@rez0__ Back in 2018, I remember investigated Monerominer script consuming a large amount of resources on a VPS. I followed a series of ps aux and pgrep commands to identify the script's name and location. At that time, the VPS was running SSH and a web application built with Node.js.
Had an amazing time solving the Mobile App CTF challenge by https://t.co/Ir3YH9wRix at BlackHat MEA!🚀
Big thanks to @JordiVenta for organizing this fantastic experience.
Build38 specializes in securing mobile code against reverse engineering & tampering.
https://t.co/vx7xuy2fAU
Truly enjoyed @FilipiPires session at #BlackHatMEA on 'Horusec: Keeping Your Code Safe During the Development Path' A valuable discussion on integrating security into the development lifecycle!"
Just discovered a mobile app using OpenAI for customer support with its API key exposed in a config file! 😬 Double-checked via Colab, and it's confirmed.
How do you secure your AI integrations? Share your experience!
#CyberSecurity#AI
🔥💀 Here is the "Real" writeup and exploit for the
pre-auth deserialization RCE I reported to Ivanti
CVE-2024-29847
Apparently, folks at horizon3 tried to write about my bug before me but they did it wrong
https://t.co/Df8lIDYNRH