Olivia
Online
AppSec Charlie
@AppSecCharlie
application security person with an interest in music, AI, and digital art
Joined September 2019
49 Following
3 Followers
11 Posts
welcome to the future #chatgpt5
🚀@github can now leverage @MSFTCopilot to auto-magically fix your code if there are any breaking changes introduced by a @dependabot update.
only supports #typescript for now but this will be huge
https://t.co/muvGd06QlW
#appsec #cybersecurity #githubuniverse2024
@KDCoder here, have 27 update PRs, you're welcome 😂
very interesting conversation from @lexfridman and the @cursor_ai team about the tools we use to write code, how to best incorporate AI, and the future of programming more generally.
https://t.co/v1D9or7he5
#AI #githubcopilot #vscode
* Unauthenticated RCE vs all GNU/Linux systems (plus others) disclosed 3 weeks ago.
* Full disclosure happening in less than 2 weeks (as agreed with devs).
* Still no CVE assigned (there should be at least 3, possibly 4, ideally 6).
* Still no working fix.
* Canonical, RedHat and others have confirmed the severity, a 9.9, check screenshot.
* Devs are still arguing about whether or not some of the issues have a security impact.
I've spent the last 3 weeks of my sabbatical working full time on this research, reporting, coordination and so on with the sole purpose of helping and pretty much only got patronized because the devs just can't accept that their code is crap - responsible disclosure: no more.
This is a wake up reminder that you shouldn’t have an internet connected privileged binary running on your production systems. What was a bad update could have easily been a massive adversary backdoor. A third party vendor will always be the weakest link. Isolate critical systems
if you're sourcing scripts from https://t.co/fB0F2aZzd0, don't
@Jr0dR87 Users can make themselves admin, password likely stored in plaintext, no validation on username/password (not checking for malicious input or that they meet requirements like password complexity). All running in debug mode so attackers get nice helpful error messages
@github build stuff, a lot. reading all the books and taking all the courses are useless if you don't practice solving real problems.
here's #PrintListener.. in example #1434 of why audio hackers are doing the most interesting work, how about using the sound of your finger on a touchscreen to reconstruct your fingerprint and bypass biometrics?
https://t.co/iS1Wt4Sbr6
#hacking #biometrics #cybersecurity
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers