All the code is on github :)

Behold ZK-AntiCheat real time, privacy preserving proof of play 👀

Nerds reaction if someone does ransomware: "whoa whoa whoa based" Nerds reaction if someone cheats in multiplayer video games: "fuck you, you're a piece of shit"

It was awesome hacking with yall! Thanks to the wonderful zkhack team for organizing such a great event.

Nice write-up on hacking a credit card terminal: https://t.co/xGnDNto3tS Would have been nice to take it to the next level and looked into that "secure OS" tho 🤠

🚨🚨🚨We just broke everyone’s favorite CTF PoW🚨🚨🚨 Our teammate managed to achieve a 20x SPEEDUP on kctf pow through AVX512 on Zen 5. Full details here: https://t.co/aCIU220IBf The Sloth VDF is dead😵 This is why kernelCTF no longer has PoW!

OAuth Client Confusion is an easy-to-overlook vulnerability that can lead to account takeovers. If an app doesn’t verify that an Access Token was generated for its specific Client ID, an attacker can hijack accounts. Here’s how it works:

One of my favorite traits in programmers is a love for writing lots of code AND an equal love for deleting it. A willingness to build elaborate prototypes and throw them away to rebuild better is a marker of greatness IMO.

🔥 Microsoft fixed a high severity data exfiltration exploit chain in Copilot that I reported earlier this year. It was possible for a phishing mail to steal PII via prompt injection, including the contents of entire emails and other documents. The demonstrated exploit chain

almost 1 year later and here we are

Remember everyone. C is a safe language. Just be sure you don't write any bugs in your code like checking to see if an integer is going to overflow...🤦

The state of AI security reminds me of the early web security days :) #thefutureisbright #infosec