Every critical I find in major corp has been through the most obscure feature that is annoying as hell to setup. It never ceases to give.

Hacking with AI recently has been fun. Here is couple of things I did recently:. - Parsed multiple JS files within seconds after identifying a target domain. Used the parsing data to find a critical vulnerability. - For a different program, used mixture of redress, radare2 and.

getting ready to hack and send criticals

We are doing #VibeSecurityForAI. If you are an AI startup (pre-seed or seed ) we will test your application for free. We are doing this only for next two weeks. We are hackers who have hacked major companies like Zoom, AWS, Amazon, Google, banks and more. DM me or contact us.

Presenting on some fun stuff with @OphionSecurity this year at @_kernelcon_ and @bsidesseattle. Come for the talk, stay for the vulnerabilities. #vulnerabilities #bugbounty #attacksurfacemanagement

Been trying out Cursor for the last few days with prompts generated through deep research via ChatGPT and Grok, it is definitely a game changer. I have deployed apps that I have wanted personally within hours. ◦ AI aided development is future. ◦ Security is still.

RT @polygonben: 🚨 New blog alert!. I recently "compromised" a threat actors Telegram based C2 channel, that was used for exfiltration of st….

I reached level 10 in Taptastic! 🎮. Final speed: Super Fast.Tiles: 9. The pattern that defeated me: 🟥 🟨 🟨 🟥 🟦 🟦 🟦 🟥 🟨 🟩 🟨. Can you beat my score? #Taptastic.

Vibe coded so much: I did not even write a single piece of code. It did all the heavy lifting.

Vibe coded a security script to open source for a future talk. I love AI. #security #GenAI #LLMs.

RT @xyz3va: update! @cursor_ai is donating me $50,000 USD for my efforts with the todesktop vulnerability.

RT @hackerfantastic: North Korea stole $1.4billion by injecting JavaScript through an AWS S3 bucket to spoof the UI interface during a tran….

Announcing: Ask Us Anything Security - A free security advisory for startups. Security often gets pushed to the back burner at startups until something breaks or a big deal requires it. But what if you could get expert security guidance without the overhead?. At Ophion Security,.

I will be attending @CactusCon this weekend! I will have some stickers, and swags dropping around the con area. #cactuscon13

We found a vulnerability in Cisco's Webex Connect giving access to live chat histories of every organizations from government agencies to fortune 500. Check it out: #vulnerabilitydisclosure #cisco #attacksurfacemanagement.

Complete your security reviews faster while building your product. Contact us today to learn more.

Getting access to thousands of customers' chat history with support agents with just a cookie. Learn more on blog one of two from our Live Chat security research at @OphionSecurity. #livechat #vulnerabilitydisclosure.

At the rate “AI code editors” have popped, I wanna see these code editors writing code for new code editors startups.