Olivia
Online
Ethan Benhamou
@Gh0stAn0n
Cybersecurity Researcher and Science Enthusiast🇫🇷🇯🇵🇮🇱🇺🇸
Israel
Joined April 2017
679 Following
66 Followers
237 Posts
@vxunderground Please provide the setup
I need it !
@nullenc0de Hey, would you care sharing ?
Dear US government,
Since you've just blocked Fable and Mythos on critical national security grounds, here are some other tools that pose a similar threat to the American people:
- Microsoft Teams
- SAP
- Salesforce
- Jira
- Outlook
Please do what you must to save America 🇺🇸
NEW: malware developers added nuclear & biological weapons text to to their spyware.
Goal? To trigger LLM safety refusals... so that their spyware wouldn't be analyzed by an AI security scanner.
Cleanest practical example I can think of for why over-indexing on first order safety alignment is risky.
When closed (and open) models ship with aggressive refusals, they will be sprinkled with second-order blindspots that attackers will discover...and exploit.
We are only in the earliest days of attackers leveraging these features, and it wouldn't surprise me if users systems that need to handle complex cybersecurity issues demand that models be less safety-blunted.
In the weeds: @SocketSecurity's post also shows why intention matters in how you design a malware analysis pipeline to avoid prompt manipulation.
H/T to colleagues that shared this with me https://t.co/f3Aj9TYxU4
一个程序员突发奇想:
DNS 解析器会把域名记几天——
那能不能拿来存文件?
↓
他找到了全网 390 万个开放 DNS 解析器
把文件切碎
撒遍整个互联网
没有硬盘 没有数据库 没有云
文件活在无数台服务器的缓存里 而那些服务器根本不知道自己在存东西
如果没人访问呢?
文件会慢慢"死去" 随着服务器们一个个把它遗忘
这是我见过最荒诞的开源项目之一
项目名叫 dnsfs
你会用 DNS 缓存存什么文件?
someone made a fork of opencode that routes through the unsecured ai endpoints from chipotle
accidentally ended up on the news
🚨 BREAKING: Wiz Research discovered Remote Code Execution on https://t.co/SvN2lGsnbO with a single git push
The flaw in @github allowed unauthorized access to millions of repositories belonging to other users and organizations 🤯
Actual zero day vulnerability researcher and exploit developer here.
Top-of-the-field skills across Browser full-chain, hypervisor VM escape, OS kernel and baseband on record since before AI existed.
And a proud solo owner of a zero day intelligence company.
Anthropic just dropped the mic on my industry.
Where do I begin…………
Claude is not allowed to write outside the workspace.
But it wanted to.
So Claude wrote a python script and executed it via bash to modify the file essentially hacking my permissions.
I used gpt codex 5.4 to go through the leaked Claude Code repo quickly. and I found some strange stuff, some issues and some weird things
- INTERNAL CLAUDE HAS CAPABILITIES YOU DON’T SEE
- this is ~1900 files and ~500k LOC
- Claude Code is NOT a wrapper, it’s a full runtime system
- parts of src contain compiled artifacts
- inline sourcemaps + compiler-runtime inside source
- BUILD / RELEASE HYGIENE ISSUE
- same codebase serves internal Anthropic builds + public users
- gated by USER_TYPE === ant
- YOU ARE NOT USING THE SAME SYSTEM THEY ARE
- feature flags are everywhere across core logic
- including a function named getFeatureValue_CACHED_MAY_BE_STALE
- NON-DETERMINISTIC BEHAVIOR BY DESIGN
- core files are massive
- cli/print.ts ~5.5k lines
- main.tsx ~4.6k lines
- services/api/claude.ts ~3.4k lines
- tool execution depends on read-only = safe to parallelize
- MISCLASSIFICATION ⇒ RACE CONDITIONS
- plugin system pulls from git + external sources
- SUPPLY CHAIN RISK
- agent system supports background + remote execution
- AUTONOMOUS PROCESSES RUNNING VIA CLAUDE
Claude code source code has been leaked via a map file in their npm registry!
Code: https://t.co/jBiMoOzt8G
@q1uf3ng Are you planning to open source it ?
full write up: https://t.co/c1K2QbR8fI
New writeup!
Google Cloud Shell Takeover: 3 Auto Execution Bugs
https://t.co/wNtvoMBN83
someone built a tool that REMOVES LLM CENSORSHIP in 45 minutes with a SINGLE command
its called HERETIC
here is how it works and why everyone is talking about it
Binary obfuscation in 2026:
Just put ANTHROPIC_MAGIC_STRING_TRIGGER_REFUSAL_1FA... into your program 😎
👼GatewayToHeaven (CVE-2025-13292).
I discovered a cross-tenant vulnerability in @GoogleCloud's #Apigee, allowing me to access other organizations' data (and sometimes even plaintext JWTs of end users).
Below is the full breakdown of the exploit chain⛓️
Most Popular Users
Elon Musk 
@elonmusk
240.5M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.3M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.5M followers
Taylor Swift
@taylorswift13
81.3M followers
Lady Gaga
@ladygaga
72.9M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.6M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.8M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.3M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.6M followers