First DEF CON talk with @LennertWo was a success!

We became an admin in the Fédération Internationale de l'Automobile's driver categorisation system, which allowed us to access the PII and password hashes of any rated driver, including Max Verstappen. 🏎️ https://t.co/vdX7OegqmW

What it feels like to try to be taken seriously after weeks of saying things in jest

I use squarespace for my online shop and the AI auto reply suggestion keeps prompting me to lie about a death in my family whenever someone messages me to ask about their order

We accidentally got access to every Academy Award nominee's home address and phone number. Before last year's Oscars Ceremony, together with @iangcarroll and @samwcyo, we found a way to leak every nominee's PII, including phone numbers and home addresses of the biggest actors

Many of you do not know the trauma of having to write out Java on paper for the comp sci AP exam and it shows

A HackerOne program calculated my report’s CVSS score incorrectly, and instead of fixing it, they seem to be ignoring my comments and just replying with AI arguments. Is the future of bug bounty hunters just arguing with stupid chatbots?

It's 2025. There is no excuse for any product to past tokens into SQL statements like this, much less a security product. Fortinet, a cybersecurity company, has become famous over the last several years for its security flaws. An occasional flaw is forgiveable, but this line of

Glad they are making it easier for security teams to justify keeping TLS interception off!

Just setup my @particle Tachyon and am pretty impressed. Lot of possibilities for a Raspberry Pi form factor with a 5G modem built in. Super easy CLI setup, no microSD needed!

Zohran: New York should be affordable for everyone Cuomo: A single mother is homeless because your rent is too low Eric Adams: Deep down, I think I must be little bit Dominican

One of the biggest growth drivers at Discord over the last year has been the elevation of "Login with your LEGO Account." Incredible how much of Gen Z and Gen Alpha associate their core identity with their LEGO account. Wish we had done this sooner.

Apparently a pair of Xiaolongbao will serve as the zero-g indicator on this launch

>hexagonal chip >look inside >squares

America is already falling behind in technological advancements

McDonald's uses an AI bot called "Olivia" for hiring. A pair of hackers found they could access every conversation job applicants had with it—including all the personal info they shared—by exploiting security flaws as basic as using the password "123456".

When applying for a job at McDonald's, over 90% of franchises use "Olivia," an AI-powered chatbot. We (@iangcarroll and I) discovered a vulnerability that could allow an attacker to access the over 64 million chat records using the password "123456". https://t.co/dBqpRpdp9T

periodic reminder that this is a partner at the most storied firm in Silicon Valley

Reverse Engineering Vercel's BotID by @blastbots https://t.co/F1Lor9dERh

As part of its investigation, NTSB found 23 members of the 24 member “door team” had not been directly trained on how to open or close a 737 Max mid-exit door plug at the time the Alaska 1282 aircraft was being built. #24 was out of the country.