The things Ministral-14B from @MistralAI can do—and how well it does them—are absolutely mind-blowing. It outperforms many models with 20B to 30B parameters

In that moment when the technician had to pick a password and thought, "I’ll just set it to 'Louvre' for now, it’s easy to remember. I’ll tell them to change it later" he probably imagined they’d switch to something like "Louvre123" What he didn’t expect was that they’d never

Operation SkyCloak Deploys Tor-Enabled OpenSSH Backdoor Targeting Defense Sectors

Hackeo de cerraduras inteligentes (tan de moda últimamente ...)

Pero lo peor de todo, es que un simple (e inocuo) XSS tipo año 2005 funciona sin problema . Es extraño que una empresa con ese volumen de facturación y recursos tenga algo tan crítico en ese estado. Fallos cometemos todos y nada es seguro al 100%, pero esto a mi me parece dejadez

Pensaba darme de alta en @ballenoil pero al intentarlo, la web dice que ya estoy dado de alta, voy a recuperar contraseña y pruebo mis e-mails ... ninguno está. No obstante, veo con horror que no hay captcha y te dice si el e-mail existe o no (...)

🚨Cyber Alert‼️ NSO Group - Pegasus Spyware A newly surfaced Telegram channel, apparently created by IRGC-affiliated cyber actors, claims to have exposed a significant collection of files related to the Pegasus spyware, detailing how Israel’s NSO Group weaponized zero-click

🇮🇷 | URGENTE — Acaban de hackear todos los canales de televisión en Irán. Están convocando a la población para salir a las calles a protestar contra el régimen.

This script automates SQL injection testing using SQLMap with AI-powered decision making. https://t.co/9GVWFonMX1

This is insanely hardcore

EU OS, el concepto de sistema operativo basado en Linux que aspira a llegar al sector público europeo

This is possibly the most insane national security story in the last 50 years. Includes a massive text chain between senior members of the Trump admin gaming out foreign policy and war plans on Signal, and they accidentally added a reporter to the group chat.

Brutal

Researchers have found a malicious campaign targeting Go developers with fake libraries. At least 7 typosquatted packages impersonate popular Go modules to deploy loader malware. These can execute remote code, stealing data or credentials on Linux and macOS systems. Read the

supervision, the open-source library I created a year ago, is crossing 25,000 stars on GitHub! thank you to everyone who helped me build this project! it took us 4,000+ commits, 1,000+ PRs and 100+ contributors to do it. repository: https://t.co/xXMRaS3Guk

A-Z of malware development full course :

How ChatGPT Operator can be hijacked through prompt injection exploits on web pages : https://t.co/duTMDabPph Paper : Trust No AI : Prompt Injection Along The CIA Security Triad : https://t.co/1NFLmQMFLc From Prompt Injection to Remote Controlling Claude Computer Use

Your laptop was stolen. It’s running Windows 11, fully up-to-date, device encryption (BitLocker) and Secure Boot enabled. Your data is safe, right? Think again! This software-only attack grabs your encryption key : https://t.co/Y8FkBkmgWH credits @Neodyme

NEW TOOL: https://t.co/JG1KlEWNQu It's a fully in-browser binary/file analysis tool with a hex editor. Features: - Hex editor and you can save the edited file - Mach-O symbols - ELF and PE basic metadata - Zip file contents - Fully client-side in-browser, so it is private and

Under the cloak of UEFI Secure Boot - Trusted Apps Sneak a Bug Into the UEFI Boot Process : Introducing CVE-2024-7344 : https://t.co/voWgQxO9Kw