AI-powered malware hit 2,180 GitHub accounts in “s1ngularity” attack - @billtoulas https://t.co/mJ849FHhFL https://t.co/mJ849FHhFL

@ahsentekd dünyanın en güzel üçlüsü. #2012

CORNFLAKE.V3 malware spotted in an access-as-a-service operation using the ClickFix technique. 🥣 UNC5518 uses fake CAPTCHA pages for access, which UNC5774 then leverages to deploy the CORNFLAKE.V3. Learn more: https://t.co/zRdEp0ctKm

🔥 Tersine mühendisler, 6. toplantıya koşun! Yusuf İşlek, Ahsen Tekdemir, Celil Ünüver ve Utku Çorbacı ile, 16 Ağustos, İzmir'de. RT == MOV PC, 0x41414141414141

🚨 RubyGems & PyPI under attack: 🔸 60 fake RubyGems stole social media logins (275K+ downloads) 🔸 PyPI fakes hijacked crypto staking wallets Both hide credential-stealing code in legit-looking packages. Details →

''This Malicious PyPI Package Stole Ethereum Private Keys via Polygon RPC Transactions'' #infosec #pentest #redteam #blueteam https://t.co/gnwg5OBPe5

New release of pytest-examples https://t.co/tfSPPsvf6j now supports calling a function or coroutine within the example code. I'd love to rename the package so people can actually find and use it, but I can't think of a good name that's easier to search for.

LLMs as vulnerability hunters? Yup. Our Vulnhuntr tool from @ProtectAICorp uses Claude to scan Python code for 0days. 🤯 Check out the NoHat talk for the full story from @DanHMcInerney & @byt3bl33d3r. 👇 https://t.co/xa0jYtsuwA

Say hello to the Polyglot Payload. The complete payload for the XSS Polyglot Challengev2 is now available on the https://t.co/uVCBeEwMLN platform. Source: https://t.co/efv6AuAq55 Thanks @filedescriptor and crlf #xss #polyglot #polyglotxss

In collaboration with @rizasabuncu , we promptly identified and reported a vulnerability in iOS and macOS to Apple’s security team. This vulnerability had the potential to allow unauthorized access to user activities or browsing history, even when the device was in lockdown or

🐍💥Python 3.13.0 has been released! 🎉 This is the first version with 🧵experimental GIL-free mode, an experimental JIT compiler🔧, a slick new REPL 🖌️ and many new cool features! And it's faster, smarter, and more colorful than ever! 🚀 Get it here:

Can your current tools cache 10,000 SBOMs transitive dependents in 30 seconds? Minefield can.

トルコのおじさんあまりにかっこよくてスケッチしてしまった　描いてみるとあらためてわかるんですけど姿勢の美しさがすごいわ

Cloudflare’s 1.1.1.1 DNS Service Disrupted by BGP Hijacking and Route Leak

🚨Alert🚨CVE-2024-21413 Microsoft Outlook RCE Flaw POC Released 📊219.8K+ Services are found on the https://t.co/WrjZaG0jRH 🔗Hunter: https://t.co/D4e39xFXWj Dorks 👇👇👇 Hunter: https://t.co/q9rtuGgxk7="Outlook Web App" FOFA: app="Microsoft-Outlook" Shodan:http.component:"outlook

Safetest is a new UI testing library that combines Playwright, Jest/Vitest, and React for an E2E testing solution for applications and component testing. It works with multiple UI libraries and test runners and provides powerful reporting capabilities. https://t.co/A0XiCLveSk

If you are using form data, upgrade python-multipart to 0.0.7 as soon as possible to fix a ReDoS vulnerability. 🔒 If you install fastapi[all], just upgrade to 0.109.1 🤓 You can read more in the security advisory:

There's some new #Python syntax being debated in PEP 736 – Shorthand syntax for keyword arguments at invocation What do you think?

GitLab CVE-2023-7028 POC user[email][]=valid@email.com&user[email][]=attacker@email.com - PWNED

buralar değerlenecek @njord_rs https://t.co/jh4hL6MgcD