @LassoSecurity: GenAI apps powered by #MCP are fast, modular, and vulnerable🚨 .@DrorOphir & @BLanyado reveal the top 10 security risks,….

I am thrilled to share that I will be speaking at the Microsoft @BlueHatIL 2025 alongside the incredible @DrorOphir . In our talk, we’ll unveil our latest research on how we discovered private repositories exposed on Microsoft Copilot. See you there! 🔥

RT @LassoSecurity: 🚨 Breaking: @BLanyado Lasso's security research has uncovered a critical vulnerability with sensitive private repositori….

RT @techpresso_en: 🫠 GitHub repositories that were once exposed are still accessible via Copilot despite being made private. The ongoing r….

RT @LassoSecurity: We are proud to announce that @LassoSecurity has been named a @Gartner_inc #CoolVendor in the October, 2024 Cool Vendors….

RT @LassoSecurity: Lassos’s research by @BLanyado has been mentioned in @Gartner_inc’s recent Threat Landscape Report 📢. Read the learn all….

RT @LassoSecurity: חולשה ב-ChatGPT הפילה בפח את המפתחים של עליבאבא @BLanyado.

RT @LassoSecurity: 🚨​ Research alert. Read @BLanyado follow-up research that dives deeper into AI Package Hallucination. Did #GPT4 #GEMINI….

🚨 Research alert. I just published my new research regarding LLM hallucinations. This time I asked A LOT more questions and investigated more models. I also found Hallucinated package in the wild with over 30K downloads of a hallucinated package

RT @SidesBer: Spotlight on @BLanyado and his talk: Spreading Malicious Packages Using Generative AI!. #BSidesBerlin.

RT @YakirKad: 🚨Research Alert! Some npm package maintainers opt for deprecation instead of addressing security flaws. We found that 8.2% o….

RT @LassoSecurity: Our very own @BLanyado took the stage at @SidesBer to share groundbreaking insights on #LLM security and AI Package Hall….

Research Alert!🚨 My research for exposed HuggingFace API tokens revealed 1,681 valid API tokens, some with full access to popular models like Meta-Llama, Pythia, and Bloom. This exposes millions to potential supply chain attacks. More Details on my blog:

RT @LassoSecurity: No matter who's OpenAI's CEO (no worries we still love you @sama), we got your back with an AWESOME security tool for yo….

RT @YakirKad: 🚨 New Research Alert! Exposed #Kubernetes secrets pose a significant risk, impacting top blockchain & Fortune 500 companies.….

I am thrilled to share that I will present my latest research, "AI Package Hallucination", at Bsides Singapore this Friday!. This is a new attack technique that uses GenAI tools such as ChatGPT to spread malicious packages. for more details: #BsidesSG

RT @YakirKad: 📈⛓ RepoJacking is on the rise, making it crucial to identify vulnerable repos.@GoldmanIlay and I uncover a key data mine used….

I want to share my latest discovery, .a new technique we have named “AI package hallucination”. In this research, we have found that around 30% of coding queries to ChatGPT could be used by attackers to spread malicious packages. @VulcanCyber .